© 2018 Financial Industry Regulatory Authority, Inc. All rights reserved. 1
Social Media and Digital Communications Tuesday, May 22 3:00 p.m. – 4:00 p.m. FINRA and industry experts discuss the guidance provided in FINRA Regulatory Notice 17-18. Panelists address how firms have implemented the guidance and respond to follow-up questions. The panel also looks at emerging areas, such as how firms can stay in compliance when marketing online offerings as well as data privacy and protection. Moderator: Amy Sochard Senior Director FINRA Advertising Regulation Panelists: Evan Charkes Managing Director and Associate General Counsel Bank of America Merrill Lynch Robert Salvador Chief Compliance Officer Motif Nubiaa Shabaka Global Head of Cybersecurity Legal and North America Head of Privacy and Data
Protection Legal Morgan Stanley
© 2018 Financial Industry Regulatory Authority, Inc. All rights reserved. 2
Social Media and Digital Communications Panelist Bios: Moderator: Amy C. Sochard is Senior Director in FINRA’s Advertising Regulation Department. The department protects investors by ensuring broker-dealer members of FINRA use advertisements and other sales communications that are fair, balanced and not misleading. Ms. Sochard leads the department’s complex and targeted review activities. She also serves as liaison to FINRA departments involved in examinations, including the departments of Enforcement and Member Regulation. In addition, Ms. Sochard oversees staff dedicated to the routine review of communications filed with the department by broker-dealers. Ms. Sochard assists in the development of rules and interpretations for communications with the public and social media, and she routinely speaks at industry events on these topics. Prior to joining FINRA’s predecessor (NASD), Ms. Sochard worked with a real estate syndication firm in Washington, DC. She received a bachelor’s degree with distinction in English from the University of Virginia and studied poetry writing at Columbia University. Panelists: Evan Charkes is Managing Director and Associate General Counsel for Bank of America, and supports the US Merrill Lynch Wealth Management business, including social media and mobility programs. Mr. Charkes is also Chief Counsel to the Firm’s Private Banking and Investment Group, which services the wealth management needs of ultra-high new worth clients. Mr. Charkes has spent a significant portion of his career supporting wealth management businesses, including at Citi, where he was a Managing Director and Deputy General Counsel for its Global Wealth Management business. Mr. Charkes has also spent a portion of his career supporting banking related businesses for global banks, including as a Director of Financial Holding Company Compliance for Morgan Stanley, and as a Deputy General Counsel for Citi’s Commercial Business Group. Mr. Charkes started his career as a litigation associate in private practice in New York City. Mr. Charkes is currently the Vice Chair of FINRA’s National Adjudicatory Council and a former member of the FINRA Compliance Advisory Committee and FINRA International Committee. Mr. Charkes also formerly served for several years as the co-chair of the SIFMA Compliance and Regulatory Policy Committee and SIFMA Self-Regulation and Supervisory Practices Committee, and has been a frequent speaker at the SIFMA Compliance & Legal Society annual seminar. He has contributed articles to the New York Law Journal and Wall Street Lawyer. Mr. Charkes is an Adjunct Professor at the Elisabeth Haub School of Law at Pace University and teaches securities regulation. He is a member of the Board of Directors of the Pro Bono Partnership, a non-profit organization that provides legal services to nonprofit organizations in Connecticut, New Jersey and New York. Mr. Charkes is a graduate of Georgetown University Law Center and Columbia College. Bob Salvador is Chief Compliance Officer at Motif Investing, Inc. and Motif Capital Management, Inc. Mr. Salvador has 20 years of compliance experience and more than 26 years in financial services across the brokerage, investment advisor, and banking industries. He was responsible for developing comprehensive compliance programs for Motif’s broker dealer and investment advisor businesses. Mr. Salvador had previously been at the ground floor of developing compliance programs at E*TRADE and new business lines at Charles Schwab. Mr. Salvador is a member of FINRA’s West Region Committee and a Certified Regulatory and Compliance Professional™. Nubiaa Shabaka serves as Global Head of Cybersecurity Legal and North America Head of Privacy and Data Protection Legal at Morgan Stanley in New York City where she is an Executive Director in the Global Technology, Data Protection and Sourcing Law Group. Ms. Shabaka also handles of variety of information technology and Internet-related matters, including mobile initiatives and social media. Ms. Shabaka is Co-Chair of the Firm’s Social Media Committee. Prior to joining Morgan Stanley in January 2008, Ms. Shabaka was an associate in the Technology, Media, Communications and Intellectual Property Law Group in Proskauer Rose’s New York office. She earned a Bachelor of Arts, magna cum laude, from New York University and a Juris Doctor from Harvard Law School. She also serves on the Board of The Museum of Contemporary African Diasporan Arts (MoCADA).
