Compliance University is filling up fast! Why haven’t you signed up yet? Only 17 spots left. ENROLL NOW
Menu
Call
Contact
Blog

The SEC’s Focus on Off-Channel Communications: A Compliance Guide

off channel communications sec

I’m sure you’ve seen the latest round of firms, both BDs and RIAs, being fined by the SEC for failure to maintain accurate books and records specifically related to off-channel communications.

Think about anything that your firm produces.

When we talk about communications with an RIA, we’re talking about methods like snail mail or electronic communications.

Electronic is likely where the majority of communication happens at your firm. This can encompass things like:

  • Emails
  • Texts
  • Teams messages
  • Zoom
  • Social media
  • Website messages
  • Online Apps/Portals

Once you start adding it up, you realize that there are probably A LOT of different methods of communication that go through your firm.

What is considered off-channel communication?

Under rule 204-2, an RIA is required to maintain accurate books and records.

The general rule is that you are required to archive and supervise.

In 2021, the SEC started looking at how BDs and RIAs communicated internally with team members and externally with clients.

And what did they find?

Widespread and long term deficiencies when it came to archiving communications and supervising those communications.

Firms were utilizing platforms that weren’t pre-approved, like text messaging, WhatsApp, Snapchat, and other messaging apps. These firms either did not have policies in place or they weren’t being followed by all staff.

Communications that fall under the SEC’s recordkeeping rule could be something as simple as direct messages between executives, or among owners. Banter about what’s going on inside the firm.

It could also be communications with clients, other colleagues, or advisors in the firm.

These communications could be generated by other applications. For example, a calendar app. If the calendar app sends out notifications to cell phones or email addresses, these are all communications for which you’re accountable.

The problem is that technology has changed so much in recent years. It’s streamlined and makes communications easier, more effective, and more efficient.

Now more than ever, advisers are using cell phones, texting apps, vendor apps, etc. to communicate with each other and their clients.

They are using ways to communicate that aren’t approved.

This is what the SEC is referring to as off-channel communications.

 

Recordkeeping Failures in Recent Years

Off-channel communications are communications happening through unapproved methods that are otherwise required to be archived and supervised. The SEC will cite you for a failure to implement effective policies and procedures that would have otherwise caught these issues and mitigated them.

This recent enforcement action is huge — 26 firms were fined over $390 million related to off-channel communications issues.

  • Ameriprise Financial Services, LLC agreed to pay a $50 million penalty
  • Edward D. Jones & Co., L.P. agreed to pay a $50 million penalty
  • LPL Financial LLC agreed to pay a $50 million penalty
  • Raymond James & Associates, Inc. agreed to pay a $50 million penalty
  • RBC Capital Markets, LLC agreed to pay a $45 million penalty
  • BNY Mellon Securities Corporation, together with Pershing LLC, agreed to pay a $40 million penalty
  • TD Securities (USA) LLC, together with TD Private Client Wealth LLC and Epoch Investment Partners, Inc., agreed to pay a $30 million penalty
  • Osaic Services, Inc., together with Osaic Wealth, Inc., agreed to pay an $18 million penalty
  • Cowen and Company, LLC, together with Cowen Investment Management LLC, agreed to pay a $16.5 million penalty
  • Piper Sandler & Co. agreed to pay a $14 million penalty
  • First Trust Portfolios L.P. agreed to pay an $8 million penalty
  • Apex Clearing Corporation agreed to pay a $6 million penalty
  • Truist Securities, Inc., together with Truist Investment Services, Inc. and Truist Advisory Services, Inc., which self-reported, agreed to pay a $5.5 million penalty
  • Cetera Advisor Networks LLC, together with Cetera Investment Services LLC, which self-reported, agreed to pay a $4.5 million penalty
  • Great Point Capital, LLC agreed to pay a $2 million penalty
  • Hilltop Securities Inc., which self-reported, agreed to pay a $1.6 million penalty
  • P. Schoenfeld Asset Management LP agreed to pay a $1.25 million penalty
  • Haitong International Securities (USA) Inc. agreed to pay a $400,000 penalty

Don’t make the mistake of thinking big fines are just for big firms.

Schoenfeld Asset Management has 1.8 billion in AUM. Their fine was over $1 million dollars. That’s a significant fine for a firm that size.

Earlier this year, a standalone RIA was charged $6.5 million for using personal texting platforms.

Just before that, another group of 16 firms was fined over $80 million for failure to maintain and preserve electronic communications.

