Business Compliance Partners Discusses Common Sense Guidance on the Use of Social Media

Share Article

The use of “social media” has become an enormously popular communications tool. The question becomes how can Advisors use these tools without running afoul of regulations? The answer is becoming clearer as regulators begin to clarify their thinking.

The Securities and Exchange Commission (“SEC”), Financial Industry Regulatory Authority (“FINRA”) and the State of Massachusetts have recently issued guidelines, which should make it easier for advisors and broker-dealers to allow employees to use social media for business purposes. Business Compliance Partners discusses some of these guidelines.

General Guidelines

Wikipedia defines social media as media for social interaction that uses highly accessible and scalable communication techniques. Social media includes the use of web-based and mobile technologies to turn communication into interactive dialogue. Facebook, Twitter, blogs, YouTube, LinkedIn, My Space and chat rooms are all examples of social media. The “interactive” part of the definition seems to have given regulators pause because that kind of spontaneity is hard to control, making it harder to police.

In general, social media postings should be treated like existing types of communications. For example, static postings are treated like advertising and dynamic postings treated like public appearances. Reviewing, archiving and retaining these communications will be treated according to existing rules although the technology for doing so will necessarily be different.    

Static Postings

Static postings (such as profiles on LinkedIn or blog posts) as well as attachments designed to be disseminated to clients, must be treated as advertising, with contents that must be approved by a principal prior to posting. Advisor personnel should review any social media site prior to granting permission for its use and also conduct a review “in the form in which it will be launched” (typically of each initial posting). All such reviews should be documented.

Advisors should retain evidence of review and pre-approval, as well as requests for changes (and evidence that requested changes were implemented), for the period required under the current document retention rules for advertising. Documents may be approved via electronic signature and stored as electronic files.

Real-time Interactive Communications

Real-time unscripted interactive communications (such as Twitter messages) should be treated as public appearances and do not have to be pre-approved. (Fortunately, FINRA recently withdrew its proposed rule that broker-dealers must file copies of all postings after use, and hopefully advisor regulators will take a similar position.)

Interactive communications should undergo a review after being posted but this does not mean that every posting must be reviewed. Advisors may use rules engine-driven key word lexicon searching technology (that automatically segregates postings that contain certain key words) for later review by compliance personnel. In addition, compliance personnel should conduct additional manual reviews of a reasonable percentage of randomly selected postings.

Interactive postings should be retained in accordance with retention rules for public appearances.

(Lexicon searching does not typically detect key words contained in attachments. An attachment could be considered correspondence, sales literature or advertising based on the nature of the material and the recipient or recipients.)

Procedures must be established for escalating potential problem communications to appropriate management or compliance personnel for review.

Policies & Procedures

Advisors should establish appropriate written supervisory procedures for using social media and for complying with related rules and regulations. Advisors should also designate an individual who will be in charge of the social media compliance program.

Procedures should list social media that associated persons are permitted to use and include a list of disciplinary actions that the advisor may take if an associated person uses other social media or otherwise violates the rules. Advisors should prohibit the use of any social media site that is not subject to supervision and review. The procedures should also set up a training program for users of social media as well as personnel who will monitor use.

Advisors should periodically evaluate their social-media compliance programs, especially usage guidelines, content standards, content approval, training and adequacy of monitoring and archiving postings.

Generally, advisors will not be deemed to be responsible for third-party postings to an associated person’s social media accounts unless the advisor has created them or asks posters to create them; or explicitly or implicitly endorses or approves of the posts. Under those circumstances, an advisor would be required to treat third-party posts as its own.


The same rules for archiving and storing correspondence, advertising and materials used in public appearances apply to all postings to social media accounts in accordance with existing rules and regulations. The best way to do this is to use appropriate archiving software or by utilizing the services of a third-party vendor.

Please note that this article does not constitute a complete discussion of this issue, and rules and guidelines are still evolving.


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Paul Cox

Chris Kosifas
Visit website