Social Networking Compliance

Think Before You Tweet!

What are the challenges for broker/dealers and investment advisers trying to use social networking sites?

Complinet hosted a webinar on this topic with Clifford Kirsch from Sutherland Asbill & Brennan LLP and Debbie Corej, Vice President, Compliance – Insurance Division, Prudential.

Clifford started the discussion by pointing out the need to think about who is using these communication tools and what they are using them for. There is not a single source for the legal rules on how to use social networking tools in compliance with the regulatory requirements. You have to fit these tools into the established regulatory frameworks.

Broker/Dealer

With respect to the supervisory structure, you should look at FINRA Rule 3010. You need a policy, whether you allow use of these tools or not. You should start by looking at FINRA’s Guide to the Internet.

The next focus is whether the tools are being used as advertising and sales literature. If so, then there are content requirements, filing requirements and reviews. There is new proposed FINRA Rule 09-55 that would streamline the approach to advertising. There is no specific reference to social networking. Many commenters did request some specific discussion of social networking.

Then next hurdle is record-keeping. Some site are easy to integrate with record-keeping. SEC Rule 17A-4 has extensive requirements.

Another issue is keeping track of complaints and filing complaints. That is hard to do in the free flow of information on social networking sites. What do you do if someone complains on Twitter?

Investment Advisers

As with brokers you still need a supervisory structure and examinations for risk. You should have a policy, pro or con.

With advertising and sales literature, the requirements are not as difficult as broker/dealers. There are no filing or pre-approval requirements. SEC Rule 206(4)-1 prohibits testimonials and selective discussion of past performance.

There are record-keeping requirements, so you need a system in place for preserving the records, even though they are created on a third party social networking site.

Real Life with Social Networking at Prudential

Debbie turned to some of the challenges in her organization. They have a big umbrella. Part of the challenge is controlling the technology itself.

Prudential does block some sites and is looking at ways to open access in a way they can control. There are competing interests in the company. Recruiters have a different use than marketing. Everybody has some need to use the tools to stay connected with colleagues and experts.

There are some vendors out there trying to meet the compliance requirements. But they are all new and untested. FINRA is not giving any particular blessing on a tool.

It is important that compliance understand the different features of a site and the terms and conditions for that site. Any one social social networking site is likely to have features that fall into multiple categories for compliance requirements.

For example, you should prohibit the recommendations feature of LinkedIn. You should have an internal person as a connection so that they get a notice of updates to profiles.

You need to have people submit correspondence for record-keeping internally and then review the account to make sure all of the correspondence has been submitted.

It is important to have a policy. It is also important that the policy is not freestanding but integrated with other policies, such as confidentiality. It’s possible that if you do not prohibit a tool, you may be implicitly allowing the use of that tool.

Of course you need to test compliance with the policies. If you are banning, you should search the site for employees’ names and your company name.

FINRA Task Force

FINRA has created a task force to look at social networking. (Debbie is on the task force.) FINRA is very interested in the topic and how the mechanisms can work in compliance. At the company-level it is easier to control and monitor than at the individual registered-representative level.

There is the problem of using the sites in personal level is hard to contain. What if a friend asks you a professional question?

FINRA is hosting a March 17 webinar: Compliance Considerations for Social Networking Sites.

DOJ Nets 22 in FCPA Sting

“The largest single investigation and prosecution against individuals in the history of DOJ’s enforcement of the Foreign Corrupt Practices Act”

The Department of Justice has gotten serious about the FCPA.

“This ongoing investigation is the first large-scale use of undercover law enforcement techniques to uncover FCPA violations and the largest action ever undertaken by the Justice Department against individuals for FCPA violations,” said Assistant Attorney General Lanny A. Breuer. In connection with these indictments, approximately 150 FBI agents executed 14 search warrants in locations across the United States. Plus, the United Kingdom’s City of London Police executed seven search warrants.

According to the indictments, the defendants agreed to pay a 20 percent “commission” to a sales agent who the defendants believed represented the minister of defense for a country in Africa to win a portion of a $15 million deal. The “sales agent” was actually an undercover FBI agent. The defendants were told that half of that commission would be paid directly to the minister of defense. The defendants allegedly agreed to create two price quotes in connection with the deals, with one quote representing the true cost of the goods and the second quote representing the true cost, plus the 20 percent commission. The defendants also allegedly agreed to engage in a small “test” deal to show the minister of defense that he would personally receive the 10 percent bribe.

I have not gotten through all of the indictments, but the DOJ purposefully omitted the name of the employers of the indicted individuals. I would guess that he have not heard the end of this. People can run; companies cannot.

Sources:

SEC’s New Enforcement Cooperation Initiative

The Securities and Exchange Commission announced a new initiative encouraging cooperation. They put on a big media blitz. Big enough that they even allowed me to ask a question of SEC Enforcement Director Robert Khuzami.

