Articles Tagged with Risk Alert

Investment advisers’ use of clients’ usernames and passwords to access their clients’ accounts to observe the accounts’ performance has come under scrutiny in recent years.  In February 2017, the SEC Office of Compliance Inspections and Examinations (“OCIE”) disclosed in a Risk Alert that investment advisers’ use of client usernames and passwords can create compliance issues with the Custody Rule.  According to OCIE, an investment adviser’s “online access to client accounts may meet the definition of custody when such access provides the adviser with the ability to withdraw funds and securities from the client accounts.”  Accessing a client’s account using a client’s username and password often results in an investment adviser being able to withdraw funds and securities.

The North American Securities Administrators Association (“NASAA”) has also observed in recent years that if an investment adviser logs into a client’s account using the client’s personal information, “the investment adviser is in effect impersonating this client and has the same access to the account as the client.”  As a result, a number of issues arise when investment advisers use their clients’ personal information to gain access to online accounts, including custody, recordkeeping obligations, and potential violations of user agreements. Continue reading

The Securities and Exchange Commission (SEC) recently issued a National Examination Risk Alert to investment advisers discussing the use of social media. Social media is becoming more widely used as a means to communicate with investors, and advisers need to ensure they are meeting their compliance requirements. The purpose of the alert is to inform advisers of ways they can improve and maintain sufficient compliance practices in using social media websites.

The SEC listed a number of issues for firms to consider as they evaluate the effectiveness of their compliance programs. Among all of the guidelines, some areas firms are encouraged to consider include:

  • Whether they want to create usage guidelines to address which social media networks are appropriate for use and restrictions which may be appropriate for each network;
  • Whether to create content standards to prohibit specific content or impose other restrictions in relation to their social media networks;
  • How their compliance or supervisory personnel can adequately monitor the sites, and how frequently they should be monitored;
  • Whether content must be pre-approved before posting to a site;
  • Whether there are adequate resources dedicated to monitor the activity adequately on the social media sites;
  • Developing criteria for allowing participation by third parties ;
  • Implementing training related to social media-related compliance practices;
  • Whether certification should be required to ensure that those individuals using the social media sites understand and are complying with the firm’s internal policies;
  • Whether to adopt policies distinguishing between personal and professional sites, possibly specifying the types of communication about the firm which are acceptable on a site not maintained by the firm; and
  • How to maintain information security.

Continue reading

The Financial Industry Regulatory Authority (FINRA) and the Securities and Exchange Commission (SEC) recently jointly issued a Risk Alert and a Regulatory Notice on broker-dealer branch office inspections designed to help securities industry firms better supervise their branch offices, as well as to underscore the importance of that supervision.

“An effective risk based branch office inspection program is an important component of a broker-dealer’s supervisory system and, when constructed and implemented reasonably, it can better protect investors and the firm’s own interest,” stated Stephen Luparello, Vice Chairman of FINRA.

The risk alert specifically makes the following recommendations to firms, including:

  • Increasing the frequency of branch inspections, especially unannounced visits;
  • Customizing examinations to branch activity based on risk assessments;
  • Involving more senior personnel in exams;
  • Insuring that examiners have no conflicts of interest; and
  • Increasing supervision of certain offices based upon surveillance data and requiring corrective actions to address deficiencies noted.

Continue reading