Why does social media present unique compliance risks for investment advisers?

Social media content can be shared, reposted and amplified by third parties, making supervision and recordkeeping more complex than in traditional advertising channels.

What types of social media content may fall under the SEC Marketing Rule?

Depending on circumstances, advertisements may include social media posts, videos, webinars, podcasts, testimonials, endorsements and other promotional communications.

Why are testimonials and endorsements closely scrutinized?

These communications can influence investor decision-making and may trigger disclosure, supervision and recordkeeping obligations. Firms need to have documented processes to review and monitor their use.

How should firms approach influencer marketing?

Establish governance processes that address due diligence, content review, monitoring and documentation. Influencer-generated content should be subject to appropriate oversight and supervision.

Why is recordkeeping important for social media compliance?

Regulators may expect firms to retain not only published content but also supporting materials such as approvals, disclosures, substantiation documents and supervisory records.

What did the SEC's 2025 Marketing Rule Risk Alert signal to firms?

The Risk Alert highlighted recurring deficiencies involving testimonials, endorsements, third-party ratings and related compliance controls, signaling which areas examiners continue to prioritize when assessing Marketing Rule compliance.

How to Stay Ahead of SEC Scrutiny on Social Media

June 26, 2026by Tiffany Magri

Investment advisers now rely on social media for marketing, but the speed and reach of digital channels also increase compliance risk. As SEC examinations increasingly focus on how firms execute Marketing Rule requirements rather than simply whether policies exist, organizations need governance frameworks that work in practice, not just on paper.

Key takeaways

Social media compliance demands real-time supervision because content moves quickly across platforms and often involves third-party interactions.
SEC examinations prioritize how firms operationalize Marketing Rule compliance through actual oversight, disclosure management and recordkeeping.
Testimonials, endorsements, influencer relationships and third-party ratings remain focal points for regulatory scrutiny.
Recordkeeping and supervisory controls are essential; firms should retain published content and supporting documentation across all channels.
Effective governance requires collaboration between marketing, compliance, legal and records management teams

Why social media compliance remains challenging

Social media allows firms to reach audiences at scale, but it also introduces risks absent from traditional advertising channels.

Content can be reposted, shared, commented on and repurposed long after publication. A single campaign may involve videos, podcasts, webinars, employee advocacy, paid promotion and influencer participation across LinkedIn, X, Instagram, and TikTok. As marketing programs become more sophisticated, firms need to ensure compliance controls evolve alongside them.

Many organizations struggle not because they lack policies, but because compliance processes fail to keep pace with the volume and speed of digital communications. Review workflows, disclosure requirements and recordkeeping obligations often become fragmented across teams and platforms.

The result: routine marketing activity can create regulatory exposure if governance processes are not consistently applied.

The shift from policy adoption to compliance execution

When the SEC Marketing Rule took effect, firms focused on updating policies, procedures and disclosures. Recent SEC examination findings reveal a critical shift, regulators now assess how firms implement and document compliance controls in practice.

The SEC's 2025 Marketing Rule Risk Alert highlighted recurring deficiencies involving testimonials, endorsements, third-party ratings, written agreements with promoters and related compliance policies and procedures.

For social media programs, firms should be prepared to demonstrate:

Content review and approval processes across all platforms
Disclosure application and maintenance for each communication
Third-party content supervision mechanisms
Record retention and retrieval procedures
Compliance monitoring workflows across channels

Organizations that document these processes are better positioned during examinations and regulatory reviews.

Four common social media compliance missteps

While every firm's social media program is unique, recent SEC examinations have identified four recurring compliance gaps that warrant immediate attention.

1. Inadequate oversight of testimonials and endorsements

Testimonials and endorsements remain among the most scrutinized aspects of investment adviser advertising — particularly on social media, where they appear as client comments, success stories, influencer content, employee advocacy posts and reposted third-party material.

The compliance challenge extends beyond simply identifying these communications. Firms need to ensure that review, disclosure and recordkeeping requirements are applied consistently throughout the content lifecycle.

Governance best practices include:

Pre-publication evaluation processes for testimonials and endorsements
Disclosure requirements clearly documented before posting
Ongoing monitoring after content is published
Archival processes that capture both content and approval records

2. Insufficient governance of influencer relationships

Financial influencers play an increasingly visible role in investor education and marketing. While these relationships help firms reach new audiences, they introduce additional compliance responsibilities that extend beyond individual campaigns.

Firms should establish documented processes for:

Promoter due diligence and qualification standards
Contractual obligations and compliance requirements
Content review procedures before publication
Ongoing communication monitoring and oversight
Supporting documentation and retention requirements

Without appropriate oversight, influencer-generated content can create compliance risks that extend far beyond the original campaign.

3. Treating recordkeeping as an afterthought

Many compliance programs prioritize reviewing published content. However, regulatory obligations often extend beyond the final communication.

Supporting documentation that may be equally critical during examinations includes:

Approval records and sign-off documentation
Disclosure statements and substantiation materials
Promotional agreements and contracts
Supervisory records and monitoring evidence
Platform administration logs and metadata

As social media programs expand across multiple channels, firms should evaluate whether their recordkeeping strategy captures the full communication lifecycle — not just the published post.

Organizations should be able to:

Capture and retain both published content and supporting documentation
Organize records across communication channels and platforms
Retrieve materials quickly during examinations
Demonstrate compliance through documented supervisory controls

Firms that cannot readily produce records may face challenges demonstrating compliance, even when appropriate controls exist.

4. Operating in organizational silos

Social media compliance cannot be owned exclusively by marketing or compliance teams. When these groups operate independently, gaps emerge in approval workflows, supervision processes and documentation practices.

Cross-functional responsibilities include:

Marketing teams driving audience engagement and content strategy
Compliance teams ensuring regulatory obligations are met
Records management teams overseeing retention and retrieval requirements
Legal teams providing guidance on disclosures and risk management

A coordinated governance model ensures compliance considerations are addressed before content reaches the public.

Building a sustainable social media governance framework

As digital marketing programs mature, firms should build governance processes that adapt as communication channels evolve.

A sustainable framework typically includes:

Documented policies and procedures defining roles, responsibilities, review requirements and escalation processes for social media communications
Risk-based review workflows that align oversight with the nature and risk level of content being published
Centralized recordkeeping that supports supervision, retention and retrieval requirements across all communication channels
Ongoing training and monitoring to identify potential issues before they become examination findings
Cross-functional collaboration among marketing, compliance, legal and records management teams to keep governance effective as marketing evolves

Frequently asked questions

Share this post!

Author
Recent Posts

Tiffany Magri

Senior Regulatory Advisor at Smarsh

As a Regulatory Advisor at Smarsh, Tiffany Magri monitors, evaluates and consults on the financial services regulatory landscape. Tiffany has more than 10 years of experience facilitating compliance with laws and regulations, policies, and risk management. Prior to joining Smarsh, Tiffany was a Senior Associate at Benefit Street Partners and a Compliance Analyst at Broadstone and Manning & Napier Advisors.

Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

Ready to enable compliant productivity?

Join the 6,500+ customers using Smarsh to drive their business forward.

watch it work