Tag Archives: Regulatory Notice

If I “Watch” it, is it an endorsement?

By Joanna Belbey,   September 26, 2011

Facebook introduced “Gestures” this week, modifying it’s “Like” button to something more neutral such as “Watched”, “Listened” and “Read”. This was done based on recent research by Facebook that revealed that users, particularly teenagers, hesitate using the “Like” button as they view it as an endorsement.

However, teenagers aren’t the only ones concerned by the “Like” button.

As Financial Services firms begin to draft their social media policies, many have been considering blocking the use of the “Like” button on Facebook and LinkedIn, or Retweeting on Twitter, for exactly the same reason: they want to avoid the appearance of endorsing a third party.

In fact, this has been the topic of many lively conversations during the Social Media Compliance Workshops we’ve conducted across the country (more on that soon). Compliance professionals worry about the risk of the appearance of endorsements and marketing professionals bemoan that blocking those features run counter to the conversational nature of social media.

Recent guidance from FINRA, including Regulatory Notices 10-06 and 11-39 and the earlier 07-59, Guide to the Web for Registered Representatives, has clearly warned that content from third parties may be attributed to their firm it it’s been “explicitly or implicitly endorsed or approved” (or per the SEC, has been “adopted” or become “entangled”).

And for Financial Services firms, that means that they would be responsible for that content as if it were its own. All of which means additional record keeping, oversight and supervision of the appropriateness of the content and retention of communications. Bottom line: the perception of endorsements mean additional risk, something that firms would like to avoid, especially in the beginning stages of using social media.

Therefore, for now, firms are shying away from anything that feels like an endorsement and they are blocking that “Like” button”. But, with the introduction of Gestures, will firms allow now the use of more generic terms like “Watched” or the equivalent when they are released?

So what’s your view – and your corresponding attitude to risk?  Is Watched ok or a gesture too far?

FINRA 11-39: Applause, Missing Pieces, and Users

By Sarah Carter,   August 25, 2011

In the week that “retweeted” was officially added to the Oxford English Dictionary, after only two years of use, FINRA beats the retweet and issues new guidelines on social media, just 18 months after 10-06 hit our doorsteps, and “So, what do you read into 11-39?” is the question on the tip of everyone’s tongue.

As expected, a few points are clarified; the latest guidance has become more prescriptive in some areas and less so in others.  (Puzzled looks abound, I’m sure.)  If you’d rather hear more about this, than to continue reading, please join me on a webinar Wednesday, August 31st at 10am EST and I’ll explain.

I’ll start with the missing pieces of 11-39

What’s missing is the specific reference to individual social networking sites (I bet that’s not what you were expecting).  And for this, I applaud FINRA.  Examples were given in 10-06 – Facebook was mentioned twice (OK, three times if you look at the endnotes), Twitter four times, and LinkedIn just the once.   Interesting that, in the conversations I’ve had with wealth management firms and wire houses, it’s LinkedIn that is the network of choice.

Why my applause though?  Good job, FINRA, I say, because you’ve recognized that this world moves very quickly.  Three months ago, YouTube was the fastest growing social network.  Then it was Google+.  And now, as Google+’s new member growth falls by 30% a day to 700,000, we’re not sure anymore.  That said, LinkedIn has added 20 million new profiles since its IPO in May and now boasts 120 million profiles.  Equally, since January 1, 2011, we’ve tracked 938 changes across Facebook, LinkedIn, and Twitter (yes, really!).

Good job, FINRA, because you’ve recognized that loyalty in our social world is somewhat limited.  And, that just because Facebook, LinkedIn, and Twitter are today’s Holy Trinity of social, it doesn’t necessarily mean that they will be tomorrow.

What else is good?

It’s also good to see clarification on business versus personal commentary – this reinforces what we’ve been saying for some time, that “the regulator is interested in the communications related to the business and when the individual is representing the business” – the advice we have been giving since January 2010, is NOT to go against the Facebook rules (for instance) and set up two profiles, but take advantage of Facebook giving you the ability to set up a profile for personal use and a page for professional use, because contrary to a lot of public opinion, you CAN do this – as a businessperson, you can set up a specific page for your business use (drop me a note if you want step-by-step instructions).  The SEC itself has stated that the content of an electronic communications determines whether it should be preserved.  Just like the FSA out of the UK does.  It doesn’t matter about the modality.

I do believe that, as an industry, we are perhaps being somewhat short-sighted by thinking that you can absolutely separate  personal from business communications in the social world.  I think the lines will continue to blur (increasingly so) as we become more accustomed to social.  I do believe we’ll see more guidance on this as time goes on.

