On December 14, 2018, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) published a Risk Alert titled “Observations from Investment Adviser Examinations Relating to Electronic Messaging”.
Based on a series of limited-scope examinations, OCIE reviewed electronic messaging for business-related communications by RIAs to ensure that the relevant regulations were being followed. In these examinations, OCIE reviewed advisers’ practices regarding retention and review of text messaging/SMS messaging, instant messaging, personal emails, and personal or private messaging (collectively, “electronic communications”). They did not review business-related email sent and received through firm email systems, due to the fact that firms already have years of experience complying with business email retention and business email does not pose the types of challenges as other electronic communication methods that are maintained via third-party apps or platforms as opposed to firm systems.
The observations that OCIE published fell into the following categories:
This Risk Alert addresses the regulatory requirements that impact a firm’s use of electronic communications, describes adviser’s deficiencies in meeting these regulatory requirements, and provides best practice examples and suggestions for compliance, based on OCIE’s observations.
If your firm or its staff uses any of the forms of electronic communications covered by this alert, you should consider the following items prior to use:
As with any other technology-based systems, cybersecurity and information protection should always be a priority. Allowing your advisers to use any alternative methods of electronic communications may pose security risks, so it is always advisable to speak to your IT department, IT consultant, or Cybersecurity team.
If you have any questions, please contact your NCS Regulatory Compliance Consultant, we are here to help!!! We can work with you on updating your policies and procedures, as well as conducting social media reviews or offering guidance on these, and other risk-based reviews of your business.
Click the following link to view the full text of the SEC’s Risk Alert: https://www.sec.gov/files/OCIE%20Risk%20Alert%20-%20Electronic%20Messaging.pdf