Social Media Compliance For RIA Firms

RIA Firm Compliance

Today, every RIA firm’s compliance manual should include a Social Media policy. As a Financial Advisor

Social Media offers a great way to grow your brand and increase your client base. However, even if your

firm chooses not to use Social Media (Blog, Facebook, etc.) as a medium to interact with clients and the

public, it is still necessary to have a Social Media policy in place because of the wide spread and ever

expanding usage of Social Media channels. The SEC looks at an Investment Advisory firm’s Policy and

Procedures manual as the backbone of a firm’s compliance responsibility. Not having a Social Media

policy in place opens your firm up to scrutiny and potential fines from regulators. Even though the

language around Social Media compliance is and has been very vague it is still extremely important to

have a Social Media policy in place that leverages technology that can monitor, archive and track the

usage of social media. This will also show that your firm is open and transparent to regulators and can

have any information requested by them at any time.

Advisory firms need to look at their Social Media Compliance Policy as not just part of their policies and

procedures but also part of their managing the risk that comes with growth as well as complacency.

Social Media is here to stay, embracing it and using it as a tool that is monitored can be a very useful

tool in tracking business activity and correspondence that is or is not working.

Social Media Compliance

When one looks at how the SEC has handled advertising in relation to a firm’s website, one will see that

they have adopted a very strict policy (Rule 206(4)-1). Because of this, one can only expect the same to

eventually be true with Social Media avenues. This is why it is extremely important for a firm to be

overly cautious during these uncertain times. A good example in being overly cautious would be

discouraging individuals from promoting and giving testimonials through Social Media even though your

clients and friends are free to say what they want, this a overabundance of testimonials could be looked

at as “prohibited testimonials” under the federal securities laws.

A good rule of thumb on handling Social Media compliance during this time of uncertainty would be to

adhere to the existing rules in place for advertising restrictions. By doing this you will show regulators

(State and Federal) that your firm is doing what it can to be as transparent as possible. The firm’s Chief

Compliance Officer (CCO) should look at social Media just as they would an advertisement in a

traditional medium such as a flyer or a magazine. This means they should adhere to a policy of reviewing

all correspondence and approve it prior to distribution on Social Media. The CCO if not technically

proficient themselves should have someone on staff or on retainer who is experienced and has the

knowledge of electronic communication channels, the tools used in monitoring them, the tools used in

archiving them as well as being able to gather any and all of this information at a moments notice.

5 areas that should be addressed within a Social Media Policy are as follows:

1. Policies and procedures around Social Media

2. Archiving of all email and Social Media correspondence

3. Third party Posts, Solicitations and Testimonials

4. Supervised persons use of Social Media channels

5. Enforcement and Disciplinary actions

In conclusion

It’s important to have a customized Social Media policy that specifically references your firm and the

Policies and procedures it has adopted around Social Media. Every individual associated with the firm

should have received and signed a Social Media Policies and Procedures document. Ongoing monitoring

of Social Media is the responsibility of the company’s CCO. All archived communications need to be

retained for a minimum of 5 years and also needs to be readily accessible to the CCO for that period of

time or longer. The CCO then decides what the best course of action should be. It could be as simple as

running a random query once a month to look for violations or very specific queries if you feel there is a

violation of the firms Policies and Procedures manual by certain individuals.

Written by: Edward Romanowsky,  Sr. Compliance Consultant at AuroraCompliance.Solutions