Skip to content

The OCIE Electronic Messaging Risk Alert (and How Hearsay Can Help)

Happy New Year! The SEC would like you to include updating your advisor electronic messaging compliance policy in your resolutions so 2019 is the year of execution.
In 2018, the Office of Compliance Inspections and Examinations (OCIE) increased the total number of examinations by 10% compared to 2017. We believe the number of examinations will continue to increase in 2019 as mentioned by Hearsay Chief Business Officer, Donna Prlich, a few days after the release of the OCIE’s fifth and final risk alert of 2018.
The focus of the alert was to “remind advisers of their obligations when their personnel use electronic messaging” AND to “help advisers improve their systems, policies, and procedure [related to electronic messaging].
The OCIE highlighted that the increase of use and the number of changes in the way “mobile and personally owned devices are used pose challenges for advisers in meeting their obligations under the Books and Records Rule and the Compliance Rule.”

Advisers Act – A Quick Refresher

The Advisers Act “Books and Records Rule” Rule 204-2 requires advisers to make and retain records relating to their investment advisory business. This includes “originals of all written communications received and copies of all written communications sent” relating to

(i) any recommendations and advice made or proposed,

(ii) receipt, disbursement, or delivery of funds,

(iii) purchasing or selling a security, or

(iv) the performance of a managed account or securities recommendation,” subject to certain limited exceptions.

The Advisers Act “Compliance Rule” Rule 206(4) requires advisers to “adopt and implement written policies and procedures reasonably designed to prevent violations of the Advisers Act.”

Highlights from OCIE’s Dec 2018 Risk Alert (and how Hearsay may be able to help)

The Examination Observation: 
Specifically prohibit business use of apps that can be misused by allowing an employee to:

(i) send messages anonymously,

(ii) automatically destroy messages, or

(iii) prohibit third-party viewing.

How Hearsay Can Help: 
Hearsay Relate allows teams to monitor, archive, and access the complete text conversation using the tool’s built-in supervision functionality.
The Examination Observation: 
If advisers [financial firms] permit the use of personally owned mobile devices for business purposes, they must adopt and implement policies addressing use with respect to, social media, instant messaging, texting, and information security.
How Hearsay Can Help:
Hearsay’s solutions are deployed at over 150 financial services firms and used by over 150,000 advisors. Our Customer Success team will guide your organization through the strategies, processes and best practices necessary for successfully implementing a compliant text messaging program.
You may also find this Guide to Creating a Compliant Texting Policy useful.
The Examination Observation:
For advisers [financial firms] that permit the use of social media, personal email, or personal websites for business purposes, contract with software vendors to:

(i) monitor the social media posts, emails, or websites,

(ii) archive such business communications to ensure compliance with record retention rules, and

(iii) ensure the capability to identify any changes to content and compare postings to a lexicon of keywords and phrases.

How Hearsay Can Help:
Hearsay provides a comprehensive, built-in compliance solution that enables firms to monitor, supervise and comply with policies and industry regulations including FINRA, SEC, FFIEC, IIROC, FCA and MiFID II requirements. Our patented solutions include record keeping and universal supervision across all advisor social media, text messaging and local website activity, enabling organizations to easily and cost-effectively comply with these (and more) complex regulatory requirements.
OCIE has encouraged advisers to review risks, practices, policies, and procedures regarding electronic messaging and to consider improvements to their compliance that would help comply with their regulatory requirements.
The sooner you revisit/create your policy relating to texting the better. Check out this Guide to Creating a Compliant Texting Policy to get started.
We anticipate this Security Alert is just scratching the surface when it comes to the SEC and FINRA evaluating compliant texting and social media policies and practices. Reach out to the Hearsay team with any questions or comments.

Deep Kingra

Deep Kingra is a member of the Hearsay Systems Customer Success team. In his current role, he partners with Hearsay’s strategic accounts on social media program enablement. He brings an analytical and consultative approach to drive measurable business results and overall program success. Deep earned his J.D. from Cardozo School of Law.

Visit the Resource Center

Download White Paper, Infographics, Industry Reports and More…

Visit Resources