Connected Suite Spotlight Series – Supervision Policies and Procedures

This Connected Suite Spotlight Series, is for clients using the Professional Archive, and anyone who is interested in benefits and tips for compliance best practices for financial services.

Supervision Policies and Procedures

Supervision configuration options include policy management. This allows policy configuration for data supervision and classification based on a wide set of search criteria such as sender/recipient, content type, keywords, subject, body, attachments and exclusions.

Create policies for a modern workforce with compliance in mind
With a rich policy engine at your fingertips, clients are enabled to flag and classify messages based on a wide set of criteria, including sender/recipient, content type, keywords, subject, body, attachments, and exclusions. And, retention policies let clients hold or purge data as required by corporate policies.

Pro Tip: Policies designed for email will need re-inspection to reflect specific ways new channels (like text, social, instant messaging and collaboration), intersect with traditional email, especially over personal devices (like mobile phones).

Policy rule screenshot

Refine policies and zero in on messages being flagged for review that truly pose risk – this reduces review queue volume and saves time. Refining supervision policies can be a key competitive advantage for your supervision team.

Written Policies and Procedures

FINRA Rule 3110, and SEC Rule 206(4)-7 require a firm’s supervisory system to provide for the establishment and maintenance of policies and procedures. Firms that have not already done so should adopt and periodically review formal written electronic communication policies. As your firm works through creating and maintaining policies and procedures, consider the following:

  • Policies and procedures must be tailored to the specific risks of the firm and address all activity in which your firm engages. Policies should be appropriate for the size and structure of the firm’s business.
  • Policies and procedures should set forth standards for devices and applications that may be used so all communications can be retained and supervised.
  • Permissible messaging applications must allow message retention.
  • Policies and procedures should be updated to reflect regulatory changes, as well as changes made to the supervisory process.
  • FINRA recommends that firms adopt a combination of lexicon and random review of electronic correspondence.
  • A manual internal review process is recommended.
  • All applicable departments should be involved in the creation of the firm’s written electronic policy (Management, IT, Legal, Compliance, Marketing, Operations, Trading).
  • All policies and procedures must specify basic parameters for reviewing electronic communications. There is no prescribed formula for determining how many emails to review, but enough should be reviewed for an advisor to be able to defend it as reasonable. Policies and procedures are not required to specify exact percentages or quantities to review.
  • The most important takeaway is to review as many messages as are specified by the firm’s policies. If the policies call for a review of four percent of all emails each month, reviewing only two percent in a quarter is missing the mark.

Periodically gather feedback from your employees and peers who regularly use new technology. Your policies should reflect today’s evolving digital communications landscape. Since new channels frequently emerge, it’s important to keep employee training up to date in order to keep pace with the latest technology.

Not following your firm’s policies and procedures is just as bad as not having any in first place. It’s important to ensure policies are properly enforced and followed by the designated reviewers.

“One of the most frequently cited violations is failure to follow Policies and Procedures.”

Need help with policy development and tuning? We can help!
Policies can be custom-created, or built from one of the 40+ expert templates that we can provide, which have been honed over time and developed by our subject matter experts. Policies should be tuned on a regular basis for maximum performance and efficiency. Learn more about our policy tuning services

Watch how to create policy rules in the Professional Archive
Policy Rules in the Professional Archive webinar

Related Knowledge Base Articles in Smarsh Central:
– What are policies?
– How to search for policy matched content
– How to configure policies

  • Keyword or Lexicon Policy
  • Auto-Review Policy
  • Privileged Policy
  • Retention Policy

Always keep your lexicons up to date
For a comprehensive list of frequently updated terms and keywords see ‘Most Common or Popular Keywords, Phrases and Exclusions’ – a knowledge base article on Smarsh Central.

 

Share this post!

Marianna Shafir Esq.

Marianna Shafir Esq.

Corporate Counsel, Regulatory Advisor at Smarsh
Marianna Shafir is Corporate Counsel and Regulatory Advisor at Smarsh, where she’s responsible for legal and regulatory affairs worldwide. With her expertise in financial services industry, compliance and eDiscovery, Marianna counsels Smarsh clients on meeting regulatory obligations, leveraging technology and guidance on best practices related to electronic communications supervision. Prior to joining Smarsh, Marianna worked for BNY Mellon and Invesco where she was an instrumental member on compliance teams.Marianna has also served as an adjunct professor at New York Career Institute where she taught Law Office Management and Real Estate Law. She earned her Juris Doctorate from Nova Southeastern University. She is a frequent speaker at industry conferences and a contributor to various online publications.
Marianna Shafir Esq.

Get a Quote

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Contact Us

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.