For the first time, the SEC set out how it will evaluate whether, how much, and in what manner to credit cooperation, to serve as an incentive to report violations and cooperate fully and promptly in enforcement cases.

The SEC will have some new cooperation tools at its disposal:

  • Cooperation Agreements — Formal written agreements in which the Enforcement Division agrees to recommend to the Commission that a cooperator receive credit for cooperating in investigations or related enforcement actions if the cooperator provides substantial assistance such as full and truthful information and testimony.
  • Deferred Prosecution Agreements — Formal written agreements in which the Commission agrees to forego an enforcement action against a cooperator if the individual or company agrees, among other things, to cooperate fully and truthfully and to comply with express prohibitions and undertakings during a period of deferred prosecution.
  • Non-prosecution Agreements — Formal written agreements, entered into under limited and appropriate circumstances, in which the Commission agrees not to pursue an enforcement action against a cooperator if the individual or company agrees, among other things, to cooperate fully and truthfully and comply with express undertakings.

One thing that came out of my discussion with Khuzami (I’m not sure I should call him Rob.) is that the SEC is looking towards the Department of Justice and criminal prosecutions on how to use these tools. But the SEC, as a civil enforcement agency, is not used to having the benefit of these tools.

Plus, the enforcement division can only make a recommendation to the Commission with a cooperation agreement. The Commission can ignore the cooperation and still bring down its full hammer on a someone even if they are a whistle blower and cooperating with the enforcement division. The cooperation message I was hearing from the SEC did not give me the warm fuzzies.

Nonetheless, the new tools should encourage cooperation and be beneficial to SEC Enforcement. For individuals, they have the prospect that they may not be prosecuted. Companies may also induced by being able to avoid the filing of the typical SEC complaint, with pages and pages of misconduct.

To publicize the new cooperation initiative, the SEC even assembled a new Enforcement Cooperation Initiative website. The best publicity will be an individual or company benefiting from cooperation.

Sources:

Social Networking is Serious Business – Presentation Materials

I  joined John Pepper, the CEO of Boloco and Russ Edelman the CEO of Corridor Consulting at meeting of the New England Chapter of AIIM on Friday. The topic was “Social Networking is Serious Business.”

Russ started us off with a great background on Web 2.0 and social networking tools.

Here is the slidedeck he used:

John showed how he uses web 2.0 tools as part of his business. It was an impressive display of how he listens to his customers. My favorite story was John seeing a tweet from a customer in one of the Boloco locations complaining the background music was too loud. John called up the store manager and told him to turn it down. The customer was happy in minutes. We were also happy that John handed out Boloco cards for some free burritos.

Being the lawyer and compliance guy on the panel, I focused on the regulatory, compliance and legal issues related to web 2.0 / social networking. I showed some of the downside and the ways to get yourself in trouble. In other words, I put the emphasis on the “serious” part in the presentation name.

Here is my slidedeck:

Since my slides are mostly images instead of words, you may be wondering what I was saying. You can see my notes along with the slides: Social Networking is Serious Business. Hosted on JDsupra.

A big thanks to the New England Chapter of AIIM for inviting me.

Martin Luther King, Jr.

I Have a Dream – Address at March on Washington August 28, 1963.

“I have a dream that one day this nation will rise up and live out the true meaning of its creed: ‘We hold these truths to be self-evident, that all men are created equal.'”

“Let freedom ring. And when this happens, and when we allow freedom ring—when we let it ring from every village and every hamlet, from every state and every city, we will be able to speed up that day when all of God’s children—black men and white men, Jews and Gentiles, Protestants and Catholics—will be able to join hands and sing in the words of the old Negro spiritual: “Free at last! Free at last! Thank God Almighty, we are free at last!”

Sources:

Compliance Bits and Pieces for January 15

Here are some interesting compliance, risk and ethics stories from the past week:

Robert Kennedy, the Travel Act and the FCPA by Thomas Fox in Tfoxlaw’s Blog

Robert Kennedy’s contribution is that while Attorney General, he urged Congress to enact the Travel Act in 1961 which was passed as part of the same series of bills as the Wire Act and was a part of his program to combat organized crime and racketeering. The Travel Act is aimed at prohibiting interstate travel or use of an interstate facility in aid of a racketeering or an unlawful business enterprise.

New Cooperation Tools, Units An Enforcement Game Changer by Melissa Klein Aguilar for Compliance Week

Forging ahead with the revamp of its Enforcement Division, the Securities and Exchange Commission unveiled new tools to incentivize individuals and companies to cooperate with the enforcement staff during investigations, including deferred- and non-prosecution agreements and a so-called Seaboard Memo for individuals. For the first time, the SEC set out in a new policy statement how it will evaluate whether, how much, and in what manner to credit cooperation by individuals, to serve as an incentive for people to report violations and cooperate fully and promptly in enforcement cases.

