Perhaps the greatest hurdle facing financial firms striving to meet their regulatory obligations lies in the rapidly-evolving ecosystem of workplace communications. Recent years have seen an explosion in new communications tools, and forward-thinking firms have been quick to utilize their unique capabilities to improve workplace efficiency and enhance communications with both colleagues and clients.
Simultaneously, examiners have begun to key in on these new communications tools, recognizing that potential risk grows as these tools are increasingly adopted. These days, regulators are requesting records across numerous channels alongside supporting documentation detailing the practical functionality of your compliance program.
This industry-wide shift means most organizations are overdue for a reevaluation of their compliance practices. The best place to start is to look for the top signs that your firm is not FINRA and SEC compliant.
Your firm doesn’t know what to archive.
As mentioned, the types of communications requested by examiners has been gradually changing. A recent survey of financial firms found that while email remains a major focus, examiners are increasingly requesting social media posts, SMS/text messages, website updates, instant messages, and records that might contain business-relevant communications. As a result, your organization must be prepared to present records relating to any or all these channels on relatively short notice.
In addition, your firm must clearly define and document which channels and applications are allowed and implement a supervision program to capture and review these communications. Remember: It doesn’t matter whether the communications are internal or external, or what communications channel is being used — all business communications are fair game for examiners. The regulators made it clear that “content is determinative” – not the channel.
It’s also important to remember that a prohibition policy isn’t a get-out-of-jail-free card. If regulators discover that employees have been using communications channels such as text messaging, you are responsible for providing those records — even if your policies dictate that such channels are prohibited.
Your firm lacks supporting documentation related to archiving.
Examiners are not solely seeking the communications you’ve captured, but are also interested in how you captured those communications and whether you’re prepared to supervise a growing swath of communications channels. An examiner will require that your firm also provide supporting documentation including evidence of your supervision efforts, and written documentation detailing the supervisory procedures your organization follows.
Your firm doesn’t know how to archive (or why archival is important)
Ultimately, your risk of fines and suspension, and of sustaining damage to your reputation, increase if you can’t give examiners the documentation and records they request at any given time. To maintain compliance, you must be able to provide comprehensive archiving for all business-related electronic communications, in Write Once, Read Many (WORM) format, with all contextual data, use policies, and supervisory lexicons intact. More crucially, a compliance archival solution allows you to produce any or all of this content on short notice — exactly the sort of preparation that examiners want to see.
As we’ve stated, regulators are asking for more types of content more frequently than in prior years, and the number of communications channels examiners are focused on will only continue to grow as firms and advisors gravitate toward newer tools like SMS/text messages and social media. This exponential increase in communications could be a tremendous burden on your compliance team, unless your firm utilizes an archiving solution capable of capture, archive, search, and supervision that can produce messages from a wide range of channels on demand.