Wealth Managers Must Prepare for the SEC Crackdown on Electronic Communications

The SEC’s recent announcement of $1.8 billion in fines against 16 financial institutions over electronic communications violations, as covered in a Barron’s Advisor article by Andrew Welsch, have revealed widespread and firmwide compliance failures at all levels.

Maintaining records of advisor-client interactions may seem an arcane area of ​​financial regulation, but the SEC views these requirements as sacrosanct. “Record-keeping requirements are core to the commission’s enforcement and examination programs,” said Gurbir S. Grewal, director of the SEC’s Division of Enforcement, who added that the ability to examine a firm’s books and records is essential in carrying out the regulator’s mission. of protecting the investing public and ensuring market integrity.

With Grewal on record advocating for harsher penalties in cases of misconduct, I suspect these settlements are just the first in a series of actions involving SEC registrants with similar books and records and electronic communication responsibilities. It would be a mistake to simply write this off as another case of financial institutions not complying with rules and regulations. There is more nuance and complexity at the core of these infractions centering on the convergence of human behavior and technology.

Fundamentally, these cases involved employees communicating official business over unauthorized or ineffectively monitored personal devices and technology platforms. It is simply more challenging to comply with books and records requirements when it comes to electronic communications. While firms can prohibit employees from using personal devices and limit them to communicating via business channels alone, new communication technologies are proliferating and ubiquitous.

Clients may prefer that firms communicate with them over these platforms, putting more pressure on adoption. And since both employees and clients use these technologies in other parts of their lives, the risk is high that they will inadvertently use them for business communications on occasion because it’s instinctive and easy.

A potential solution would allow employees to use personal devices and platforms, but monitor them to comply with the securities laws—but this approach is complicated by accessibility and privacy considerations. Firms can train employees to monitor off-channel business communications and have them certify compliance, but is that enough given today’s level of SEC scrutiny?

The reality is that traditional policy-making and oversight activities are no longer enough. SEC-registered firms facing the prospect of examinations, investigations, and potential enforcement actions must get this crucial element of record-keeping and electronic communications right. In order to do so, three key takeaways from the recent regulatory enforcement actions should be addressed immediately.

Act now. These fines are just a shot across the bow, and although they involve broker-dealers, investment advisors should expect to be targeted since they have similar record-keeping responsibilities. There have already been cases involving money managers for similar record-keeping violations. All financial firms should consider comprehensive reviews of their policies, procedures, and systems for retention of electronic communications on personal devices and how they handle noncompliance by their employees.

Invest in compliance technology and data analytics. Compliance teams need adequate resources and regulatory technology to keep pace with the proliferation of electronic communication technologies. Now is the time for companies to evaluate whether they are adequately investing in compliance technology and data analytics to get the job done.

Strengthen compliance culture at the top. The enforcement actions make it clear that senior staff were aware of employees communicating on non-monitored channels and looked the other way. This undermined the ability of compliance teams to do their job. When leaders ignore the rules, it sends a message to employees that the rules are not important. Management needs to set the right tone at the top by complying themselves, imposing meaningful sanctions for violations, and providing their compliance teams with sufficient resources to comply with laws and regulations. This is crucial not only to avoid SEC scrutiny but to protect a firm’s brand and reputation.

Financial firms must fix this issue. The resources, expertise, and technology to do so are available. Don’t wait for the regulators to knock on the door.

Photo Illustration by Barron’s Advisor; Courtesy of ACA Group

Carlo di Florio is the Global Advisory Leader at ACA Group, which supports more than 6,500 financial services clients with governance, risk, and compliance solutions. Prior to joining ACA, he was a senior regulator, first as director of the Division of Examinations at the SEC and then as the chief risk and strategy officer at Finra. Prior to joining the SEC he was a partner at PricewaterhouseCoopers.

.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
AGADIR-GROUP