While it may be Easier for Investment Advisors to Utilize Texting to Communicate with Clients, it is Important to Remember that Many of the “Old Rules” Still Apply…
Technology makes it easy for investment advisers to communicate with clients. However, it is important to remember that many of the “old” rules still apply. In a recent National Exam Program Risk Alert, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) reminded the regulated community that the Investment Advisers Act of 1940 (Advisers Act) often applies to electronic messages, such as text messages, instant messages, and social media posts.
OCIE conducted a limited-scope examination initiative of registered investment advisers (advisers) designed to obtain an understanding of the various forms of electronic messaging used by advisers and their personnel, as well as the risks of such use. The resulting Risk Alert “reminds” advisers of their obligations under the Advisers Act that may apply to electronic messages and provides “examples of practices that the staff believes may assist advisers” to improve their relevant systems, policies and procedures. Before examining the SEC’s guidance, the Advisers Act “Books and Records Rule,” Advisers Act Rule 204-2 is summarized.
The “Books and Records Rule,” Advisers Act Rule 204-2, requires advisers to make and keep certain books and records relating to their investment advisory business. For example, Rule 204-2(a)(7) requires advisers to make and keep “[o]riginals of all written communications received and copies of all written communications sent by such investment adviser relating to (i) any recommendation made or proposed to be made and any advice given or proposed to be given, (ii) any receipt, disbursement or delivery of funds or securities, (iii) the placing or execution of any order to purchase or sell any security, or (iv) the performance or rate of return of any or all managed accounts or securities recommendations,” subject to certain limited exceptions.
Additionally, Rule 204-2(a)(11) requires advisers to make and keep a copy of each notice, circular, advertisement, newspaper article, investment letter, bulletin or other communication that the investment adviser circulates or distributes, directly or indirectly, to ten or more persons. The SEC previously advised that, “regardless of whether information is delivered in paper or electronic form, broker-dealers and investment advisers must reasonably supervise firm personnel with a view to preventing violations.” Additionally, Advisers Act Rule 206(4)-7 (the “Compliance Rule,”) requires advisers to adopt and implement written policies and procedures reasonably designed to prevent violations of the Advisers Act and its rules.
OCIE Electronic Messaging Risk Alert Provides Guidance to Advisers – Expansive Definition of Electronic Communications:
Usage developments in the way mobile and personally owned devices are used pose challenges for advisers in meeting their obligations under both the Books and Records Rule and the Compliance Rule. OCIE broadly defines “electronic messaging” or “electronic communication” to include written business communications conveyed electronically using, text/SMS messaging, instant messaging, personal email, and personal or private messaging. OCIE included communications when conducted on the adviser’s systems, third-party applications, platforms or sent using the adviser’s computers, mobile devices issued by advisory firms, or personally owned computers or mobile devices used by the adviser’s personnel in the adviser’s business.
Examples of practices OCIE identified as helpful to advisers in meeting their record retention obligations under the Books and Records Rule and implementation and design of policies and procedures under the Compliance Rule:
Policies and Procedures
Prevent Misuse: Prohibiting business use of apps and other technologies that can be readily misused by allowing an employee to send messages or otherwise communicate anonymously, allowing for automatic destruction of messages, or prohibiting third-party viewing or back-up.
Surveillance of Electronic Communications: If advisers permit their personnel to use social media, personal email accounts, or personal websites for business purposes, adopting and implementing policies and procedures for the monitoring, review, and retention of such electronic communications.
Sanctions Policy Notice: Including a statement in policies and procedures informing employees that violations may result in discipline or dismissal.
Employee Training and Attestations
Training Program: Requiring personnel to complete training on the adviser’s policies and procedures regarding prohibitions and limitations placed on the use of electronic messaging, electronic apps, and the adviser’s disciplinary consequences of violating these policies and procedures. Obtaining signed/dated attestations from employees documenting (i) completion of the required training on electronic messaging, (ii) compliance with all such requirements, and (iii) commitment to do so in the future (i.e., annual updates).
Periodic “Reminders”: Providing reminders to employees of what is permitted and prohibited under the adviser’s policies and procedures with respect to electronic messaging.
Feedback Request: Soliciting feedback from personnel as to the various forms of messaging requested by clients and service providers in order for the adviser to (1) assess their risks and (2) how those forms of communication may be incorporated into the adviser’s updated policies/procedures.