What else is new? 

A proposed social media site must be approved in the “form in which it will be launched.”  FINRA is talking here about the launch of new social media sites.  So, if you’re launching a new design, a new Twitter feed, for instance, then the graphics that you’re using, the imagery, and the actual site – the “wireframes” in design parlance – need to be part of the approvals process.  Third Party Data Feeds are referenced also.  FINRA reminds us that the firm is responsible for checking the proficiency of the vendor of the data and its ability to provide accurate data – and it must regularly review for red flags.

Don’t Delete!

In reaction perhaps to the number of new companies popping up purporting to provide control and manage social media, FINRA specifically calls out details on technology that automatically erases or deletes content, stating that this precludes the ability of the firm to retain the communications in compliance with their obligations under SEA Rule 17a-4, yet further into the 11-39 guidelines, FINRA details more about the deletion of inappropriate third-party content.

It’s clear that a record of communications that doesn’t contain the full record is no record at all.  However, I do hold to the fact that some content simply has to be deleted.  I can’t control the 750 million other Facebook users out there (heck, I can’t even control what my little brother says on Facebook), and not all of those users have the same filtering mechanism that I have when it comes to content.  I’ve deleted some friends and banned others because their language would offend my Mother, who to me, is my ultimate Facebook controller.  In a corporate environment, I certainly don’t want the Actiance brand associated with profanity, racism, or a host of other comments, that we automatically delete through the use of our Urban Dictionary.

But we do record the fact that they were made.  We also record the fact that they were deleted.  We also record what the page looks like before and after the delete.  Belt and braces.  It might not be on the social network anymore, but it’s in the archive.

Mobile IS mainstream, and network barriers have crumbled.

And, it’s clear to see that the growth of mobile is having an impact; 250 million of the 750 million active Facebook users use the site through a mobile device – and on mobile, they’re twice as active.  It’s clear that firms are concerned about mobile, rightly so, but equally, that FINRA is being sensible about how firms operate and how they do business.  And, not all of us use devices that are firm-owned to post content and collaborate on social networks.  That’s the way the world is changing.  It’s one of the biggest challenges of today’s CIO:  the personally owned device (whatever that might be – iPhone, BlackBerry, Droid, iPad, Tablet, Netbook).  FINRA reminds us that it’s the communications, not the device, that is important.

The Users, the pesky Users…

FINRA gives an even bigger call-out about training and education.  Human beings, I’m convinced were put on earth to create chaos.  And in a social world, we can do this very quickly and very easily.  (I should at this point, before our CEO, @Kambwani, sees this, reference that this quote is mine and mine alone.)  But equally, you don’t just give 20,000 financial advisors access to LinkedIn and expect that they know what to do.  In a lot of instances, there is a generational gap, injecting social into the DNA of individuals doesn’t happen overnight.  FINRA is dead-right by saying that training is important, that certification is important.  And regular training is not just a one-off, because people forget when they’re on a social network.  They forget who they’re connected to, and who might see their content.

We are, after all, as human beings, ultimately fallible.  And, we have technology in every other area of our business lives to protect us (anti-spam and security in the email world), to stop us sending our bank account details to Nigeria or our intimate personal details to hackers, Web filtering in the Web world to stop us playing online poker all day, and maybe even Actiance to limit our usage of Farmville to a mere 30 minutes a day.  In other words, we use technology to protect us against technology.  And it goes without saying that using technology to protect us from malware infection (our very own @jaeho9kim wrote about this recently right here on this blog), from ourselves, and from malicious intent.

I think I’ve rattled on quite long enough now, so I’ll leave you with this final set of questions.  Did 11-39 answer your questions?  Did it raise more?  What do you think it didn’t cover?  Tune in next week for our webinar – and for thoughts that I’ve gathered recently, when I got together with 60 Financial Services Marketing, Compliance, and IT professionals and asked them what they thought FINRA should issue in terms of guidance.

Charting the History of Social and FINRA – from 10-06 to 11-39

By Joanna Belbey,   August 24, 2011

In 2009, as social media rose to prominence, the securities industry asked its largest independent regulator, FINRA (Financial Industry Regulatory Authority), for guidance on how to use social media while complying with the rules and regulations governing the industry.

In response, FINRA convened a Social Networking Task Force of FINRA staff and industry representatives and issued Regulatory Notice 10-06, Guidance on Blogs and Social Networking Sites  in January 2010. The goal of the Notice was to “ensure that – as the use of social media sites increases over time – investors are protected from false or misleading claims and representations, and firms are able to effectively and appropriately supervise their associated persons’ participation in these sites.”

