staying ahead of the curve social media compliance 10-7-2010 - final

1

Staying Ahead of the Curve: Social Media Compliance

NRS 25th Annual Fall ConferenceScottsdale, AZ

National Regulatory ServicesLakeville, CT 6039www.nrs-inc.com

October 7th, 2010

2

Overview of Session

Where is Social Media Going? Regulatory Considerations Training – the Key to Effective Policy Monitoring – Two Important Reasons You Need to Do It Solution Providers – What to Look For How to Keep up with What is Going On Additional Resources

Where is Social Media Going?

Are you up to date on what is going on?

4

In the News

Google Wave is Dead – and Google Buzz is limping along Implications of Facebook/Twitter monopolies

Expansion of Facebook Connect on Web How long till the whole web is Social?

LinkedIn Upgrades Impact on LinkedIn Business Model of recent changes to be

more like Facebook Impact of Mobile on Social Networking What Localization means to the Spread of Social

Networking Think “Minority Report” Facebook Places

5

Where is Social Networking Going?

The internet and social networking will be the same in the future – our interactions in the cloud will be personalized and connected

Google vs. Facebook – the old paradigm vs. the new paradigm

The rate of change is only increasing The iPad sold 3 million in it’s first 80 days Facebook users went from 350 million to 500 million in just

over 6 months “Public is the New Private”

The Social Network Localization will have a huge impact on effective

advertising Targeted Approach finally reaching maturity - overtaking Blast

Approach11

6

Positive Uses of Social Networking Sites

SEC and FINRA are tweeting on Twitter

Groups on LinkedIn for professional networking, and

discussions generated from the Groups

Investment managers are developing Facebook pages,

including PIMCO and Vanguard

Firms are using LinkedIn for recruiting purposes

7

Positive Uses of Social Networking Sites

Communicating with clients, such as tweeting or sharing a

link to a newspaper article

Learning about clients by reading their postings

Greater ability to segment clients and service them based

on their needs

Searching for specific companies or individuals on LinkedIn

to locate prospective clients

Increased quality of prospecting through networks

Regulatory Considerations

A Quick Review of the Regulations Involved and What they Mean for Your Business

9

Regulators Are Paying Attention

Modern Methods; Old Scams

In June 2010, the SEC brought a complaint against a Canadian couple and two related companies purporting to be investment banks

Complaint alleged that fraudulently touted penny stocks on a personal website, Facebook page and Twitter

Failed to communicate that rosy predictions for touted stocks were accompanied by their sales of the very same stocks at pumped up prices based on hype they helped to create.

Charges include violations of Sections 17(a) and (b) of the Securities Act of 1933, Section 10(b)-5 of the Securities Exchange Act of 1934 and Rule 10(b)-5 thereunder

Though in this case they do not purport to be an adviser- COMPARE FACTS TO SEC v. CAPITAL GAINS from 1963!

10


Investment adviser rules concerning Advertising Privacy Supervision

Broker-dealers Correspondence Communications with the public Surveillance and supervision

Rules concerning insider trading Market manipulation Federal and state “holding out” and related

registration/notice concerns 1933 and 1934 Act public offering concerns Recordkeeping requirements

11

Regulatory Considerations - BDs

FINRA Guidance: Procedures- Have supervisory procedures, ensure

compliance and require annual training Get approval- Posted information regarding the firm’s

business is advertising and sales literature. As such, written principal approval is required prior to use and filing with FINRA

Follow regular communication rules- Among other requirements, information cannot be misleading and material facts must be disclosed

Keep a record- Like other advertising, posting on social networking sites must be maintained for three years from last use.

12

Regulatory Considerations - IAs

ADVERTISING Rule 206(4)-1 describes and details the various advertising

practices which the Commission views as being fraudulent, deceptive and/or manipulative within the meaning of the Advisers Act.

