Skip to content

Financial Services Exam Priorities: Hearsay Compliance Shares What to Expect in 2021

In keeping with annual tradition, the US Financial Industry Regulators have published their respective Examination Priorities for 2021 (See SEC, FINRA, NAIC, OCC). Not surprisingly, they share a number of overlaps, with the pandemic and the implications of a potential continuation of remote work playing a large role across the board. Regulators continue to examine how financial services firms interact with their audiences, in order to ensure a responsible approach  geared towards fair and balanced outcomes.

Although they’ve clearly outlined specific activities they view as counter to fair and balanced outcomes, it is clear that regulators are moving more towards principles-based enforcement. The perennial reminder to include appropriate disclosures, robust supervision regimes, and consistent books and records is, of course, restated within these priorities letters. However, an important call-out is that the regulators are becoming more explicit with regards to checking for non-monitored activities, in the spirit of refocusing towards outcome-based priorities.  

FINRA, in particular, has expressed the most explicit requirements around proactive monitoring for communications with the public. Not only are member firms required to monitor unapproved channels, they’re also required to stay abreast of new tools, features and channels, and must ensure their policies are up-to-date with regards to what’s permissible on existing and future channels. 

Not all firms are required to adhere to FINRA’s strict requirements; however in our view, this is a critical development, as firms have historically been able to remain confident that a policy-based prohibition on certain communications channels was sufficient for regulators. As the regulatory environment progresses, firms should review their policies and procedures to expand their prohibition policies. Ideally, firms should update their electronic communications surveillance systems to monitor for “channel-hopping” (moving from monitored to non-monitored channels, e.g. email to text), and include robust testing procedures to establish a reasonable basis for disproving channel-hopping.

For assistance updating your policies and procedures, or preparing for upcoming regulatory audits, don’t hesitate to reach out to Hearsay’s in-house Compliance practice, or your sales representative.

Are You Ready? FCA Restatement Puts UK Social Media Programmes on Alert

The FCA recently published guidance reiterating a long-standing mandate of the regulator: the onus is on FCA-regulated organisations to monitor employee behaviour for bad actors. Therefore, even if conduct isn’t tied to a specific rule, poor behaviour that results in someone getting harmed will see the FCA take action.

For firms doing business in the United Kingdom, it’s time to ask whether you are sufficiently prepared for the restatement of this mandate. Essentially, the FCA is putting those firms on notice that certain activities that pertain to conduct—including communications across social networks—will now be under greater scrutiny. 

In conjunction with the Senior Managers and Certification Regime (“SMCR”), which makes senior management accountable, the FCA’s restatement puts further responsibility on leadership to ensure their employees are acting in a way that is consistent with their policies.  

To proactively manage this risk, forward-looking programmes should review their compliance and supervision policies and procedures to ensure that they account for the FCA’s guidance, and that the four pillars of a robust compliance programme are fit-for-purpose.

Anyone involved in a client engagement programme (marketing, compliance, sales) can utilise the questions below to assess the readiness of their existing programme.

  • Policies
    • Have you outlined acceptable behaviour as it relates to electronic communications?
    • Have you defined which channels (SMS, social media, instant messaging) are permitted, and by whom?
    • Do you have a procedure in place to periodically review and update your policies as needed?
    • Is your senior leadership involved in the sign-off of those policies?
  • Content
    • Do you have controls in place to ensure you’re distributing only fair and balanced (not misleading) content?
    • Do you have a way to monitor for recommendations that may not be appropriate for either content or audience?
    • Have you held training sessions with your employees on policies, including recording attendance?
  • Supervision
    • Have you assessed your pre-approval and post-approval breakdown of financial promotions to ensure appropriateness for your business model?
    • Do you have lexicons in place that block or flag problematic content?
    • Are there people in the approval workflow with the requisite training and/or experience?
    • Does your Senior Management have sufficient insight into your electronic communication regime, including social media or text messaging, to satisfy their Duty of Responsibility under SMCR?
  • Archiving
    • Are you capturing all of your social media posts, profiles, and audit trails for each step during the approval workflow?
    • Are they being stored in a way that is consistent with the applicable regulations (e.g. durable media for MiFID-related communications)?
    • Do you have a way to reliably and quickly retrieve these records in the event that you need them?

While these are not the only questions that a Senior Manager should ask, they can lay the groundwork for an internal dialogue that reassesses your response preparedness. All firms should strive to understand the implications of this restatement, and enforce effective policies and procedures as part of their ongoing oversight. 