In addition, FINRA also provided a Guide to the Internet for Registered Representatives and a series of educational programs designed to help firms understand how to use social media within a culture of compliance.

In short, through the Regulatory Notice, Guide and various educational programs, FINRA conveyed that electronic communications shared over the Internet are governed by the same rules governing communications with the public that firms already follow: record keeping, suitability, supervision and content requirements. FINRA did make a distinction between static and interactive content: that static content is considered advertising and as such, required preapproval by a registered principal of the firm and that interactive content was akin to a public appearance and did not require pre-approval, but required supervision after the fact.

The industry had been hoping that FINRA’s would provide a specific road map to social media compliance, instead, FINRA provided guidance and encouraged firms to interpret the rules themselves: “each firm must develop policies and procedures that are best designed to ensure that the firm and its personnel comply with all applicable requirements. Every firm should consider the guidance provided by this Notice in the context of its own business and its compliance and supervisory programs.”

For 18 months, the industry debated how to specifically interpret the direction that FINRA provided and requested further clarification. In response, FINRA organized another Task Force and last week released Regulatory Notice 11-39 Social Media Websites and the Use of Personal Devices for Business Communications.

Regulatory Notice 11-39 reiterates the guidance previously provided around record keeping, supervision, suitability and content requirements. It also makes some further clarifications, including: a principal of the firm must review a social media site in the form that it will be “launched”, the content, not the device, determines record keeping requirements, the firm is subject to “adoption” and “entanglement” issues regarding third party posts, and that business communications through a personal device must be retained, retrievable and supervised. Like 10-06, Regulatory Notice 11-39 emphasizes that firms must create written social media policies and must provide training to its associated persons.

Again, although helpful, this further guidance will most certainly create even more debate about how to specifically interpret the rules to implement social media within the securities industry. Are there any other precedents to follow?

As we discussed in Beer and SEC Don’t Mix, there has been one social media-specific sanction to date. In January 2011, FINRA fined a broker $10,000 and suspended her for one year for sending series of “misrepresentative and unbalanced” messages on Twitter among other issues.

When you combine FINRA’s guidance, educational programs, and single sanction, firms now have more than enough direction to develop and implement compliant social media strategies. Work with your compliance department, check in with Human Resources and collaborate with IT and your service providers to work through the technology issues. And when in doubt on the best way to proceed, remember to follow the spirit of FINRA’s mission to: protect investors by maintaining fairness in the US Capital markets.

The Mothership Awaits

By nleong,   July 14, 2011

Well, it’s been four months since FINRA reconvened its task force to revisit Regulatory Notice 10-06.  Anticipation’s been building within the financial services and technology communities as to what additional guidance FINRA will come out with, having had a year to assess 10-06 in action.  Whatever new guidance FINRA does come out with, however, must be approved by the mothership (aka the SEC).

FINRA’s only been around since 2007, its creation having been approved by the SEC.  So, in many respects, FINRA still maintains close ties to the mothership, just by the very nature of the industry they oversee.  Many financial institutions are countries unto themselves with countless subsidiaries and offshoots left and right.  Inevitably, the line blurs between investment advisories (IAs) and broker-dealers (BDs) since many of these institutions are dually registered, making it difficult to determine which rules to apply – the SEC’s, FINRA’s, or both.

Since the changes implemented by the SEC in the 1990s regarding instant messaging storage and retention, we’ve seen the importance of both engaging with the regulators to keep abreast of what’s happening in the regulatory world and keeping them up-to-speed on what technology is capable of doing.  I just had a call this morning with some attorneys from the SEC’s Office of the Chief Counsel on the topic of social media.  Not surprisingly, they keep close tabs on what FINRA’s doing with respect to this emerging area.  There aren’t any social media-specific guidelines from the SEC, at least not yet.  But, judging by the questions I was asked by the SEC attorneys, I got the feeling they are keen to see how IAs are using technology to remain compliant with rules such as 204-2 and 206(4)-1, pertaining to recordkeeping and advertising, respectively.

Their concerns were consistent with what we’ve heard in similar discussions with other regulatory bodies – the FSA in the UK, IIROC in Canada, and, of course, FINRA here in the US.  It’s the gnawing feeling that guidance was necessary, given the rapid spread and adoption of social media, but that the guidance needed to be well thought out before being issued.

I’ve got no problem with things taking time.  The financial services industry and its regulators have historically leaned toward the cautious, conservative tack.  Certainly, that approach hasn’t changed, even if social media moves at a breakneck pace.  It’s like the ol’ race between the tortoise and the hare.  Slow and steady will win out over “irrational exuberance” 99% of the time.  At least, that’s what your mother would have you believe.