Pursuant to this rule, the following may not be contained in any advertisements by an investment adviser:

Testimonials concerning any advice or service of the adviser; References to past specific recommendations of the adviser which

were or would have been profitable to a person; Representations that any graphs, charts, or formula or device can be

used to determine which securities to buy or sell or when to buy or sell them unless accompanied by explicit disclosure regarding limitations;

Any representation that a service will be provided free of charge unless there is in fact no condition or obligation; or

Any untrue statement of a material fact or which may be false and/or misleading.

13


ADVERTISING (cont’d) The use of performance data in marketing materials is a

highly complex subject and is carefully scrutinized by the SEC.

Some states require that state registered advisers file marketing materials with the state before or shortly after “publication.”

14


Misuse of Inside Information Section 204A of the Advisers Act require investment advisers

to create, maintain, and enforce written supervisory procedures designed to prevent the misuse of non-public information.

Market Manipulation In light of the Berliner case (SEC Release No. 57774, May

2008), regulators are interested in firm controls to prohibit “rumor mongering” or the dissemination of false information on the market in order to capitalize on the effect of such dissemination for personal or client accounts.

Pump & Dump Schemes As in the case study discussed above

15


Recordkeeping Requirements The Books and Records rule (Rule 204-2(a)(7)) provides

that specific written communications must be kept including those relating to a) investment recommendations or advice given or proposed; b) receipt or delivery of funds or securities; and c) placing and execution of orders for the purchase or sale of securities.

All electronic communications are viewed as written communications, and the SEC has publicly indicated its expectation that firms retain all electronic communications for the required record retention periods. If a method of communication lacks a retention method, then it must be prohibited from use by the firm.

16


Supervision Under Section 203(e)(6), the SEC is authorized to take

action against an adviser or any associated person who has failed to supervise reasonably in an effort designed to prevent violations of the securities laws, rules and regulations.

This section also provides that no person will be deemed to have failed to supervise reasonably provided:

there are established procedures and a system which would reasonably be expected to prevent any violations;

and such person has reasonably discharged his duties and obligations under the firm's procedures and system without reasonable cause to believe that the procedures and system were not being complied with.

17


Other Miscellaneous

Privacy/confidentiality

Hedge funds and other private funds- potential loss of exemption

Compensation paid to solicitors who referred firm through social media and failed to deliver required disclosures

18


Compliance Programs

Rule 206(4)-7, the Compliance Program Rule makes it unlawful for an SEC adviser to provide investment advice to clients unless the adviser, among other things adopts and implements written policies and procedures reasonably designed to prevent violations by the firm and its supervised persons.

The Adopting Release of the Compliance Programs Rule urges each adviser, when designing policies and procedures, to identify conflicts and other compliance factors creating risk exposure for the firm and its clients in light of the firm’s particular operations and then to design policies and procedures that address those risks.

Firms should carefully assess risks when developing a policy and procedures to address use of social networking by firm and staff

19

Creating a Policy

Be sure policy addresses risks identified in your assessment If you are not sure where to start – look at other firm’s policies

(see additional info pages) Read up and learn from others on what has happened when

they instituted policies (Associated Press, ESPN) Your policy “right now” probably won’t be your policy a year

from now Try to be flexible in your wording – don’t just name the big three If you aren’t marketing via Social Media now – you might in the future Write to cover your current situation – plan to revise as things grow

and change Best Practices – Think about writing a policy that will refer to a

“Best Practices Guideline” – something that will be easier to add to, keep current, and will be easy for employees to refer to and clearly understand what they can and can not do.

See the sample policy provided in reference materials.

Training – The Key to Effective Policy

Is Everyone on the Same Page?

