Make social media part of your compliance plan

September 22, 2009 — 4:43 PM UTC by Les Abromovitz


As someone who writes about compliance issues for registered investment advisers (RIA), I tend to come across sounding a bit negative. At speeches and conferences for RIAs, I joke that my mission is to suck the creativity out of their advertisements and marketing campaigns. The joke doesn’t get much of a laugh so it’s either my delivery, which is a distinct possibility, or the fact that compliance issues can stop a brilliant marketing campaign in its tracks.

If you read my previous article dealing with the potential compliance pitfalls associated with the use of social media, you may feel I am discouraging RIAs from using it to communicate with clients and prospective clients. In fact, my goal is merely to encourage RIAs to err on the side of caution when they use Twitter, Facebook, Linkedin or other such websites.

Whether an advisor uses social media as a marketing tool — or just to communicate with existing clients – I want their firms to realize that they are required to adopt and implement written compliance policies and procedures that address the use of social media by the firm, as well as its investment adviser representatives (IARs).

Here are 10 specific points:

1. Policies and procedures must be tailored to how a firm uses social media. Regulators frown on the use of boilerplate ones. Those procedures should require your firm’s chief compliance officer (CCO) to monitor IARs’ use of social media. If a firm does not permit the use of social media for business purposes, that prohibition should be clearly stated in the RIA’s policies and procedures.

2. One Best Practice is to require your firm’s IARs and associated persons to sign forms stating that they are aware of this prohibition.

3. It is also a good idea for CCOs, or a designee, to independently investigate whether IARs and other individuals are making good on that promise.

4. If advisors are using social media as a marketing tool, that person must comply with advertising policies and procedures. It is a Best Practice for an RIA’s advertising policies and procedures to require the firm’s CCO to approve all advertisements before they are published, sent, or posted on the firm’s website. There should be no exception for social media.

5. Social media such as Facebook allow RIAs and other advertisers to post ads on profiles that appear in response to specified demographic information. CCOs should pre-approve the marketing messages utilized, as well as the content of the advertisements. Meta tags and keywords should also be reviewed by the firm’s CCO prior to their utilization and must not be false or misleading in any way. I only found out recently that meta tags were hidden text and not the name of heavy metal rock group.

6. Policies and procedures should also mandate that communications and advertisements using social media must be retained in accordance with the Books and Records Rule. Policies and procedures should distinguish between social media used for purely personal reasons and business uses. h2. Banning non-business social media is no regulatory panacea

7. An outright ban on non-business use of social media may present its own legal problems. Questions will inevitably arise as to whether social media is being used for social networking purposes or to market advisory services. For example, examiners may ask whether an IAR intends for their profile on LinkedIn to attract clients or for personal reasons, such as staying in touch with old friends or to pursue other employment. All restrictions on the use of social media should be reviewed with the RIA’s legal counsel.

8. Examiners are likely to look at how advisors use social media as much as their intent for social networking or business. For example, a profile that simply lists the name of the firm where an IAR works is less likely to be viewed as an advertisement than one where the individual details his or her achievements and the services offered by the company. IARs and other members of an RIA should refrain from any overt or subtle reference to their firm’s performance in LinkedIn profiles or when using other types of social media.

9. All client communications and advertisements using social media must be readily available for CCO review. RIAs should test their ability to retrieve all of these communications and advertisements. All content must be retained for five years as stipulated by the Books and Records Rule.

10. All instant messages and tweets to clients and prospective clients should be captured on the RIA’s server, or by an archiving service, and retained in accordance with the Books and Records Rule. Profiles and other forms of social media that are related to an RIA’s advisory services must also be retained for the requisite time frame.

Writer’s note: Does it sounds like I’m encouraging you to use social media then throwing down the gauntlet? I don’t mean to come across in that self-contradictory way. The truth is that in today’s regulatory environment, staying compliant in your practice is a complex and painstaking process, period. The use of social media – seemingly an afterthought — must be incorporated into how you handle this task. Social media can be a powerful new means of running and growing your business. I hope the 10 points I outline here make the regulatory challenge concrete enough to take in stride.

Les Abromovitz is a senior consultant for National Compliance Services, Inc. ( Les, an attorney, is the author of Growing Within the Lines: The Investment Adviser’s Advertising and Compliance Guide. He can be reached at 561-330-7645, Ext. 213, or

No other tags referenced

Mentioned in this article:

NCS Regulatory Compliance
Consulting Firm
Top Executive: Mark Alcaide, COO/Partner

Share your thoughts and opinions with the author or other readers.


Bob Ellis said:

September 22, 2009 — 5:22 PM UTC

Citi, Deutsche Bank & UBS fined $425,000 by FINRA for failure to supervise communications (not knowing who communicated with) through 3rd party web site.


Nevin Freeman said:

September 22, 2009 — 5:22 PM UTC

The following comments are in the order that they were posted, but have incorrect time-stamps as a result of me re-posting them manually after the loss of the original story to a database error.