“Do I get a mulligan?”

By Sarah Carter,   May 5, 2011

Unfortunately, due to the breakneck speed at which social media moves, oftentimes mulligans aren’t an option. Look what happened to Scott McClellan, VP of Cloud Services at HP. H is updated LinkedIn Profile barely had hit LinkedIn’s database before news traveled around the Internet about HP’s cloud services strategy.  It happened so fast and El Reg was tipped a wink and brought it to everyone’s attention in their usual fashion that we so love (when it’s not us of course…) that poor Scott wasn’t quick enough to take back what he posted.  The fact that he’s so high level at HP makes it all the more stunning. J ust goes to show that folks sitting in high places aren’t immune from making rookie mistakes. I must admit to having a momentary cynical thought that it might have been a deliberate ploy….

However, nowadays, you can set up all kinds of alerts on social media sites – your former girlfriend’s Facebook status just changed from “in a relationship” to “single” and maybe the one that got away, isn’t so far away after all…or perhaps that roundtrip flight to Tahiti you’ve been pining for just dropped to 500 bucks.  The bottom line is that social media is viral, word travels quickly, and you need to take care over what you’re putting out there.  Just ask Scott.  It doesn’t matter that Scott only has 329 LinkedIn connections (a mere babe in our LinkedIn world these days); all it takes is one… and a screen grab.

Increasingly, you’re starting to see more companies open up access to social media sites for individuals within the organization, in large part due to internal pressure they get from certain departments like Marketing and HR.  These are the guys that typically need full access to sites such as Facebook, LinkedIn, and Twitter.  They advertise and promote their companies via these new communications channels.  More recently, we’re seeing requests from financial advisorsregistered reps, sales folks in mutual funds, and agents in insurance companies wanting access.  You’ve got to remember, folks, that as human beings, we’re fallible.  We forget who we’re connected with and the implications of what we say half the time (yes, yes, of course, I’ve deleted tweets and Facebook updates in my time; no, I’m not going to tell you what it was I deleted!).

Case in point: the Chrysler tweet fiasco.  After an inspiring, patriotic commercial painted a picture of a resurgent Detroit back in January, a Tweet got out in March dropping the F-bomb and denigrating the Motor City again.  Turns out the tweet was sent by a rep from Chrysler’s social media agency.  Yow.

Now, I’ll always advocate education, education, education (and more education), you can’t get enough of it.  But remember, we’re fallible, so after you’ve formulated your policy, you’ve educated your team, do what you do with other communications modalities – like email, the Web ,and instant messaging.  Enforce your policy with technology and protect the individual (sorry Scott, this is going to take a while to die down), protect the organization (nice strategy, HP), and protect your assets.

Clearly, not all individuals are created equal when it comes to risk and that’s why it’s so important for technology solutions to enable granular policy setting.  Different departments need different access rights to social media sites.  Or, drilling down even further, perhaps only certain folks in Marketing should have full unfettered access to Facebook, while the other folks in Marketing can have only read-only access.  If you’re a FINRA-registered rep, then you need – well, you know that you need to have approval on certain content – to ensure that your LinkedIn profile doesn’t change without approval, and you need to record what it is you’re saying.

These are just some of the things to keep in mind when you’re evaluating social media management vendors like us here at Actiance.  Not all solutions are created equal, just as all humans are different.  Actiance Socialite empowers organizations to safely accommodate the nuances of each social network, while also taking into consideration the fallibility of humans.  It may even let you have a mulligan after all.

Let me wrap this up by asking what your mulligan moment was?  C’mon, you share yours and perhaps, I’ll fess up mine too…

In a FINRA world, it’s a tangled Web 2.0

By nleong,   April 22, 2011

Reading third-party comments to blogs, Facebook posts, and group discussions is oftentimes more amusing that than the original piece of content that got the ball rollin’ in the first place.  Sarcastic comments, witty repartee, and timely humor are standard fodder for many social media sites.  Of course, not all’s a laughing matter, especially when it comes to FINRA-related content on social networks like Facebook, LinkedIn, and Twitter.

Financial advisers are keen to use these sites to prospect for new customers or to strengthen existing relationships.  There’s no disputing that.  However, things get a somewhat murky when an adviser responds to a third-party post (we’ll call this a “3PP” from here on out) to his or her, say, Facebook page.  Whether it’s an outright comment to a 3PP or a “Like”, FINRA may consider this an endorsement of the 3PP, which would require pre-approval by a firm principal.