21

Rolling Out the Policy

Acknowledgement/Certification affirming policy (renew

annually)

Prepare an FAQ with real life examples to address the most

common questions

Make sure you have a plan on how to test it

Training, Training, Training

22

Training and Education

Once your policy is in place, you need to make sure your employees understand it

This is a complex topic so there will be lots of questions Use training as another tool to get more information on

possible usage of social media It is likely that employees may think of usage you didn’t know

was possible They can help you keep on top of changes Make sure you have an “open door” policy so that they feel

comfortable bringing up new questions on an on-going basis Education should be a continual process as social media is

a constantly moving landscape

23

Some things to Consider with Training

Frequency Since the landscape of Social Media changes so quickly, plan

smaller, more frequent training modules and tests Take advantage of topical news events – turn them into training

moments Consider Some Outsourcing

Already, firms are popping up with Social Media Training solutions. Brainstorming

Work with people who heavily use Social Media to think up as many questions and scenarios as possible to include as part of your testing

Situational vs. Multiple Choice While some questions may have simple yes/no answers, much

about the whole subject of social media usage is not black and white. So consider using scenario based questions to see if your staff is really understanding what they should and should not be doing.

24

Sample from a Training Presentation

From a Social Media Training Presentation by SalesForce.com*

We want to Encourage Employee Participation We Have to be Careful

“Try to Imagine your post plastered on a billboard for all the world to see”

Social Media Policy Provides Clear Rules #1 – Don’t Share Company or Financial Secrets #2 – Be Honest and Transparent

Do not contribute anonymously

#3 – Be Respectful No personal attacks, obscene language or ethnic slurs.

#4 – Don’t Make Forward Looking Statements #5 – Don’t Register Channels Without Consent Other tips for posting online

Think before you post – Adjust your privacy settings – Conversations are a two-way street

Who to Contact for Help Don’t be afraid to escalate questions –to PR, Social Media Team, Legal

•Slides and notes are available for download at http://www.slideshare.net/Salesforce/salesforce-social-media-policy-training

25

Example Test Questions

Can a client give you a Recommendation on LinkedIn? Can you Recommend a current client on LinkedIn? Can you share a story/link on current market volatility via

Facebook or LinkedIn? Can you share a story/link on a stock you like via Facebook or

LinkedIn? Can you “Like” a story on the Fed’s latest decision on

CNN.com? Can you include our firm’s website URL on your LinkedIn

profile? Can you comment publicly on discussions on LinkedIn? Can

you comment privately? Can you use your work email as your primary email for your

LinkedIn account? For your Facebook account? For your Twitter account? For other social media accounts?

26

Example Test Questions

A College Friend on Facebook sends you a message – he is opening a 529 for his child and wants to know if you can recommend some investments. What should you do?

A co-worker updates her status with “Working late again – Client “X” is a real slave driver – always demanding crazy deadlines”. Should you report this? If so – to whom?

You are on a discussion board and someone posts very negative comments about your firm. Should you post a reply to set him straight? Does this post you found constitute a “complaint” that should be reported to your compliance department?

A co-worker updates his status – “Going to dinner with John at Goldman Sachs – great possibilities brewing!”. Should you report this? If so – to whom?

A friend posts a link to an online article that has some kind comments about your firm. Can you “like” his post? Can you comment on it?

Monitoring

Two Important Reasons You Need to Do It

28

Monitoring the General Conversation

Conversations are being had about you, whether you participate in Social Networking or not

“Tell 2 Friends Factor” – In the past, if someone wanted to tell their friends about you (for good

or bad) they probably talked to anywhere from 1-10 people on average The “average” user on Facebook currently has 130 friends(1). And,

depending on their privacy settings and the settings of all their friends, the worst case scenario has one comment being viewed by nearly 17,000 people. And that is presuming that no one passes it along.

An interesting experiment was conducted recently by a gentleman named Blair Joss. With a network of 403 connections on LinkedIn, Joss posed the question of whether people actually read LinkedIn Status Updates. Within 3 days, over 350 people had commented on his status update and over 1,700 people said they “liked” his update.