2018 FINRA Annual ConferenceMay 21 – 23, 2018 • Washington, DC
Social Media and Digital
Communications
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Moderator
Amy Sochard, Senior Director, FINRA Advertising Regulation
Panelists
Evan Charkes, Managing Director and Associate General Counsel, Bank of America Merrill Lynch
Robert Salvador, Chief Compliance Officer, Motif
Nubiaa Shabaka, Global Head of Cybersecurity Legal and North America Head of Privacy and Data Protection Legal, Morgan Stanley
Panelists
1
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Under the “Schedule” icon on the home screen,
Select the day,
Choose the Social Media and Digital Communications
session,
Click on the polling icon:
To Access Polling
2
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Understand how some firms have addressed the compliance and supervision considerations raised by the evolution of social media and digital communications including the rise of mobile technology;
Apply practical compliance approaches to messaging technology, the use of personal social media for brand advocacy, the adoption of third-party content via hyperlinks, and the growing use of advertising that mimics the communication channel in which it appears (also known as, “Native Advertising”); and,
Implement steps to help address data privacy and cybersecurity concerns when supervising social media and digital communications.
By the end of this session, you will be able to:
3
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
1. What is your biggest concern today in the social media space?
a. Reps embarrassing themselves or the firm with “business inappropriate” posts.
b. Reps posting false or misleading content about their securities business.
c. Reps using unauthorized social media accounts that our firm cannot supervise or retain records for.
d. Inadvertent sharing of personal information such as account numbers and investment details.
e. Cyberattack on a client or the firm using our social media.
4
Polling Question 1
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Supplements, but does not replace, Regulatory Notice
10-06 and Regulatory Notice 11-39.
Responds to recommendation for more guidance
arising from FINRA’s Retrospective Review.
Public Communications Committee provided
significant advice and assistance.
5
Regulatory Notice 17-18
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
2. Does your firm permit representatives to use instant
messages, text messages or messaging apps in
communicating either internally or with customers?
a. Yes
b. No
c. Not sure
6
Polling Question 2
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Firms must retain records of messages pertaining to
their business as such in accordance with SEA Rules
17a-3 and 17a-4 and FINRA Rule 4511.
Compliance approaches
Instant messages
Text messages
Messaging apps
Messaging: Regulatory Notice 17-18
7
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
A firm prohibits the use of text messaging for
business purposes.
How should the firm address the risk that a customer might
initiate contact with a representative via text message?
What about a personal exchange between a representative and
an acquaintance on email or social media where the
acquaintance initiates a business discussion?
Case Study
8
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
In a personal communication an associated person may share or link to content that the firm makes available that does not concern the firm’s products or services without subjecting the communication to FINRA Rule 2210.
Content Examples: information about the firm’s sponsorship of a charitable event, a human interest article, an employment opportunity, or employer information covered by state or federal fair employment laws.
Personal Communications: Regulatory Notice 17-18
9
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
3. What issues should compliance consider first when
helping a firm develop a program that encourages
associated persons to share firm job openings on
their personal social media?
a. Data Privacy and Protection
b. Employment Law
c. Training and Supervision
d. Cybersecurity
10
Polling Question 3
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
By linking to or sharing specific content posted by an
independent 3rd-party, a firm has adopted the specific content
and must ensure it complies with the communications rules.
Linked content may contain its own links (“secondary links”). A
firm is not responsible for the content available through such
secondary links provided:
The firm has no influence or control over the content accessed
through the secondary links; and,
The original linked content was not merely a vehicle for secondary
links or did not rely completely on the information available at the
secondary links.
11
Hyperlinks and Sharing: Regulatory Notice 17-18
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
A firm may post an ongoing link to a section of an independent 3rd-
party website, and will not have adopted that content, if:
The link is continuously available and accessible regardless of whether
the linked site contains content favorable to the firm and regardless of
whether the independent 3rd-party updates or changes its website;
The firm does not have influence or control over the independent 3rd-
party website;
The language introducing the link complies with the communications
rules; and,
The firm has not knowingly linked to false or misleading content.
12
Ongoing Website Links: Regulatory Notice 17-18
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Native Advertising has been defined as advertising content that matches the form and function of the platform on which it appears.
Firms may use native advertising that is fair, balanced, not misleading and complies with applicable communications rules, including disclosure of the firm’s name.
Influencer advertising may require more scrutiny and disclosure in order to comply.
Native Advertising: Regulatory Notice 17-18
13
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Unsolicited 3rd-party comments on a firm’s social
media account generally are not deemed the firm’s
communication.
However, liking or sharing favorable comments will be
deemed adoption of the comments by the firm.
Testimonial disclosures
Advisers Act considerations
14
Testimonials & Endorsements: Regulatory Notice 17-18
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Social Media Supervision: Static vs. Interactive
FINRA Rule 2210 establishes different supervisory standards for static versus interactive retail communications.
Static Content such as blogs or profile information may require approval of a registered principal prior to use and may require filing with FINRA.