FINRA’s “entanglement” and “adoption” theories rear their heads in situations like these.  The way FINRA sees it, if the firm or one of its personnel paid for or was involved in the preparation of the 3PP prior to its posting, then the 3PP would be considered a “communication with the public” that requires pre-approval (under the entanglement theory).  If the firm or one of its personnel “explicitly or implicitly endorses or approves” the 3PP, then it requires pre-approval under the adoption theory.  This means advisers have to be very careful before pushing that “Like” button on LinkedIn or Facebook pages.

The speed at which social networks release new features (e.g., Like, Recommendation, Retweet, etc.) is phenomenal.  During March 2011, LinkedIn made 74 changes.  74!!!  It’s enough to cause a few palpitations amongst the compliance community.  The role of the compliance team is made that much more complicated (and stressful) by the amount of internal pressure they receive from some groups that need access to these social media sites….for absolutely legitimate reasons.  On the other hand, you’ve got the watchful eyes of FINRA regulators circling the waters.

That’s why social media monitoring and archiving initiatives have been emerging in financial institutions in recent months.  Whether you’re a Goldman Sachs, an investment advisory firm, or a small hedge fund, the need to manage social media content remains a constant, regardless of the perpetual change.  And, as firms move towards realizing the benefits of social media and Web 2.0, they’ll need to straighten out the tangles of the social Web.

Open letter to FINRA on Social Media Guidelines

By kailashambwani,   March 22, 2011

March 22, 2011

Amy C. Sochard
Director, Programs & Investigations
Advertising Regulation
9509 Key West Avenue
Rockville, MD  20850

Dear Ms. Sochard:

In light of the recent revisit of FINRA’s social media guidelines, Actiance, Inc., is submitting this letter for the task force’s consideration.  We feel that the task force would benefit from having input from a range of sources, including from industry, technology, and others.  As such, Actiance speaks from a position of experience and expertise with respect to compliance solutions for the financial services industry.

As the adoption of social media spreads further across the financial services landscape, both industry and technology vendors alike have had more time to digest the implications of social media and what more can be done.  It has been over a year since the issuance of Regulatory Notice 10-06, so the level of understanding is unequivocally deeper now than at any time in the past.

Under this backdrop, Actiance would like to offer the following commentary with respect to Notice 10-06:

1. Recordkeeping Responsibilities

SEC and FINRA rules require that for record retention purposes, the content of the communication is determinative.

What 10-06 makes clear is that social media is just another form of “electronic communication.”  In addition to social media, there are also public instant messaging networks (e.g., Google Talk, Yahoo!, Windows Live Messenger, AOL Instant Messenger), peer-to-peer networks (e.g. Skype), and enterprise communication platforms such as Microsoft Lync/OCS and IBM Lotus Sametime that fall under the “electronic communications” umbrella.  Thus, being able to log and archive a multiplicity of electronic communications channels in one seamless platform facilitates the recordkeeping responsibilities greatly for organizations subject to FINRA guidelines.

A broker-dealer must retain those electronic communications that relate to its “business as such.”

Archiving in context adds a level of detail and comprehensiveness that assists regulators and auditors in determining whether in fact any violation occurred.  It’s easy today to take conversations out of context, say, if you’ve only “joined” in the conversation in the middle or at the last minute.  Being able to capture all conversations in context, from beginning to end, helps auditors understand the exact nature of a communication taking place between an advisor and a prospect/client.

It’s up to each firm to determine whether any particular technology, system or program provides the retention and retrieval functions necessary to comply with the books and records rules.

Although FINRA does not endorse any one particular technology vendor, it is important for broker-dealer firms to keep in mind that, given the vast number of options available in the marketplace today, choosing a technology partner that has the flexibility to integrate with as many content management and archiving systems as possible is critical.  Given the prevalence of litigation in today’ society, this flexibility becomes even more vital since eDiscovery solutions are closely tied to archiving systems.  Both law firms and businesses rely on eDiscovery to streamline their litigation processes and reduce cost.

2. Suitability Responsibilities

Firms might consider prohibiting communications that recommend a specific investment product unless the communication conforms to a pre-approved template and the specific recommendation has been approved by a registered principal.

Because so many broker-dealer firms have their representatives scattered all over the country, it simplifies the pre-approval process greatly to have mechanisms in place to expedite matters.  This includes having a lexicon library that a firm can utilize for whatever technology solution they choose to deploy.  In this way, already swamped compliance officers need only look at content that hits a word or phrase that is part of the lexicon library.  Technology vendors are already aware of this trend and are beginning to provide pre-defined and pre-screened templates that are in compliance with FINRA regulations.  In this way, registered representatives can get advertising materials out more quickly to prospects and clients.

