Compliance: Focus for
Firms in 2023
A 2022 Finserv Compliance Benchmark Report from Hearsay Social indicates 42% of respondents, including RIAs and independent broker/dealers, expect to increase compliance staff in the next year. According to Hearsay Compliance Principal Bill Simpson, an aggressive regulatory push by the SEC is behind this ‘major shift’ in firms adding these unprecedented compliance resources. Two key areas of concern cited by compliance leaders included the new SEC marketing rule and additional challenges with advisor off-platform messaging in the wake of the 2022 SEC Whatsapp fines.
In 2023, RIAs can continue to expect regular audits, which tend to occur once every two to five years. Firms of all sizes are equally subject to an audit, with the SEC examining 16% of RIAs and 47% of broker-dealers in the past year – and this is likely to ramp up. The SEC’s 2023 budget request of $2.15 billion is $240 million more than 2022, with plans to add 90 new positions, including 34 to monitor investment advisors and 25 for broker-dealer Reg BI compliance.
For RIAs, this means doubling down on your compliance readiness. One often overlooked area of opportunity resides in having the best technology to support increasing compliance demands. The right tech stack will enable firms to do more with less: providing broader oversight, better record-keeping capabilities, and deeper audit support. As your RIA approaches compliance demands in 2023, there are four things we suggest keeping in mind.
1. Know the rules –
Whether it’s about archiving, cybersecurity protections, or the new marketing rule, advisors have a lot to digest. In fact, nearly eight out of 10 respondents called the new SEC marketing rule their top concern in a new survey from the Investment Adviser Association. It was also the second consecutive year that compliance professionals named advertising and compliance as their primary concern in the IAA’s annual Investment Management Compliance Testing Survey.
The new SEC marketing rule went into effect on November 4, 2022. The new rule allows for the use of client testimonials and endorsements after meeting specific disclosure requirements. It defines a “testimonial” as statements made by a current client or private fund investor. Alternatively, an “endorsement” is made by a person other than a current client or private fund investor. Adding SEC-compliant testimonials and endorsements into your marketing messages requires advisors to “clearly and prominently” address material conflicts of interest and compensation arrangements. More specifically:
- Identify whether this is a testimonial or endorsement (as defined above);
- Note whether cash or non-cash compensation was provided (if applicable);
- Include a brief statement of any material conflicts of interest on the part of the person giving the testimonial or endorsement, citing if this was as a result of the investment advisors’ relationship with such person, and noting specifically how they are to be (or were) compensated (the terms and amount).
The exact rule language from the SEC can be found here.
2. Archive everything –
Another critical focus for advisors is SEC’s rule 204-2, which requires RIAs to retain books and records of all marketing and advertising for no less than five years. In keeping with this rule, advisors should embrace technology that can store and catalog this information appropriately. There’s also a difference between “backing-up” and “archiving.” The first refers to ensuring a copy of your data is accessible in the event of a data loss, and the latter refers to long-term data storage off the primary system in order to prevent overwriting or compromising the data.
Some RIA archiving essentials include:
- Develop a system for archiving – write out policies and regularly review and update them.
- Leverage technology – avoid extra and unnecessary manual effort by identifying a solution that will automatically monitor and save your emails, social posts and more.
- Ensure your CRM is archiving – most offer this today, but you need to double check its functionality. Make sure it’s turned on and working!
- Set an annual review date – this will serve as a reminder to check functionality, ensure everything is logging accordingly, and creates an opportunity to identify time-saving enhancements.
- Regulate the essentials – Some types of communication don’t require archiving. These include personal non-advisory business messages and files such as vacation photos or volunteer work. Third-party communications like unsolicited and unpaid comments made by someone outside the company are also not subject to regulation.
Remember to keep it simple. Advisors should try to leverage only one primary tool to store and manage your archiving needs.
3. Adopt a robust cybersecurity plan –
Cybersecurity remains one of the most pressing challenges for financial advisors today, with 67% of the aforementioned IAA survey respondents noting high concern over this topic. Client trust can be completely eroded in the wake of a cyber-attack, a focus on cybersecurity should be paramount to any financial practice. Fortunately, there are many safeguards that advisors can build to protect their business, including a comprehensive cybersecurity plan.
Done correctly, a cybersecurity plan will not only fulfill your fiduciary duty to clients by protecting their information, but also keep your business compliant and operating without interruption. Your cybersecurity plan should include security awareness training for all staff (including an email phishing attack simulation) and a firm-level technology inventory and risk assessment.
4. Ensure your social media strategy adheres to regulations –
Social media can create value and opportunity for your firm. Advisors utilize social media strategies to drive traffic to their website, advertise and generate leads, communicate with clients, and increase brand awareness. A key aspect of launching any social media strategy is ensuring an understanding of the rules (like SEC 206 (4)-1) to ensure proper planning, execution and archiving. Once that’s established, firms should instill a set of guidelines of which the firm and employees will agree to adhere. Once firms have established this groundwork, the process can be defined, optimized and automated. There are many tech tools that can assist with this and that also ease the burden on compliance teams.
When building out your social media strategy, firms should consider:
- Social media posts are a direct reflection on your firm. Creating time and space in the review process can prevent costly mistakes.
- Creating a tailored process for creating and posting within clear firm guidelines.
- Which tools will simplify compliance demands and allow advisors to operate efficiently.
Now is the time for your firm to consider which technology tools are prepared to support your added compliance needs. Certain features and benefits may take on a new precedence, such as SEC-compliant chat. But going beyond this, consider the importance of having thorough access to archived messages. When audit time comes around, firms need to trust their technology partner. Most firms can’t keep every archived file on hand – and this is where the dedicated team at AssetBook can become incredibly valuable.
Clients benefit from AssetBook’s comprehensive and customizable solutions, such as Pulse and Valian, which include dedicated support for advisors when they need it most. An audit can be stressful but having the right tech partner means less worry and greater confidence. Switch to a platform that has your back, request a demo with AssetBook here.