Electronic Communications: Trending Fines in the Industry

   

Electronic Communications: Trending Fines in the Industry

Over the past three years there has been a resounding increase in violations surrounding the Securities and Exchange Commission's ongoing recordkeeping initiative due to failure to preserve electronic communications. 2025 started out with January’s release of twelve Advisors charged $63.1 million for electronic communication record-keeping deficiencies, which can now be compacted with the violations and fines reference below, again emphasizing that the SEC is taking off-channel communications seriously and that the requirement CANNOT continue to be ignored.

Electronic Messaging Archiving - It's Not Just Emails. 

Aside from commonalities among the fines referenced below, there appears to be a misunderstanding throughout the industry regarding what needs to be archived:

• It is imperative to understand that electronic communications are not solely communications Supervised Persons have with clients/prospective clients, but also external partners, vendors, and the public. This means any communication that is sent or received on behalf of the Advisor falls under the books and records scope.
• The SEC is clearly making a stance that “internal” electronic communications, among Supervised Persons, are required to be archived. 
• Electronic communications can occur through various means throughout the day. Supervised Persons are communicating, internally or externally, any level of business communication through the following vendors, it must be archived:
• Text Messaging
• Messaging Applications (WhatsApp, Messenger, WeChat, etc.)
• Social Media (Twitter, Instagram, Linkedin, etc.)
• Video and Audio Conferencing Apps with Chat Features (Zoom, Microsoft Teams, Google Meet, etc.)

“Finance, ultimately, depends on trust. By failing to honor their recordkeeping and books-and-records obligations, the market participants we have charged today have failed to maintain that trust.” Securities and Exchange Commission Chair, Gary Gensler

A Review of Past Fines and Considerations

September 2024's release, twelve firms were charged $88 million for electronic communication deficiencies following August 2024's release of twenty-six firms were charged with longstanding failures by the firms and their personnel to maintain and preserve electronic communications totaling $392.75 million in civil penalties. September 2023's release announced ten firms charged for widespread and longstanding failures to maintain and preserve electronic communications, totaling $79 million in fines and penalties. September's release came on the tailwind of August 2023's release where the SEC charged eleven firms with penalties totaling $289 million. The fines and penalties from 2024 and 2023, in conjunction with the total fines and penalties from 2022, brings the tally to over $2.16 billion and over 90 enforcement actions. In reviewing these enforcement actions, the commonalities are: In reviewing these enforcement actions, the commonalities are:

• Failure to reasonably supervise, with a view to prevent and detect violations of federal securities laws.
• Failure to maintain and preserve business communications, whether it be internal or external communications.
• Inadequate policies, procedures, and controls that are compliant and designed to detect and prevent violations.

RIAs have a fiduciary responsibility to their Clients, and recordkeeping has been vital to preserve that integrity. As technology continues to advance, so should the policies and procedures of every RIA to ensure all communications are being maintained. So, how does an Investment Advisor effectively mitigate their risk? Really, an Advisor has two options:

• The Advisor opts to completely ban the use of personal devices and/or other various off-channel communication applications. Examples of certain control measures that can be put into place regarding this policy are:
• Written policies and procedures stating that personal devices and other various off-channel communication applications can not be used for business purposes, and have supervised person’s attest to those policies.
• Enhance review of supervised electronic communications (i.e email) to ensure that off-channel communication is not occurring with clients or members of the firm alike.
• Provide training for all supervised person’s of the Advisor regarding what is and is not acceptable, and the ramifications for violations.
• The Advisor opts to allow for the use of text-messaging and other electronic communication methods with appropriate policies and procedures in place. Examples of certain control measures that can be put into place regarding this policy are:
• Written policies and procedures regarding personal devices and/or electronic communication applications may be utilized on an approved basis by the Chief Compliance Officer.
• Advisors undergo a due diligence process for vendors they seek to utilize as part of the firm’s communication platform. This includes the reviewing the messaging platform for supervised person use, ensuring there are supervisory capabilities, and understanding the archiving set up.
• Provide training for the supervised persons who use the platform and compliance reviewers who supervise the platform, and the ramifications for violations.

Advisors in need of a solution, should start with current vendors they utilize to determine if they can bundle their email, social media, website, and texting platforms which, in turn, streamlines supervision and cost as well.

Whether an Advisor allows the activity or not, having the appropriate testing and supervision measures in place is the best line of defense. Effective supervision, due diligence and proper training are key when it comes to mitigating risk. If you are questioning whether your supervised persons are utilizing personal text messaging or emails to communicate with clients, or that your policies, procedures, and controls are inadequate please contact us today!

Posted in: