Industry Insight

Compliance & Legal Industry Insight: Digital Communications Are Front and Center

April 05, 2022by Robert Cruz

Subscribe to the Smarsh Blog Digest

Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

For several years, Smarsh has attended and sponsored top e-discovery and financial services regulatory compliance industry events, including Legalweek, SIFMA C&L and FINRA Annual. Along with our customers and partners we have a unique perspective on the regulatory and legal challenges firms are experiencing as digital communications have evolved.

The events have explored different headline topics over time, from predictive coding adoption and FRCP changes at Legalweek and the International Legal Technology Association’s event (ILTA) to the impact of deregulation followed by “regulation by enforcement” at SIFMA C&L and FINRA Annual.

Until this year. Hopping back into the in-person conference circuit revealed just how much the world has changed. Our collective reliance on digital communications tools like Zoom, Teams, and Slack  combined with the demographic pull toward social networks like TikTok and Instagram around topics like cryptocurrencies  was noticeable everywhere.

We even managed to engage in a discussion or two about the compliance and risk implications of the metaverse. It’s clear that we’ve reached an entirely new era in business communications. To paraphrase the great Dr. John, “I’ve been in the right place, but it must have been the wrong time.” Well, the time has come.

Business operations, technology infrastructure and both internal and external communications have rapidly, irreversibly advanced  resulting in new and unique legal, compliance and cybersecurity risks. Legal and compliance minds (mostly) agree  there is no turning back to how things used to be. Let’s discuss some of the highlights.

Reduce the time, cost and effort of e-discovery for investigation and litigation

SIFMA Compliance & Legal: The Storm is Here

Several sessions at SIFMA’s Compliance & Legal event touched on the use of digital communications. This focus wasn’t entirely surprising, considering the various related topics recently addressed by regulators, including:

In the Smarsh breakout session, “Digital Communications in the Hybrid Workforce,” (the highest-attended breakout session) we explored the concerns around social media practices  including the unauthorized use of prohibited networks and the impact of “Finfluencers.” We also discussed how to respond to the requirements outlined within the SEC cybersecurity rule  such as how to best respond to the 48-hour breach reporting requirement and third-party-risk assessment demands.

This will continue to create a challenge for resource-strapped compliance teams, but the indicators all point in the same direction: firms will continue to see new tools and greater adoption of digital platforms into the foreseeable future. It’s time to update policies, refresh training and modernize automated controls.

Other topics touched upon throughout the conference included:

Updated marketing/advertising rule
Conversations continue about how firms will respond to new definitions of advertising and solicitation proscribed under one rule  prior to the enforcement window, which opens in late 2022. While firms appear to appreciate the greater flexibility around the use of social media, many remain immersed in updating policies, procedures and disclosures to address the principles in the updated rule.

Remote work supervision
Firms are looking at where business takes place in this environment and whether their tools and oversight processes remain suitable, specifically as they relate to communications with the public. Panel discussions highlighted the need for supervision and monitoring of communications to include the potential use of prohibited networks to spot outside business activities (OBA).

Social media “Finfluencers” and gamification
This is a priority for the SEC, as they are looking at how firms are using social media to attract and refer clients, what controls are in place, and what surveillance is in place for Finfluencers. It’s been a record-breaking couple of years for new accounts, and particularly new retail investors. Regulators will begin to focus on protections for these activities.

Digital engagement practices (DEPs)
Panel discussions were focused on using digital engagement practices to engage with customers in a fun way with a focus on educating investors. Regulators appear to remain focused on protecting investors from manipulations (more frequent trading, trading outside their risk tolerance or sophistication, etc.). Panelists were clear that they didn’t feel a need for more regulations here, but that they would expect a regulatory notice to clarify some of the issues addressed in the regulator’s Request for Comment letter.

AWS marketplace 700

LegalWeek: The Earthquake and Approaching Tsunami

Similarly, the impact of digital communications on e-discovery workflows and processes was not lost upon the event agenda, nor within the stories being told by many e-discovery service and technology providers.

The urgency among practitioners appeared a bit different than at SIFMA for a few key reasons:

  1. Many firms remain locked into the technology and workflows that they’ve become accustomed to (namely, centered on messages, files, and attachments)
  2. They’ve not fully internalized how critical non-messaging modalities (e.g., embedded voice, video, collaborative editing, whiteboards, etc.) can be to understanding the conversational context
  3. They may not be familiar with technologies that address these new forms of collaboration

Our panel session, "Hybrid Work and the Discovery of Collaborative, Social and Mobile Content," explored this topic and arrived at similar conclusions: the use of interactive and collaborative content sources is part of the shift that many organizations were seeing explode even prior to the pandemic. The actions that they see firms are taking to address this reality include:

Establishing governance programs
Stepping up governance programs to evaluate the business benefits, vs. risk/cost of new technologies being considered for business use, in partnership with compliance, security, and technology stakeholders.

Ongoing evaluation of communications technology 
Continually inspecting existing tools with an expectation of the agile release of new features and, in some cases, before risk controls can be implemented.

Rethinking content preservation policies
Re-examining policies to determine if a change from reactive to proactive preservation makes sense for that specific technology (in order to avoid the alternative of wrestling with content providers that may or may not know your specific discovery demands).

Modernizing e-discovery
Understanding the extent to which current discovery technologies can comprehend new modalities, or leave discovery teams with a puzzle to reassemble conversational context.

Employee training
Ensure that employee training programs reflect hybrid work models and the use of currently supported tools used by specific job roles to ensure that individuals understand the risks and possible negative impact on their business.

The impact of the digital communications tsunami may not have yet been felt by all compliance and legal stakeholders in these two gatherings. But it is now visible to more and its ultimate arrival onshore is inevitable.

Share this post!

Robert Cruz
Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

Ready to enable compliant productivity?

Join the 6,500+ customers using Smarsh to drive their business forward.

Get a Quote

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Contact Us

Tell us about yourself, and we’ll be in touch right away.