  • Northwestern Mutual Investment Services LLC (NMIS), together with Northwestern Mutual Investment Management Co. LLC (NMIM) and Mason Street Advisors LLC (Mason Street) (collectively, Northwestern Mutual), agreed to pay a $16.5 million penalty;
  • Guggenheim Securities LLC (Guggenheim Securities), together with Guggenheim Partners Investment Management LLC (GPIM) (collectively, Guggenheim), agreed to pay a $15 million penalty;
  • Oppenheimer & Co. Inc. (Oppenheimer) agreed to pay a $12 million penalty;
  • Cambridge Investment Research Inc. (CIR), together with Cambridge Investment Research Advisors Inc. (CIRA) (collectively, Cambridge), agreed to pay a $10 million penalty;
  • Key Investment Services LLC (KIS), together with KeyBanc Capital Markets Inc. (KBCM) (collectively, Key), agreed to pay a $10 million penalty;
  • Lincoln Financial Advisors Corporation, together with Lincoln Financial Securities Corporation (collectively, Lincoln), agreed to pay an $8.5 million penalty;
  • U.S. Bancorp Investments Inc. (U.S. Bancorp) agreed to pay an $8 million penalty; and
  • The Huntington Investment Company (HIC), together with Huntington Securities Inc. (HSI) and Capstone Capital Markets LLC (Capstone) (collectively, Huntington), which self-reported, agreed to pay a $1.25 million penalty.

The big message to take from all of this is…

This is just the beginning.

Continue to expect more firms to be held responsible for these failures to maintain accurate books and records.

 

What can Investment Advisers and Broker-Dealers Do to Stay Compliant?

As the SEC intensifies its scrutiny on off-channel communications, it’s crucial for investment advisers and broker-dealers to proactively strengthen their compliance frameworks.

Here are some actionable steps firms can take to ensure they remain compliant:

1. Review and Update Compliance Policies

Think about all the ways that your firm might communicate. Let’s use a simple example, like text messaging. Everyone does it – so would you allow it in your firm?

And if so, how will you ensure that you capture those communications between your advisors, clients, and internal teams?

Firms need to critically assess and revise their compliance policies to explicitly address all off-channel communications. This review should include guidelines on the use of personal devices and messaging apps, ensuring that all communications are archived and supervised as required by law.

2. Leverage Technology Solutions

To effectively monitor communications, firms should deploy existing technology solutions that integrate text messaging and other off-channel methods into their compliance surveillance programs. Tools like MyRepChat can help archive and supervise these communications, providing a secure option for advisers to communicate with clients and colleagues.

3. Offer Company Devices

Consider providing employees with company-owned cell phones to facilitate better oversight of communications. By using tools like Teamly, firms can audit these devices and ensure that communications are compliant with regulatory requirements. Employees must also sign attestations confirming their use of approved messaging platforms.

4. Implement Comprehensive Training

Training is essential. Many compliance failures can be traced back to a lack of employee awareness regarding communication policies. Conduct regular training sessions that educate staff about the importance of archiving all communications, including internal discussions among executives. This training should cover the nuances of distinguishing personal conversations from professional ones, especially given the personal relationships advisers often have with clients.

5. Conduct Regular Audits

Perform audits across various communication channels, including social media, emails, and internal messaging platforms. Engage with employees to understand their communication habits and identify potential compliance gaps. Regular audits and mock exams help ensure policy adherence and can uncover areas needing improvement.

6. Establish Monitoring Alerts

Set up automatic alerts that notify compliance officers of any communications outside approved channels. This proactive approach helps identify potential issues before they escalate.

7. Create a Culture of Compliance

Foster an organizational culture that prioritizes compliance. Ensure all employees understand they are held to the same standards as larger firms. Regularly communicate the serious implications of non-compliance, including the potential for significant fines and reputational damage.

 

Staying Ahead in Regulatory Compliance

You already know compliance is not optional.

Every firm, regardless of size, operates under the same regulatory framework.

By making informed decisions about communication methods and investing in training and technology, firms can mitigate risks and ensure they are well-equipped to meet regulatory expectations.

Remember, failing to address compliance effectively can lead to costly repercussions—so take action now to safeguard your firm’s future.

Get compliant. Stay compliant.

Contact My RIA Lawyer to learn more.

Author Bio

Leila Shaver is the Founder of My RIA Lawyer, a law firm that provides compliance and legal consulting for financial institutions. With extensive experience as a securities attorney and compliance expert, she has served as Chief Compliance Officer and General Counsel to RIAs, BDs, and TAMPs with billions in assets under management.

Leila understands the challenges RIAs face and is committed to helping RIAs streamline their processes, mitigate risks, and ensure compliance with regulatory requirements. She received her Juris Doctor from Atlanta’s John Marshall Law School and is a West Georgia Young Lawyers’ Association member. Leila has received numerous accolades for her work, including the Carroll County Bar Association’s Outstanding Young Lawyer Award in 2017.

LinkedIn | State Bar Association | Avvo | Google