The SEC’s Office of Compliance Inspections and Examinations (the “OCIE”) recently issued a risk alert (the “Alert”) regarding electronic messaging by registered investment advisers (“RIAs”). As used in the Alert, the term “electronic messaging” refers to written communications sent electronically using text or SMS messaging, instant messaging, personal email, or private messaging, both through the RIA’s systems and through third-party apps (e.g., Twitter and Instagram).
The Alert notes that electronic messaging implicates Rule 204-2 (the “Books and Records Rule”) and Rule 206(4)-7 (the “Compliance Rule”) under the Investment Advisers Act of 1940 (the “Advisers Act”). The Books and Records Rule generally requires RIAs to retain records of communications containing recommendations and marketing materials. The Compliance Rule requires RIAs to adopt and implement written policies and procedures reasonably designed to prevent violations of the Advisers Act and rules thereunder.
To support compliance with the Books and Records Rule and the Compliance Rule, the OCIE recommends that RIAs adopt the following practices when engaging in electronic messaging:
- update policies and procedures to specifically address electronic messaging;
- train employees on policies and procedures relating to electronic messaging;
- regularly monitor the RIA’s electronic messaging activity, including activity on social media platforms; and
- oversee employee use of electronic messaging by requiring prior approval of activity and content and utilizing security software.
In the past year, we have seen a substantial number of RIAs, including some of our own clients, utilize electronic messaging platforms to reach potential and existing clients. We believe the Alert provides welcome guidance, but leaves many important questions unanswered. Accordingly, we encourage RIAs to consult with legal counsel to draft comprehensive policies and procedures before marketing through exciting new electronic mediums.