Brokers’ Contingency Planning for a Remote Workforce is Critical in the Age of Coronavirus

March 09, 2020by Elin Cherry

Subscribe to the Smarsh Blog Digest

Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

The spread of COVID-19 continues, with more than 3,600 deaths worldwide from the coronavirus. There have been more than 106,000 cases confirmed, with parts of China and Italy quarantined. Both the Futures Industry Association and SIFMA cancelled their annual conferences in Florida this month. The crisis has everyone from school administrators to government officials to corporate managers making emergency plans in case their workers are quarantined or need to work from home as a precaution.

You should be doing the same. As you put together your contingency plan, it’s imperative that you make sure that everyone complies with FINRA’s rules and regulations.

It is especially important to consider whether advances in technology and electronic communications haven’t outpaced your procedures. Your plan should specifically address the technology used by your workers with access to customer records and information. There can be no “one-size-fits-all” policy or procedure for everyone.

Your contingency plan should take into account the following rules:

• You must keep a list of each remote worker’s location, which should be a primary residence. It cannot be marketed to the public as an office, and your worker cannot meet customers at the location or handle funds and securities there. The record for each location should include the employee's name, title and registrations, and business activities. You also need to record each employee’s supervisor and supervisory office.

• All work-related electronic communications must be transmitted through your approved electronic system. The workers need to use firm-approved devices and computers only and must connect to the electronic system through secure communications links. And you need to have policies in place restricting the use of personal or non-personal devices, systems or software for the business.

• The worker must notify a registered supervisor and receive approval when working from the remote location. You must have written procedures for the supervisor and remote employee regarding the work at home, covering areas such as sales activities, electronic communications, and the limits of document production and storage. You must make clear to supervisors that they are responsible for reviewing the activities of remote workers. In addition, some of the procedures may require authorization from the head of the business unit, the human resources department, and consultation with legal or compliance personnel.

A few things to keep in mind:

• Have an inspection program in place that includes procedures for both on-site and remote office inspections. The program should describe the schedule and considerations behind the frequency of inspections. You should make a written report of each inspection and use it to review whether changes are needed for arrangement or supervision of the remote work. You may also want to consider if the timing of inspections requires change.

• Review your supervisory procedures and checklists and ensure that you have updated them to reflect the current situation. It is likely some processes may have changed if many employees are now working remotely. Consider whether the items in this article need to be reflected in your supervisory procedures.

• Provide adequate training to your employees regarding the use of their technology as well as the steps employees should take to ensure that customer records and information are kept confidential.

• Conduct periodic audits of your systems for potential vulnerabilities that may expose customer records and information to unauthorized access.

• Review the technology you use for remote collaboration and conferencing. You may want to upgrade your conferencing tools if you are equipped only to handle meetings in conference rooms, rather than at individuals’ desks or homes. Approved document-sharing tools should also be reviewed to make sure they are capable of handling the load if you have a larger workforce working remotely.

• Restrict or prohibit work-from-home arrangements for workers who have a disciplinary history or a statutory disqualification. Also, remember that conditions or restrictions may apply to anyone who has had reportable events on Form U4.

Most of all, keep in mind that even with the current health crisis, you need to make sure your plans for remote work are fully in place and that everyone involved understands all the rules and procedures. While it may be tempting to cut corners or put off a full review because of the urgency of the situation, that would not be the best way to go. Better to be safe than find out later that you have violated the rules, perhaps jeopardizing your employee’s position or your firm.

Share this post!

Elin Cherry
Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

Contact Us

Tell us about yourself, and we’ll be in touch right away.