Compliance

Keeping Up with FINRA & SEC Compliance Trends


by Marianna Shafir

With FINRA and the SEC being forced to adapt to broadening channels of communications, firms and advisors need to re-examine their own communications governance policies to avoid heavy fines and sanctions.

In a regulatory first, the SEC recently fined a pair of roboadvisors $250,000 for not preserving copies of their tweets related to recommendations. On the state level, the State of Massachusetts fined a broker-dealer firm $100,000 for mishandling client information held within third-party CRM software. 
There a many other cases of penalties for non-compliance. While 41% of recent FINRA enforcement decisions were based on email communications over the past 12 months, that left 59% of enforcement decisions related to non-email communications such as text messages, client relationship management (CRM) software, video conferencing, social media and cloud storage.

With continued FINRA enforcement reorganization and the SEC adopting new rules to prevent broker conflicts, firms must ensure they are keeping up with these latest trends. Today’s social and collaborative technologies are dynamic, context-sensitive, and multi-dimensional. A conversation may start through social media or instant messaging, move to email and then jump to SMS text messaging—and all could be further contextualized with emojis. None of these active or interactive elements translate well into a static review environment. Too many solutions flatten this content into email for archive and review, which loses important metadata and critical context.



The open and response rates for text messages are as high as 98% and 45%, respectively, while the corresponding open and response rates for emails are just 20% and 6%, according to Gartner. Clearly, business communications have been migrating away from email in recent years due to the growing percentage of younger Millennial and Gen Z employees who are joining the workforce. Younger customers are also asking financial reps to do business through these newer communication channels.

Gen Z customers may not even have an email account and may want to engage on an encrypted app or by chatting. Also, advisor-client relationships develop organically and may spread across multiple channels. Too often, firms are supervising channels they think their reps are using, as opposed to what the reps are really using. This gap in supervision can put firms at serious risk.

Taking Steps to Deploy RegTech Protections

FINRA has ramped up its approval for the use of regulatory technologies known as RegTech, which can capture messages across multiple channels and allow them to be monitored and reviewed in their native formats. FINRA’s whitepaper is a helpful report outlining RegTech developments within the securities industry. FINRA emphasizes the need to deploy surveillance and monitoring tools to help facilitate compliance. This year’s report concludes that new RegTech tools could transform compliance. Reviewing your firm’s communication practices is a great first step to understanding where your risks are, even before you implement a RegTech solution. Policies and practices should regularly evolve over time to cover all the new ways that reps are communicating with clients.

Even after implementing RegTech, it’s important to recognize that technology should never replace your lexicon. Rather, the technology should be implemented to automate all those written tasks and rules within the lexicon.

Remember, despite these advances, it’s still the firm’s responsibility to monitor compliance even when they adopt new RegTech systems. These tools are meant to enhance your supervision process, but you can’t rely solely on those tools. Human oversight and supervision of these technologies becomes equally important.

Marianna Shafir is Corporate Counsel and Regulatory Advisor at Smarsh.