Supervisory Review
Contract/Agreement Diligence: Contracting with software vendors to assure functionality: (i) monitor the social media posts, emails, or websites, (ii) archive such business communications to ensure compliance with record retention rules, and (iii) ensure that they have the capability to identify any changes to content and compare postings to a lexicon of key words and phrases.
Social Media Site Review: Regularly reviewing popular social media sites to identify if employees are using the media in a way not permitted by the adviser’s policies.
Internet Searches: Running regular Internet searches or setting up automated alerts to notify the adviser when an employee’s name or the adviser’s name appears on a website to identify potentially unauthorized advisory business being conducted online.
Control Over Devices
Prior Approval of Firm Required: Requiring employees to obtain prior approval from the adviser’s information technology or compliance staff before they are able to access firm email servers or other business applications from personally owned devices. This may help advisers create an inventory list of devices and understand each employee’s use of mobile devices to engage in advisory activities.
Security Apps Required: Loading certain security apps or other software on company-issued or personally owned devices prior to allowing them to be used for business communications. Software is available that enables advisers to (i) “push” mandatory cybersecurity patches to the devices to better protect the devices from hacking or malware.
(ii) monitor for prohibited apps, and (iii) “wipe” the device of all locally stored information if the device were lost or stolen.
Access Restrictions: Allowing employees to access the adviser’s email servers or other business applications only by virtual private networks or other security apps to segregate remote activity to help protect the adviser’s servers from hackers or malware.
Key Takeaways
One of the keys to compliance program success is a continuous assessment of Company risks and improvements to existing policies/procedures as determined to be necessary. With respect to electronic messaging, it is important to remain current with emerging technology. Lastly, monitoring regulatory developments provides useful guidance for the Company’s Compliance and Legal departments.
If you have questions, please contact us
If you have any questions or if you would like to discuss the matter further, please contact me, Paul Lieberman, or the Scarinci Hollenbeck attorney with whom you work, at 201-806-3364.
When Are New Jersey Business Owners Personally Liable for Corporate Debt?
New Jersey personal guaranty liability is a critical issue for business owners who regularly sign contracts on behalf of their companies. A recent New Jersey Supreme Court decision provides valuable guidance on when a business owner can be held personally responsible for a company’s debt. Under the Court’s decision in Extech Building Materials, Inc. v. […]
Commercial real estate trends in 2026 are being shaped by shifting economic conditions, technological innovation, and evolving tenant demands. As the market adjusts to changing interest rates, capital flows, and workplace models, investors, owners, tenants, and developers must understand how these trends are influencing opportunities and risk in the year ahead. Overall Outlook for Commercial […]
One Big Beautiful Bill: New Tip Income Tax Rules Employers & Workers Need to Know
Part 2 – Tips Excluded from Income Certain employees and independent contractors may be eligible to deduct tips from their income for tax years 2025 through 2028 under provisions included in the One Big Beautiful Bill. The deduction is capped at $25,000 per year and begins to phase out at $150,000 of modified adjusted gross […]
One Big Beautiful Bill: New Overtime Tax Rules Employers and Employees Need to Know
Part 1 – Overtime Pay and Income Tax Treatment Overview This Firm Insights post summarizes one provision of the “One Big Beautiful Bill” related to the tax treatment of overtime compensation and related employer wage reporting obligations. Overtime Pay and Employee Tax Treatment The Fair Labor Standards Act (FLSA) generally requires that overtime be paid […]
New York’s FAIR Business Practices Act: What the New Consumer Protection Measure Means for Your Business
In 2025, New York enacted one of the most consequential updates to its consumer protection framework in decades. The Fostering Affordability and Integrity through Reasonable Business Practices Act (FAIR Act) significantly expands the scope and strength of New York’s long-standing consumer protection statute, General Business Law § 349, and alters the compliance landscape for New York […]
How to Reduce Legal Risk as Your New Jersey Business Grows in 2026
For many New Jersey businesses, growth is a primary objective for the New Year. However, it is important to recognize that growth involves both opportunity and risk. For example, business expansion often results in complex contracts, an increased workforce, new regulatory requirements, and heightened exposure to disputes. Without proactive planning, even routine growth can lead […]
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Let`s get in touch!
Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!
