Compliance Q&A: Supervising dually registered reps
Q: I’m a compliance officer for a small broker-dealer. Some of our registered reps are dually registered as investment adviser representatives at their own, unaffiliated RIA firms. The trades they place for their RIA clients are executed through another brokerage firm. Nevertheless, FINRA rules require that we supervise the reps’ activity. How should we address the privacy issue?
A: Regulation SP requires that financial institutions that provide nonpublic client information to unaffiliated third parties must notify the client of the information-sharing arrangement and give the client an opportunity to opt out. Reg SP provides numerous exemptions from the notice and opt out requirements, however. In this case, Section 14(a) is one such exemption that could apply. It exempts financial institutions from the initial notice and opt out if the information disclosed is “necessary to effect, administer or enforce a transaction requested or authorized by the client, or in connection with processing or servicing a financial product or service requested or authorized by the client.”
The phrase “necessary to effect, administer, or enforce a transaction” means that the disclosure is “required, or is a usual, appropriate, or acceptable method to carry out the transaction or the product … and record, service or maintain the consumer's account in the ordinary course of providing the financial service or financial product.” One could argue that, because the reps are dually registered, it’s necessary for them to provide you with client information in order for them to service the accounts. Another possible exemption might be Section 15, which exempts financial institutions from the initial notice and opt out in order to protect the confidentiality or security of records pertaining to the consumer, service, product or transaction, or to protect against or prevent actual or potential fraud, unauthorized transactions, claims or other liability. The argument would be that the whole reason you’re required to supervise the activity of these reps at the RIA is to prevent wrongdoing on their part. Section 15 also provides an exemption to the extent specifically permitted or required under other provisions of law or of self-regulatory organizations. Since FINRA requires that you supervise these reps, this exemption would also likely apply.
Q: My chief compliance officer said that if I text message my clients the firm has to retain copies of all the texts. I asked whether just texting that I’m running late to our meeting or texting a link to an article on our company’s webpage had to be retained, and he said they did. Doesn’t this seem a bit too much?
A: In Regulatory Notice 17-18 (Social Media and Digital Communications; April 2017), FINRA provided additional guidance on record retention requirements for social media. In general, before a firm allows its reps to use text messaging to communicate with clients, it must first ensure that the texts can be maintained. The issue of whether any one particular text has to be maintained is fact specific. While it’s possible your firm may have stricter policies than FINRA’s, texts of the sort mentioned above would not have to be retained under FINRA policies. Be aware that when posting links, you or your firm could be seen as explicitly or implicitly endorsing the content. The language presenting the link must conform to the content standards of the communications rules, including the prohibition against misleading or inaccurate statements or claims. Introducing a link with a comment such as, “Here’s an article you may find interesting,” will be viewed differently than if you said, “The author of this article makes an excellent point,” because the latter comment makes it seem like you’re endorsing the comments of the author.