Equally important is the ability of compliance systems to adapt to ever-changing social media feature sets.  To date, LinkedIn profiles have generally been considered prime examples of static content.  As functionality evolves, however, LinkedIn profiles may in the future include additional features like recommendations and blogs.  The key here is that these new features need to be blocked until they have been incorporated into the pre-approval workflow.

3. Types of Interactive Electronic Forums

Social networking sites typically contain both static and interactive content.

Regarding static content, having the ability to assess content before it hits the Internet would make compliance officers sleep better at night.  If registered principals are worried about the publication of static content without pre-approval, then the broker-dealer should consider adopting solutions or measures that enable them to hold content for pre-review.

Even for sites that have both static and interactive content, it does not hurt to be overly cautious with respect to pre-review, especially if lexicons can be utilized.  Either way, whether it’s static or interactive content, archiving all content related to the business is required.

4. Supervision of Social Media Sites

Firms must adopt policies and procedures reasonably designed to ensure that their associated persons who participate in social media sites for business purposes are appropriately supervised, have the necessary training….

We’ve found that companies that have crafted a social media policy and disseminated it to the whole organization are better off than those which have not.  Having a social media policy in place shows that a company has thought seriously about the issue, done some research, and introduced some processes to address it.

Firms that have demonstrated an understanding of the power of social media and how to leverage it are the ones that have created a social media policy already.  Some types of issues typically covered in a policy include, but is not limited to, the acceptable/inappropriate uses of social media, access rights, and ramifications for breach.

As firms develop their policies, they should consider prohibiting or placing restrictions on any associated person who has presented compliance risks in the past…

Since not all representatives are created equal, it may be necessary for firms to apply different policies to different people.  For instance, a firm might give Human Resources only read-only access to LinkedIn but give unfettered access to Marketing individuals.  Or, drilling down even further, limiting LinkedIn access to just a portion of the Marketing team is another option, if the firm is worried about the behavior of specific individuals.  Technology solutions today usually enable firms to set policies at the firm, group, or individual level.

Each firm must monitor the extent to which associated persons are complying with the firm’s policies and procedures governing the use of these sites.

Although monitoring is necessary, being able to bundle monitoring with logging and archiving adds a further level of confidence for compliance officers.  To really gauge a firm’s progress on the compliance front, firms should log and archive all representatives’ activities on these social media sites.  Which sites are they accessing?  How long are they on there for?  What are they doing exactly?  Only until a firm is able to gather and analyze this data will it begin to feel more at ease with respect to compliance.

In addition, the rapid adoption of mobile and smartphone devices such as iPhones and iPads requires more vigilant and intensive monitoring of social media sites as well as robust alerting capabilities.  Employees accessing social media sites and editing content during non-business hours are becoming the norm rather than the exception.  A compliance solution should be able to address this type of user behavior as part of its monitoring feature set.

5. Third-Party Posts

FINRA does not consider a third-party post to be a firm communication with the public unless the firm or its personnel either is entangled with the preparation of the third-party post or has adopted its content.

Facebook “Like” and LinkedIn “Recommendations” are two popular features that fall squarely within the scope of the entanglement theory.  “Liking” a comment or recommending a friend could be construed as an endorsement, which would require pre-approval by a supervisor.  Hence, it is critical for broker-dealers to have the proper monitoring mechanisms in place to ensure that intentional or inadvertent endorsements do not occur.

The above comments are our thoughts on technology’s role in addressing 10-06’s requirements.  Should the task force have any additional concerns or questions, Actiance is available to assist FINRA without reservation.


Kailash Ambwani
President and CEO
Actiance, Inc.

The Watchdog Is on the Prowl

By Sarah Carter,   February 17, 2011

Whoever thought that government regulatory bodies were out of touch in our 2.0 world, best reconsider their position.  The Securities and Exchange Commission (SEC) has begun to issue letters, asking investment advisors for details on their use of social media.  The request is quite broad, covering documentation on messages, posts, tweets, blogs, record retention policies, and even how the firm in question treats the personal use of social media while on the corporate clock.

The goal ostensibly is to get a better understanding of how social media is being used within the financial services community.  Every man and his dog knows social media is a hot topic these days, and the SEC is all too aware that the phenomenon has infiltrated broker-dealer and investment advisory firms as well.  Financial advisors are keen to use social media to prospect for new customers, strengthen ties with existing clients, and to market new products and services.  However, these communications between financial advisors and their clients are subject to regulatory scrutiny.