Interactive Content may be supervised flexibly in accordance with firm’s written supervisory procedures, not subject to the filing requirements.
15
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Supervision Reminder: Regulatory Notice 11-39
Registered principal must review prior to use any social media site
intended for business use in the form it will be launched.
May only approve sites if the principal has determined the
associated person can and will comply with applicable rules.
If procedures don’t require prior approval of interactive content,
must:• Train personnel on the procedures;
• Conduct surveillance reviews to test compliance;
• Document the training and reviews; and
• If problems are found, document findings and corrective actions
taken.
16
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
4. How does your firm supervise representatives’
participation in social media in terms of content?
a. We have internal staff trained to monitor for, identify and
review both new accounts and new posts.
b. We have outsourced this task.
c. We use automated alerts that notify us of new content they
post, including new social channels they use.
d. We prohibit representatives from participating in social
media beyond static profiles and pre-approved content.
17
Polling Question 4
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
FINRA Rule 2210(d)(8) requires firms’ websites to
include a readily apparent reference and hyperlink to
BrokerCheck on:
BrokerCheck Rule
18
(1) the initial web page that the firm
intends to be viewed by retail
investors; and,
(2) any other web page that includes
a professional profile of one or more
registered persons who conduct
business with retail investors.
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
The BrokerCheck link is not
required for social media or apps.
If an app accesses a webpage
subject to the rule, the firm must
ensure the BrokerCheck link
remains readily apparent when
displayed on a mobile device.
BrokerCheck Interpretation: Regulatory Notice 17-18
19
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
Data Privacy and Protection
Cybersecurity
20
Integrating Risk Management Into Compliance
FINRA Annual Conference | © 2018 FINRA. All rights reserved.
What does the future look
like for social media and
digital communications
compliance?
21
The Future
2018 FINRA Annual ConferenceMay 21 – 23, 2018 • Washington, DC
Questions & Answers
22
© 2018 Financial Industry Regulatory Authority, Inc. All rights reserved. 1
Social Media and Digital Communications Tuesday, May 22, 2018 3:00 p.m. – 4:00 p.m. Resources
FINRA
Regulatory Notice 17-18: Social Media and Digital Communications, Guidance on Social Networking Websites and Business Communications (April 2017) www.finra.org/sites/default/files/notice_doc_file_ref/Regulatory-Notice-17-18.pdf
Regulatory Notice 15-50: SEC Approves Rule Requiring Members’ Websites to Include a Readily Apparent Reference and Hyperlink to BrokerCheck (December 2015) www.finra.org/sites/default/files/Notice_Regulatory_15-50.pdf
Regulatory Notice 11-39: Social Media Websites and the Use of Personal Devices for Business Communications (August 2011) www.finra.org/sites/default/files/NoticeDocument/p124186.pdf
Regulatory Notice 10-06: Guidance on Blogs and Social Networking Web Sites (January 2010) www.finra.org/sites/default/files/NoticeDocument/p120779.pdf
Securities and Exchange Commission
National Exam Program Risk Alert, Volume IV, Issue 5, August 7, 2017: Observations From Cybersecurity Examinations www.sec.gov/files/observations-from-cybersecurity-examinations.pdf
IM Guidance Update, March 2014, No. 2014-04: Guidance on the Testimonial Rule and Social Media www.sec.gov/investment/im-guidance-2014-04.pdf
IM Guidance Update, March 2013, No. 2013-01: Filing Requirements for Certain Electronic Communications www.sec.gov/divisions/investment/guidance/im-guidance-update-filing-requirements-for-certain-electronic-communications.pdf
© 2018 Financial Industry Regulatory Authority, Inc. All rights reserved. 2
SEC Release Nos. 34-58288; IC-28351, Commission Guidance on the Use of Company Web Sites (August 7, 2008) www.sec.gov/rules/interp/2008/34-58288.pdf
SEC Release No. 34-47806, Electronic Storage of Broker-Dealer Records (May 12, 2003) www.sec.gov/rules/interp/34-47806.htm
Federal Trade Commission (FTC)
Native Advertising: A Guide for Business (December 22, 2015) www.ftc.gov/tips-advice/business-center/guidance/native-advertising-guide-businesses
Commission Enforcement Policy Statement on Deceptively Formatted Advertisements (December 22, 2015) www.ftc.gov/system/files/documents/public_statements/896923/151222deceptiveenforcement.pdf
.com Disclosures, How to Make Effective Disclosures in Digital Advertising (March 2013)
www.ftc.gov/os/2013/03/130312dotcomdisclosures.pdf
United Kingdom, Financial Conduct Authority (FCA)
Finalised Guidance FG15/4: Social media and customer communications, the FCA’s supervisory approach to financial promotions in social media (March 2015) www.fca.org.uk/your-fca/documents/finalised-guidance/fg15-04