Brooke Southall said:

September 22, 2009 — 5:28 PM UTC

The question I have after reading this column is how big a deal it is to get into trouble with regulators? Many people break the speed limit or make minor additions to their homes without a building permit. They do a quick cost-benefit analysis and decide they can amortize their losses and come out ahead in the long run. If I win 10 new accounts by making a few allusions to my good performance on Facebook, isn’t that worth the consequences?



Bob Ellis said:

September 22, 2009 — 5:29 PM UTC

Brooke: It is not worth it to “speed” on compliance matters, especially violations of the advertising rules. My experience is that the typical fine is around $50,000, split between the advisor and his/her supervisor or firm. More importantly, licenses are personal responsibility, and “tickets” can show up on CRD and need to go on U-4s and U-5s. In egregious cases, loss of licenses, such as for false performance data, can occur. And it is not juts the rep or advisor who can lose their license; it is the Principal and the Compliance officer. That is a lot of penalties for a little “speeding.”

BTW, Les might now of specifics, but as Twitter and Linked-in use non-firm servers, as do AOL, hotmail and gmail, how are they archiving business-related communications to be reviewed by a compliance person?


Bruce Johnston said:

September 22, 2009 — 5:30 PM UTC


Great articles on the use of social media tools within the RIA community. Your first article prompted me to post a blog: “Social Media Nets NEW AUM for RIA”,accessible here:

As Erik Qualman states in his new book “Socialnomics”: “Socialnomics is a massive socioeconomic shift. Yet, some of the core marketing and business principals of the last few centuries will still apply; whilst other basic principals will become as extinct as the companies that continue to try to force them on the unwilling public”.

Keep up the great work and insights.



Brooke Southall said:

September 22, 2009 — 5:31 PM UTC


Thank you for giving me the answer that I suspected was forthcoming.

I chose to play devil’s advocate because I suspect that human nature may
lull some advisors into wishful thinking.

It would be easy to convince yourself that social media is harmless and and that its vituality extends to the law…especially since there has yet to be a well-publicized case of an RIA getting into regulatory trouble because of it.

RIAs are in such a good position in the marketplace and in life. No reason to hazard that advantageous position by careless use of social media.



Les Abromovitz said:

September 22, 2009 — 9:27 PM UTC

When it relates to an RIA’s fiduciary obligations to clients and prospective clients, and violations of the Investment Advisers Act, there are no minor infractions. In view of recent events, I expect the SEC to be less forgiving than it might have been in the past, especially if the RIA knew it was violating the rules. And once you are perceived to be a firm that pushes the envelope when it comes to compliance, you’re less likely to be forgiven when you make a truly innocent mistake.

I was at a conference on Monday that was attended by representatives from the SEC. One speaker mentioned that the SEC sometimes uses enforcement actions to send the message to the investment management community that the Commission won’t tolerate certain types of conduct. Why risk the possibility that the SEC will send a message to other RIAs by coming after you? The best approach for any RIA is to send the message to all of your IARs and associated persons that your firm has established a culture of compliance.

With regard to Bob’s comment, there are companies that offer social media archiving services. I met a gentleman from a company called Smarsh at the conference. According to their marketing materials, they have the ability to save tweets and other forms of social media for RIAs. Tweets and other messages can be indexed, searched, and produced on demand. Since my solution to every technology challenge is to reboot, RIAs will have to check out these companies for themselves.


Kevin Dinino said:

September 24, 2009 — 7:46 PM UTC


A great read and I advocate my advisor clients to use social media as another way to market their business and any “news” they have created of late. If they can land one new client because of a compliance approved Facebook business page, then by all means it’s a success. Facebook is just a new channel to market your practice. One interesting point as well is that Facebook/Twitter have massive search engine optimization so a simple Google search on your firm would yield your Facebook or Twitter pages very prominently. Advisors should ask their custodian/BD on the rules at play, most BD’s now have specific steps to take regarding social media.

Kevin Dinino,
KCD Public Relations


John Drachman said:

October 5, 2009 — 3:08 PM UTC

Very enlightening. Thank you.

Our RIA business development firm,, recently proved how a thought leadership curriculum with some social media outreach can result in measurable new business. For those RIAs interested in a recent and real case history on how this works, simply “google social media nets new aum” and read about Chuck Steege’s success at SFG Advisors.


Mike Byrnes said:

October 25, 2010 — 4:06 AM UTC

Like it or not, the trend is for more and more communications to go online, whether it be newspapers, TV or even face-to-face interactions. This isn’t because people are being forced to change, this is because of their individual preferences.

What does it all mean? Social media will become increasingly more important in the years to come.

With that said… A majority of advisors are not getting over the compliance hurdle and thus are at a competitive disadvantage.

Mike Byrnes, President, Byrnes Consulting,

Submit your comments: