FINRA recently provided further guidance for broker/dealers and financial advisors on how to stay compliant when using social media.
Public comments – advisors can create sites that allow clients/prospects to make unsolicited comments regardless if they sound like testimonials or “likes.”
Compliance Officers still need to make sure that the statements made are not paid testimonials or falsified.
Brokers that place links to third party Website that are independent of the firm need to determine two important factors:
- is the link “ongoing”
- does the broker have control over the content of the third party Website
Firms must make certain that the third party site does not contain any misleading or untrue statements.
Broker/Dealer Websites and social media must be archived to non-erasable storage and saved for six years or as defined by your compliance manual.
FINRA continues to fine firms for failing to keep proper records. It recently fined a large broker/dealer $900,000 for failing to create and send records to more than 1.6 million of its customers.
Compliance officers must ensure that their firm properly sends and stores its records properly or risk being fined.
Hundreds of thousands of Websites became unavailable after Amazon’s cloud service suddenly went down for 4-hours.
This meant that financial firms that use Amazon Web Services couldn’t access their information.
Financial firms using cloud services for archiving and storage should think twice if it’s unacceptable for your Website and archives to be inaccessible and potentially compromised.
Instead use data centers that store your information to WORM (Write-Only Read-Many) file format to protect your firm and archives.
Compliance vault has physical geographically diverse SSAE-16 certified compliant data centers that store your Website archives to non-erasable, immutable storage.
Contact us for your complimentary archive of your Website.
FINRA fined 12 firms $14.4 million for failing to store their firm’s records in “write-one read-many” format.
Storing in WORM format assures that your electronic records such as your firm’s Websites have not been changed or altered.
Simply “back up” or storing your Website in “the cloud” means that you are not storing your Website to an immutable format. Firms failing to use non-erasable WORM format could be opening themselves up to unnecessary risks and fines.
Make sure your Website is being stored to an immutable WORM file format.
Firms are also required to archive their Websites to geographically diverse, separate and secure multiple data centers.
If you’re unsure if you’re following stringent FINRA regulations, ask! You could save your firm from being fined from not storing your Website properly.
For a full checklist on FINRA Website archiving requirements, visit http://compliancevault.com/compliance-checklist.html
FINRA news release on fines
Contrary to what you may have heard archiving firms differ greatly in their archiving methods and approaches.
For example if your Website is being archived using cloud storage, your firm may be opening itself up to unnecessary risks like outages, and the ability to prove that your archives are immutable.
What if the cloud storage your vendor uses goes down like Amazon cloud storage has. This makes your archives unaccessible and opens your firm to undue risks. When cloud storage goes down, this means you won’t have access to important firm information.
FINRA/SEC requires broker/dealers to storage their firm Website archives to WORM or immutable file format storage. Using WORM storage assures without a doubt that your information cannot be changed, altered or deleted.
To assure you’re following regulatory guidelines, verify that your vendor uses WORM storage (not the cloud) and that your Website is being archived to separate and secure data centers (physical locations). Archives are needed every time your Website posts an update or revision.
FINRA, the enforcement and arbitration agency that regulates broker/dealer firms and exchange markets, reported this year will be a record year for fines. It reported over $79 million in fines had been levied for the first half of 2016. Projections for the entire year could total $160 million in fines – representing a nearly 20% increase from record-setting year 2014.
As part of the books and records requirements, broker/dealers are required to store their firm Websites and firm information to WORM or non-erasable storage to multiple, secure, and geographically diverse data centers.
Is your Website being stored to WORM?
Press release from Sutherland: http://www.sutherland.com/NewsCommentary/Press-Releases/193640/FINRAs-Projected-2016-Fines-Ginormous-Fines-May-Propel-2016-toRecord-Setting-Year
Financial firms using cloud storage to archive firm Websites, emails and social media may be opening up their company to unnecessary risks and should absolutely be concerned.
Last Friday 7amEST, hackers released a DDoS (distributed denial-of-service), taking offline popular Websites such as Amazon, Twitter, Tumblr, Soundcloud.
While cloud storage has been rising in popularity over the years, firms that use Amazon and other cloud providers for archiving their Websites and other important information subject to government regulations may just find their archives unaccessible and open to further attacks and outages.
Do you know if your Websites and other information subject to books and records requirements are being stored in the cloud?
If so, you may want to rethink your archiving storage strategy and use a provider that uses actual secure data centers for archiving storage.
Last summer the Securities and Exchange Commission (SEC) proposed a new rule under 206(4)4, that would require RIAs to adopt and implement written business continuity and transition plans.
While many firms may already have BCP plans in place, these plans may not include some of the new provisions such as the firm’s transition plans and other risks related to potential significant disruptions in the firm’s business and operations.
Financial firms would be prudent to revise their BCP to include these provisions and place it on their firm Websites. Since firms are already required to archive their Websites to an immutable WORM (write-once-read-many), non-erasable format, this would ensure that all the information on their Websites (including BCP and transition plans) meet all regulatory requirements.
The SEC is making amendments to the Advisors Act book and recordkeeping rule in an effort to improve the agencies monitoring and regulation of the financial industry.
The amendments will require financial advisors to keep additional records of communications for all performance related information, regardless of the number of intended targets it plans to reach.
It would be prudent for firms to keep a secure record of all communications to a WORM, non-erasable file format that is readily available.