Going Viral – Because of the number of connections people have and the ease of passing messages along, conversations can reach millions of people in a very short time

(1) Source: Facebook - http://www.facebook.com/press/info.php?statistics

29

Monitoring the General Conversation

Do you have Social Media accounts? Maybe you should! Having an account on these sites means you will understand

how they function As things change on these sites, with technology and privacy

updates, you will know right away Monitoring software

Googling is the minimum you should be doing Softwares are springing up all over with monitoring solutions

(see additional resource section for a short list) Use all the eyes and ears you can get

If your employees are on social media – enlist them to watch Have a process for immediately bringing it to your attention if

they see something

30

Additional Forensic Testing

Verify that all employees have provided signed acknowledgements of social networking policy

Verify that all employees’ attendance at mandatory training sessions is documented

Review publicly-viewable content for compliance Internet searches of employee names for unreported blogs

or networking posts “Google Alerts” Technical solutions and developments

Solution Providers

What to Look For

32

Things to Consider

Recordkeeping Integration with your existing systems

Workflow

Ease of Use

Outsourcing What can you handle internally? What services make more sense to

purchase?

Filtering Blocking certain aspects of social media for virus/malware protection

Scalability Does it support your current position on social media (if you are

passive)? Will it support what you might do (if you become more active)?

Cost

How to Keep Up with What is Going On

A Few Tips to Help

34

Leveraging Social Media and Web 2.0

Use Social Media to Keep Up with Social Media Join LinkedIn Groups

Don’t be afraid to throw questions out there and see if anybody answers!

Subscribe to Channels on Bright Talk Lots of great topical webinars – that you can attend live, or

watch the recordings later, at your convenience. Search Slideshare and Scribed for presentations and

whitepapers Subscribe to RSS Feeds

Read them via your favorite RSS Reader or your iGoogle or My Yahoo

Share useful links via your status updates Everyone benefits from sharing

Most of All – Schedule Time for these Tasks!

Additional Resources

Helpful links to more resources on the topic

36

Regulatory Resources

FINRA’s Guide to the Internet for Registered Representatives http://www.finra.org/Industry/Issues/Advertising/p006118

SEC Interpretation: Use of Electronic Media, Release Nos. 33-7856, 34-42728, IC-24426 (May 1, 2000)

Use of Electronic Media by Broker-Dealers, Transfer Agents, and Investment Advisers for Delivery of Information, Release Nos. 33-7288; 34-37182;IC-21945; IA-1562 (May 9, 1996)

Reporting Requirements for Brokers or Dealers under the Securities Exchange Act of 1934, Release No. 34-38245 (Feb. 5, 1997)

FINRA Regulatory Notice 10-06 - http://www.finra.org/web/groups/industry/@ip/@reg/@notice/documents/notices/p120779.pdf

FINRA webinar on Social Networking – available on demand - http://www.finra.org/Industry/Education/OnlineLearning/Webinars/P120758

37

Sample Policy

“The use of social networks for firm business and professional communications with clients is strongly discouraged. However, should employees find it necessary to discuss company business or otherwise communicate with clients through social networking, it is ABC Firm's policy that electronic communications or posts on social networks, blogs, posts, wikis, virtual worlds or other electronic platforms are treated as “written communications” for regulatory purposes and that such communications must always be of a professional nature. Employees must understand that business or client related comments or posts made through social media may be considered advertising under applicable regulations and must not be misleading, fraudulent, deceptive or manipulative and will require pre-approval by the CCO prior to posting.

Employees are reminded that the use of social media for personal purposes may have implications for ABC Firm, particularly where the employee is identified as an officer, employee or representative of the firm. No employee may post information pertaining to any security, investment strategy or similar information without pre-approval of a direct supervisor or the CCO.”

38

Policy Links

Examples of Social Media Policies – What to do – and Not to do IBM - http://www.ibm.com/blogs/zz/en/guidelines.html\ Intel - http://www.intel.com/sites/sitewide/en_US/social-media.htm Social Media Policy – The 6 Essentials -

http://www.govinfosecurity.com/articles.php?art_id=2833&opg=1 More On Policies

NY Labor & Employment Law Report – “A Few Tips for Drafting Social Networking Policies” -http://www.nylaborandemploymentlawreport.com/

Copy of Social Media Policy for the United Space Alliance – http://nasawatch.com/archives/2010/02/social-media-do.html

New Social Media Policy Database –examples of LOTS of policies http://www.compliancebuilding.com/2010/01/14/social-media-policies-database/