In January 2010, the Financial Industry Regulatory Authority (FINRA) issued Regulatory Notice 10-06, which was specifically written for social media.  It spells out the guidelines securities firms must follow when communicating with clients.  Reflecting the speed at which social media moves, FINRA already has plans to issue updated guidance later this year, conceding that many things they observed in 2010 were unexpected (e.g., at the time of original publication, brokers were not using social media for business communications).  Such a miscalculation on FINRA’s part has forced it to revamp the guidelines.

And, it’s not just the US that is adopting measures to address social media.  The Financial Services Authority (FSA) in the UK requires that appropriate risk warnings be given when social media is used for advertising purposes.  Hand in hand with the increased regulatory interest in social media is the emergence of technology vendors stepping in to help firms remain compliant with these guidelines.

Here at Actiance, we’ve  developed the industry’s most robust platform for managing and securing social media use within the enterprise.  Our Socialite platform enables organizations to moderate, log, and archive all activities and content posted to Facebook, LinkedIn, and Twitter.  In this way, financial services firms can rest assured that their communications with clients and prospects do not run afoul of any FINRA or FSA regulations.

Actiance is at the forefront of managing social media within financial services firms and will be providing guidance at headline Finextra events in London and New York over the coming months to share a best practice approach on coping with the regulatory guidelines.

Gazing Back at 2010

By nleong,   December 29, 2010

What a crazy year 2010 was for technology.  Facebook’s CEO was named Time’s Person of the Year, the iPad hit the market in a big way, and location-based services took off.  As we’ve been snuggled in for the holiday season and tossing back some libations with friends and family, we wanted to have a look back at what stoked people’s interests or got us freaked out in 2010.

Facebook:  The Social Networking Beast
The hugely popular social networking site continued its meteoric growth in 2010, with the number of users crossing the half-billion mark.  A movie loosely documenting its humble beginnings was released; Mark Zuckerberg was named Time’s Person of the Year (the dude’s only 26!); and it’s the gold-standard for social media platforms.  Pretty heady stuff for a company that was founded just six years ago and had its roots as a way to check out your college classmates’ pictures and see where the eye candy’s at.

However, with this spectacular growth came heightened media scrutiny and shrill criticism from privacy advocates.  It also became a tastier target for hackers and other evildoers.  Despite these privacy and security issues, Facebook continues to be the platform of choice for third-party developers.  To its credit, Facebook has listened to user feedback and has responded accordingly.  That’s the beautiful thing about an open Internet that Zuckerberg likes to preach.  Word travels fast, which can be both a blessing and a curse.  And so far, his congregation is filled with believers.

Location-Based Services:  I Know Where You Are (and Where You’re Not)
Thieves have got to absolutely love the booming popularity of location-based services, such as Foursquare, Gowalla, and Facebook Places.  Marrying smartphones with GPS technology has spawned sites that let users “check in” wherever they’re at, notifying all their friends of their exact location at that moment in time.  Great concept if your friends that you’re telling are truly your friends.  Not a good concept if you’ve got folks on your “friends list” that shouldn’t be there or you’ve got the wrong privacy settings enabled on your smartphone, essentially giving a green light to applications like Foursquare to share your information with unauthorized folks.  Yikes.  Better make sure you hide that family-heirloom Rolex reeeeeeal gooood.

Collective Buying:  Power in Numbers
The tough economic times of these last couple years means that bargain-hunting has become the norm for many of us.  Enter Groupon and LivingSocial - a couple of sites that aspire to give the best deal on a broad range of products and services.  The key to their success is scrounging up the minimum number of persons to partake in a deal.  Once that threshold is crossed, everyone in the “group” gets that product or service at a great price.  If the quorum’s not met, no deal for you (thank you, Soup Nazi).

iPod, iPhone, iPad, iCha-ching
Aside from the dropped calls you (allegedly) get if you hold a 4G iPhone with the bottom half of your left palm, held at a 27 degree angle, with partly sunny skies, and your mother-in-law is in town, Apple can do no wrong.  Hard to believe this company was on its deathbed in the mid-1990s (for those of you who can remember).  Now, if Steve decides to stick an “i” in front of its next product, run out and buy some Apple stock that day.  The iPad is the latest Apple offering that it really didn’t invent but has marketed better than everyone else (both past and present).  Now, if Steve could just figure out a way to outdo the Most Interesting Man in the World, then he may just be worthy of his deity status.  (Norv’s boss would like you to know that these are his opinions and she makes no comment about buying stock or Steve’s deity status.)

