On Dec. 14, 2018, the SEC’s Office of Compliance Inspections and Examinations (OCIE) published its “Observations from Investment Adviser Examinations Relating to Electronic Messaging” Risk Alert. OCIE’s observations focused on whether and to what extent advisers complied with the Books and Records Rule and adopted and implemented policies and procedures as required by the Compliance Rule. To no one’s surprise, the key takeaway of the examinations was that use of electronic messaging by advisers is “pervasive,” and thus, advisers should implement policies and procedures to monitor and capture electronic communications consistent with certain best practices enumerated by OCIE in the Alert.
In our experience, many registered investment advisers prohibit the use of personal social media and email accounts for business purposes. While prohibiting the use of personal social media and email accounts for business purposes, advisers typically implement (i) training, (ii) limited testing of personal accounts, and (iii) required periodic certifications of adherence covering such prohibition. Where the investment adviser uses social media and email for business purposes, it is typically done through firm-provided, recorded, and monitored email and social media handles. In addition, the use of electronic messaging platforms can be uneven among investment advisers, with digital advisers leading the way in novel uses of electronic messaging platforms for business purposes. Among different types of investment advisers, many firms do not provide employees with laptops or cellphones, allowing employees to access firm systems from personal devices.
In light of the proliferation of electronic messaging platforms in recent years and the variety of ways in which advisers use these platforms, the SEC has sharpened its focus on the use of electronic messaging as a core element of the compliance programs of registered investment advisers. While electronic messaging presents new and unique challenges to advisers and compliance personnel, the universe of tools, services, and service providers available to oversee electronic messaging has also grown. For that reason, we believe it is incumbent upon compliance professionals to take to heart the OCIE recommendations contained in the Alert and, as with all elements of a modern compliance program, leverage personnel and technology to promote, monitor, and ensure that any permitted use of electronic messaging complies with the requirements of the Advisers Act.
The full text of the Alert can be found here.