123 Social Media – List of over 30 companies social policies - http://123socialmedia.com/2009/01/23/social-media-policy-examples/

Social Media Governance –List of 148 policies http://socialmediagovernance.com/policies.php

39

A Few Helpful RSS Feeds

Mashable.com Socialware Blog - http://blog.socialware.com

All Things Digital (WSJ) - http://allthingsd.com/

Viralblog.com Investment Management Law (http://blog.cipperman.com/)

Kasina – Financial industry consultants on Web and Web

2.0 - http://kasina.com/blog/

Wired Magazine/Wired.com - http://www.wired.com/

Paidcontent.org Topic Specific feeds – Social Media, Media and Publishing,

Legal

40

LinkedIn Groups to Consider

BankInfo Security Forum – we may not be in the Banking business – but because of the strict regulations around it, watching what is going on with banking and security is a good way to keep on top of what may be coming – and to see best practices played out in their strict environment for dealing with Social Media

Social Media and Web 2.0 in Banking and Financial Services – the name says it all. There have been some interesting discussions there the last couple of months.

Compliance Week – they set up a LinkedIn Group to compliment their website.

Wired Advisor – Social Media/Web Marketing for Financial Advisors and Professionals – Wired Advisor provides different services for financial advisors that want to get into the social media space, and also hosts advisor blogs. Visit their advisor blog network showcase to see what others are doing - http://www.wiredadvisor.com/services/blog-network/showcase/

41

Technology Vendors

Technology Solutions targeted at Social Networking: Facetime.com – Unified Security Gateway -

http://www.facetime.com/ Socialware – The Social Middleware Company –http://

www.socialware.com/ Custom Marketing Words -

http://www.customcopysolutions.com/services/social-media-management/social-media-training/

42

Monitoring Software Vendors

http://infegy.com/socialradar.php www.Brandprotect.com www.Nielsen-online.com (buzzMetrics) www.Cymfony.com www.Jdpowerwebintelligence.com www.Radian6.com www.Scoutlabs.com www.Sociafyq.com www.sysomos.com/heartbeat www.visibletechnologies.com http://www.socialtalk.com/ http://spredfast.com/ http://www.visibletechnologies.com/trupulse.html http://www.viralheat.com/

May 13, 2010© 2005-2010 National Regulatory

Services

43

Interesting Presentations/Articles

Social Media is Dead – Long Live Common Sense http://www.slideshare.net/darmano/test-3505949?from=ss_embed

Why Banning Social Media Often Backfires – http://mashable.com/2010/04/13/social-media-ban-backfire/

10 Essential Social Media Tools for B2B Marketers - http://mashable.com/2010/04/08/b2b-marketing-tools/

Nobody can Stop Facebook Because Nobody Understands Facebook http://mashable.com/2010/04/27/nobody-can-stop-facebook/

Facebook Privacy Settings still Ignored by Many - http://mashable.com/2010/05/04/facebook-privacy-report/

What Facebook Open Graph Means for your Business - http://mashable.com/2010/05/05/facebook-open-graph-business/ May 13, 2010

© 2005-2010 National Regulatory Services

44

Examples of Conversations going Viral

Kevin Smith and SouthWest Airlines What does Kevin Smith mean for the Future of PR?

http://news.cnet.com/8301-13577_3-10454328-36.html United and David Carroll (and his Guitar)

‘United Breaks Guitars’ – Did it Really Cost the Airline $180 Million? http://www.huffingtonpost.com/2009/07/24/united-breaks-guitars-did_n_244357.html

United Airlines Complaint Song Breaks 1M Views in 4 Days http://www.huffingtonpost.com/andrew-cherwenka/united-airlines-complaint_b_229240.html

Bank of America and Ann Minch Bank of America learns that ignoring customer complaints has its price

- http://psstmarketing.wordpress.com/2009/09/23/bank-of-america-learns-that-ignoring-customer-complaints-has-its-price/

May 13, 2010© 2005-2010 National Regulatory

Services