Boxy but Good
People used to say this about Volvos.  Not the sexiest car around, but they were reliable and were safe.  The same can be said for the regulations starting to pop up now to address the social media phenomenon.  People normally get a little drowsy when they hear or see the word “regulation,” but it’s one of those necessary evils.

Many industries, such as financial services, energy, and healthcare, are turning to social media to market their products and services and extend their brand reach.  However, it was only a matter of time before the regulatory bodies started to catch up.  Case in point:  the financial services industry issued FINRA Regulatory Notice 10-06 in January 2010 to provide guidance on what brokerage firms and its representatives are and are not permitted to do with respect to social media.  And you can bet your bottom dollar/euro/pound that other industries will soon follow suit (we’re actually already starting to see this happen).

Social Media’s Playing with the Big Boys Now
When social networking first hit the scene, it was all about the hipsters and Generation Y’ers.  It was supposed to be a fad, limited to folks with too much time on their hands.  Well, I think it’s safe to say it’s here to stay.  Corporate types are on-board, real money is being generated, and your grandmother might even have a Facebook account.

The bigger issue is, “how can companies utilize social media safely without having it blow up in their faces, like what happened to Domino’s in 2009?”  This past year saw organizations, big and small, kick the tires and see what they could do with social media.  They also poked around to see what kinds of controls, if any, were available from technology vendors.  Just all part of the maturation process of a communications channel that promises to bring more excitement and innovation in 2011.

The above are just my musings on trends in 2010.  What were the biggie ones you saw this past year?  And don’t worry, you’ll still get your soup.

Step aside. There’s a new social media sheriff in town…

By nleong,   December 10, 2010

The announcement last week that financial services behemoth, Citi, was looking for an attorney to oversee its social media activities underscores the influence that social media holds in today’s business world and the still-evolving legal ramifications stemming from ill-advised usage of social media tools.  No industry is further ahead on social media guidelines than the financial services industry.  The Financial Industry Regulatory Authority (FINRA) issued social-media specific guidelines in January 2010.  Known as Regulatory Notice 10-06, these guidelines specify what types of social media content needs to be monitored and archived.  The Financial Services Authority (FSA) in the UK followed soon thereafter with its own guidelines on social media, illustrating that the explosion is taking place on a global level.

Other industries are taking a cue from financial services, too, and have either started to issue guidelines on social media (e.g., energy and utilities) or are in the process of issuing them (e.g., pharmaceuticals).  Even individual states, like Florida, have updated their General Records Schedule to require the retention of social media communications.  The bottom line is that regulators are keen to keep pace with the dynamism of social media and are trying to establish frameworks for managing social media activities for their respective industries.

In the case of Citi, they’ve taken it one step further by initiating a search for an associate general counsel to focus solely on social media.  Among the many responsibilities of this new role are protecting Citi’s intellectual property, working with specific business counsel to secure approval of content, establishing consistent processes for vetting and replying to comments in interactive environments (e.g., Twitter, Facebook, etc.), and promoting consistent policies.

The fact that Citi has created a role just for social media shows just how seriously the Wall Street giant is taking the phenomenon and is taking a proactive approach to establishing itself as the leader in this nascent practice area.  Take, for instance, Anna O’Brien, the VP of Social Media at Citi.  She’s credited with helping Citi become the first financial services company to have a verified Twitter account and is (obviously) a huge advocate of social media.  She spoke at the Business Development Institute (BDI) conference in NYC a couple weeks ago about how social media is a powerful marketing weapon.  Then, you’ve got the folks at Morgan Stanley Smith Barney, who have been championing social media as an effective marketing and prospecting tool for financial advisors.  Morgan sees a well-defined social media strategy as critical to delivering on clients’ needs and expectations.

And it’s not just Social Media attorney titles that we’re seeing.  More and more often we’re starting to see the appearance of titles like Social Media Compliance Manager and Product Manager Social Media on job boards.  In fact, when one does a search on LinkedIn for “social media compliance,” nearly 13,000 people turn up in the search results here in the US.  So, Citi and Morgan Stanley are not alone is recognizing the importance of social media.

As the conversation moves from our email clients to the social network, Gartner suggests that for 20% of us business users, social media will become the primary mechanism for interpersonal communications by 2014.  Here at FaceTime, we see an increasing amount of content passing through these social networking sites.  This may be daunting, but platforms such as Socialite help firms, particularly those in regulated industries, remain in compliance with the emerging guidelines specific to social media.  From pre-review moderation of content to the contextual logging and archiving of activities and events, FaceTime can enable folks like Citi’s associate general counsel-to-be execute his or her job duties with more peace of mind.