Stop the insanity! What financial services firms can learn from the GameStop frenzy

Accessing—and acting upon—financial advice seen on social media platforms is nothing new. But not until the recent trading frenzy around GameStop has this new reality come under sharp scrutiny. After retail investors on a Reddit discussion board drove an astronomical increase in stock value, GameStop stock is now sharply falling. The resulting volatility has led to a market valuation swing of over $30 billion for the company in just this year.

The potential for outsized risk and high-stakes consequences resulting from crowdsourced actions born on social media platforms has never been more apparent. And while the reputation risk for firms that must oversee advisors’ social media behavior has always been a concern, the legal risk is real as well.

To protect themselves and their advisors on social media, financial services firms can implement three key steps:

  1. Communicate a clear social media strategy for personnel. This should include how and what channels they can use, the content they can publish—including which original content or corporate-provided content they may modify—and what supervision process they need to undergo. Additionally, the policy should address firm expectations pertaining to the use of social media during non-business hours, any prohibited use-cases, and include the repercussions of not abiding by the policy.
  1. Employ automated supervision workflows to review advisor-created content prior to posting. This can be made more efficient by using a tool like Hearsay, which surfaces and remediates sensitive communications via an AI-powered alert system, so that supervisors can focus on high-risk violations. 
  1. Test adherence to the policy. In addition to having advisors attest to their understanding and adherence to the social media policy, firms should implement a program to test that social media usage aligns with the policy.

One takeaway from the past few weeks is that there continues to be a huge desire for financial advisors and their clients to connect and communicate using social media. At Hearsay, we saw a 24% increase in advisors actively using social media across our platform in 2020 vs. 2019. And a 2020 advisor survey by Putnam Investments found that 9 in 10 advisors say that not only has social media changed the nature of client relationships during the pandemic, but that this change is here to stay. Given the potential impact to an organization’s reputation and the viral nature of this medium, firms need to establish and secure proper guardrails in order to support and enhance the connections enabled by social media, while minimizing the risks.

A Closer Look at the SEC’s New Marketing Rule

On December 22nd, 2020, the SEC finalized the Modernized Marketing Rule, culminating a monumental shift in the way they will view advertisements and solicitations by investment advisers going forward. This landmark update – referred to simply as the “Marketing Rule” aims to create a more evergreen, consolidated set of guidelines for anyone subject to the SEC’s jurisdiction.  

The Marketing Rule combines the Advertising Rule and the Solicitation Rule, which have been in existence since 1961 and 1979, respectively.  Since then, most of the updates to the interpretation of these rules have been made through “No-Action” letters. In finalizing the Marketing Rule, the SEC has set up a framework by which it will mostly supersede preceding guidelines to create a more comprehensive rule that includes updates to many of the interpretations to align with more modern, digital practices.

The new rule – aimed at simplifying and harmonizing guidelines – provides a unified solicitation and advertisement rule under a single regulatory framework. The finalized Marketing rule is expansive, but we’ve distilled it down to four of the most salient updates for programs and the potential implications for client engagement going forward 

  • The SEC aims to offer a clearer, and wider, definition of what constitutes an “advertisement,” thus allowing for a better understanding of what the rule covers.  The rule also includes exceptions for certain types of communications, which provides some relief for compliance professionals. This means more communications will fall under the definition of “advertisement”, and firms will need to adjust the way they supervise to accommodate a more nimble, yet broader approach.
  • Testimonials and endorsements will be allowed subject to certain conditions and disclosure requirements. While this is a step in the right direction, the restrictions placed around how testimonials and endorsements are presented will present challenges in implementation. For many firms, this is a long awaited development, but ensuring clear/prominent placement of the disclosures will probably be problematic.
  • The revised rule provides guidance on performance presentations, specifically updates around the use of gross/net of fees performance and “non-standard” performance (related, extracted, hypothetical, and predecessor performance). Most firms have historically stayed away from posting this type of performance in a public-facing setting, but the new rule provides a path forward for those that stay within the (considerable) boundaries.  
  • Lastly, the rule updates and modernizes record keeping mandates and Form ADV requirements to provide clients with better access to an advisor’s data. This will mean an Adviser will be subject to more intelligent broad-reaching scrutiny during SEC audits, further underscoring the need to prioritize their adherence to the applicable rules and regulations.

This is an important and much-needed step forward that will modernize how the financial industry approaches its marketing activities. While the SEC has provided firms ample runway to conform, it’s critical that firms start to assess the implications now to stay ahead of the curve. We can help – Hearsay’s Compliance Advisory Practice helps firms deliver against regulatory changes like the Marketing Rule. Our experienced team of compliance practitioners can help evaluate the rule, consult on the path forward and develop plans to optimize an approach. 

Learn more about our Hearsay Compliance Advisory Services and stay tuned for more insights as we dig deeper into the SEC’s new Marketing Rule.