young woman texting with cityscape in background

The New Reality of Compliance

More than halfway through 2017, it’s become clear: This is the year that mobile and social technologies, paired with shifting demographics, are changing compliance practices forever.

What’s the Big Deal with Mobile and Social?

Mobile, social and the changing demographics of the investor community – namely millennials – are changing the way financial services firms and their compliance teams operate.

In short, millennials, or those between the ages of 18 and 29, are making a rapid appearance and putting down roots in the world of investment. However, millennials demand a whole new way of finding and interacting with their financial firms and advisors. If a firm doesn’t use mobile and social technologies to attract and engage this expanding investor demographic, the business is going to suffer and another firm will benefit.

In financial services, there’s pent up demand from millennials for service and advice in a nontraditional way that firms now need to cater to, and they must adjust their business and compliance practices accordingly. For instance, millennials don’t respond well to email-based interactions. They expect to be able to reach out to an advisor via social media or even instant messaging and text messaging when making decisions or checking status.

Millennials are asking for immediate connection. Think of it this way: In today’s business environment, if you want a response in five hours, send an email. If you want a response in five minutes, send an instant message. If you want a response in five seconds, send a text. Millennials want to text. Why is that? It’s because text is always online and always in hand for this demographic. It’s accessible and immediate. And it’s what they know. It’s what’s required for firms that want to reach out to this group; they must engage in this way today. The pressure is on firms to deliver quick social and text interaction while staying compliant.

Where Compliance Needs to Make Changes

Even with the demand for mobile and social technologies, many firms and their compliance departments up until now have said “no” to mobile and social and have attempted to prohibit their use by advisors. But that doesn’t work anymore; the floodgates are already open, and firms that don’t use mobile and social will lose out on doing business with millennials. In fact, there are 30 trillion reasons why firms should pay special attention to millennials and the next youngest Generation X clients, but more on that later.

The challenge for firms and compliance teams is that mobile and social communications now need to be retained in a reliable way – alongside email and more traditional channels. Ultimately, you want to automate the capture and supervision of text messages, social posts and more. You’ll want to capture any information at its source through a direct API, including directly from mobile carriers – and keep it all within one archive so data can be searched broadly across a range of conversations and different communication channels. For instance, Smarsh supports the archiving and supervision of text messages through AT&T, Verizon and other carriers, alongside all other types of electronic communications including email, social media, business collaboration platforms and more in one comprehensive archive platform.

What’s FINRA’s Take on Social and Mobile Compliance?

The regulators and firms alike are aware that there are gaps in social and mobile compliance. In FINRA Regulatory Notice 17-18, the regulator updated and clarified some of its rules. Social and text messaging are now a big focus within those guidelines.

Also, in compliance practices, the largest gap we’re seeing is in text messaging. A recent Smarsh survey showed that 48 percent of firms that allow their advisors to use text messages to communicate with clients don’t archive this content. This is a big problem, because under FINRA regulations, firms must archive text messages.

What are the Consequences of Noncompliance?

We’re starting to see fines from FINRA for firms that don’t archive social and text messages. They gave firms the guidance, and now they’ve clearly moved on to enforcement. The landscape has changed; social media is also publicly discoverable now, so regulators can proactively review and analyze it whenever they want.

FINRA is now asking firms for proof that they are retaining and supervising social media and text messages and that these new forms of communications are addressed in the firm’s written supervisory procedures. Firms must have a system in place.

However, the volume and diversity of the communications flying around today present a challenge. It’s not enough for firms to just spot-check some of these messages. This approach does not intelligently focus on the messages that pose real risk. To start, everything must be archived. If you’re not archiving, then messages can’t be reviewed and supervised in an automated fashion where policies and review of messages can be applied as they come into the archive.

With mobile and social, firms have to expand their compliance perimeter. Here are some tips to navigate the new terrain:

  • Mobile and social messages must be kept in a searchable format that cannot be tampered with, destroyed or otherwise disposed of by anyone on purpose or accidentally. Content must also be produced quickly for e-discovery and regulatory examinations. A firm may operate a tremendous number of phones through contracts with one or more carriers and erroneously assume text records are kept by carriers. Carriers don’t keep text messages for very long, however, and they aren’t obliged to provide records of them either. The responsibility for retaining and producing requested text messages lies with the firm that creates the records.
  • Firms can no longer say “we didn’t know” as an excuse to avoid archiving and oversight of text messages. Several well-publicized cases involving business text messages that have been lost, altered or mishandled in financial services have alerted us all to the fact that these types of messages must have oversight. Firms that aren’t yet retaining text messages will find they have plenty of technology options to help them start.
  • Following social media and SMS/text messaging is perceived as the next biggest source of the most compliance risk by compliance professionals in the financial services industry. Banning its use, however, will not work. The Smarsh 2017 Electronic Communications Compliance Survey Report reinforces that policies of prohibition of SMS/text messaging are a barrier to growing business and workforce productivity. They do not deliver compliance confidence, and they simply aren’t followed by employees. Early 2017 examples of text-related firm penalties all have one thing in common: All prohibited its use for business communication. More than two-thirds (67 percent) of respondents who completed the survey have no, or minimal, confidence that they could prove their prohibition of text messaging is actually working.

So, what was that 30 trillion reasons comment all about earlier, you ask? At this year’s annual FINRA conference, an instant poll slide was put up during a session on social media that posed the following question: “Millennials and Generation Xers will have the largest wealth transfer in history. How much will it be?” The multiple-choice answers were: (a.) $100 billion, (b.) $3 trillion and (c.) $30 trillion. Almost two-thirds of the audience selected $3 trillion, including yours truly. Well, you guessed it… the correct answer to the question is $30 trillion. The breakdown between the two demographics was not given, but the point was well-made; millennials are a key component of any firm’s strategic client acquisition and retention plans moving forward.

Firms that recognize the benefits of catering to millennials with mobile and social communications while staying compliant with regulations will reap the rewards. Others that leave social and mobile messages out of their electronic communications compliance strategy – or that implement multiple point products to try and address it – will lag and be playing the odds at a time when compliance examinations, litigation procedures and the importance of brand reputation and risk management are more central than ever to business success.

Mike Pagani

Mike Pagani is the Senior Director of Product Marketing and Chief Evangelist for Smarsh. Mike is a seasoned IT professional and recognized subject matter expert in the areas of mobility, identity and access management, network security and virtualization. Prior to joining Smarsh in November 2014, Mike held executive-level corporate and technology leadership/spokesperson roles for Stay-Linked, Quest Software, NComputing, Dell Software and others.

Related Post

Got Compliance News?

We do!  Sign up for CCI’s free weekly eBlast to get GRC news, views, jobs & events delivered to your inbox once a week.  Cancel anytime.

Click to Subscribe.