The National Association of Securities Dealers, Inc. and the New York Stock Exchange LLC (together, SROs) have published for comment guidance on the review and supervision of electronic communications. The SROs stated that this review of internal and external communications, incoming and outgoing, may be employed using risk-based principles, but must also include matters the SROs require to be reviewed – e.g., communications between research and investment banking, customer complaints, and order error or account designation change. The guidance sets forth the tests for employing risk-based procedures.
The proposed guidelines address the following six areas:
- Written policies and procedures are adopted governing the use and supervision of electronic communications, including what is and is not permitted.
- The forms of electronic communication employees are permitted to use, how the firm will review and supervise them and what is prohibited – e.g., personal electronic devices, third party e-mail services, message boards and electronic faxes.
- Identify the persons responsible for review, when and how they can delegate these functions and the criteria for such delegation and persons to whom delegated.
- How the review will be conducted – use of a hot list of phrases, percentage of an office or business area e-mails, percentage of each person’s e-mails and a periodic assessment of the effectiveness of these methods.
- Frequency of review and time frame from sending or receiving the e-mail to its review and follow-up actions, if appropriate.
- Documenting the review, either in paper or electronic format, identifying a reviewer, documents reviewed, date of review and steps taken as a result of identified significant regulatory issues.