Employee Wrongdoing: Drawing the Line by Chris MacDonald on The Business Ethics Blog

Should companies ever tolerate unethical behaviour in the workplace? Never? What about really small stuff? What about really important employees? How strictly should they monitor employees? Won’t intense scrutiny hurt morale?

Earning Cooperation Credit in an FCPA Case by Thomas Gorman for SEC Actions

For corporations, the SEC, like the Department of Justice and other federal law enforcement agencies, has long held out the prospect of credit in the charging process in exchange for cooperation. While there is no talismanic test which will guarantee a company that it can secure enough credit to avoid being charged, the SEC’s Seaboard Release, discussed here, contains an example of a company that did in fact earn sufficient credits and discusses general principles regarding cooperation.

Nevada and New Hampshire Data Security and Privacy Laws Take Effect from the Privacy & Information Security Law Blog by Hunton & Williams LLP

On January 1, 2010, two important state data security and privacy laws took effect in Nevada and New Hampshire. The laws create new obligations for most companies that do business in Nevada and for health care providers and business associates in New Hampshire.

New Social Media Policies Database

Thumbs-up approved with a blue filter

I assembled a collection of social media policies: Social Media Policies Database.

So far I have 117 a bunch in the database. That’s a very small number, but I think most companies want to keep their policies private. If I am missing any, please leave a comment letting me or send me an email: [email protected].

I have added a column for industry. So far I have the following industries:

  • Education
  • Finance
  • Government
  • Healthcare
  • Law firm
  • Media
  • Non-profit
  • Professional services
  • Retail
  • Technology

One thing that really stuck out is the varied names for the policies.  “Social media guidelines” with 9 and “social media policy” with 13 were the most popular names.

Questions and Answers with Robert Khuzami

After the news conference announcing the Rearrangement of its Enforcement Program, the Securities and Exchange Commission offered a group of bloggers the chance to ask questions to Robert Khuzami, the Director of Enforcement. (It must have felt like Obi-Wan stepping into the cantina full of low-life scoundrels.)

The blogging participants:

Mr. Khuzami let us know that the specialized units and cooperation initiatives came out of the self-assessment they conducted last year. Now that the heads of the new units have been made, those heads will start filling out their ranks.

Bruce started off questions by asking for more information on the new Office of Market Intelligence. This unit is combining two existing units, Market Surveillance and Internet Enforcement. It sounds like this will be a big source of information flow for the SEC with lots of complaints and charges coming in one place, getting filtered and sent to the right people for the appropriate action.

I asked about the creation of the new specialized units which are great for expertise, but may push information into silos. Mr. Khuzami pointed out that one of the current problems is that information is currently too diffuse across the SEC. There is a going to be hybrid approach. Not everything is going to end up in these units. He thinks expertise is very important. These units are going to be national in scope, so the people will spread out across the regional offices.

Laura Richman wanted to know if the SEC Commissioners are going to be comfortable with the new cooperation protocols. The enforcement division can only make a recommendation. It’s up to the Commission to decide whether to prosecute or settle. (This is unlikely to give the warm fuzzies to someone who is thinking about acting as a whistleblower or a company cooperating with an issue.)

Todd Sullivan was surprised that the cooperation initiatives were not already available to the SEC. Mr. Khuzami pointed out that criminal prosecutions have used cooperation strategies for a long time. It’s a new concept to civil proceedings.

Cate wanted to know if the SEC could develop the experience or tools to differentiate between proprietary trading versus market making. The SEC wants better information.

Francine wanted to know if the SEC will step up its enforcement actions against the accounting firms. Timeliness is key. If there is a long time between the misconduct and the prosecution, then there is a lost opportunity to stop others by setting an example.

Mr. Khuzami pointed out the SEC has been through a tough year but his group wants to use their professional skills and do good work. He thinks the Division is coming together and moving forward in a positive direction.

I want to thank Mark Story, the SEC’s Director of New Media, for inviting me to the press conference and Rob (I think I can call him that now) for taking the time to talk with us.

SEC Rearranges its Enforcement Program

The Securities and Exchange Commission reorganized its enforcement division. Enforcement Director Robert Khuzami announced a new program announced the creation of new units.

First, the SEC are expanding the whisteblower program. They are calling it a “cooperation program.”

Then there are five new units in the enforcement division.

Asset Management Unit

The unit specializing in asset managers, including hedge funds and private-equity firms, is set to be jointly run by Bruce Karpati, who has run the agency’s hedge-fund working group for the past several years, and Robert Kaplan, another SEC veteran.

Mr. Karpati was founder and head of the SEC’s Hedge Fund Working Group, and has served as Assistant Regional Director for the New York Regional Office of the SEC. Earlier, he was a Branch Chief and Attorney in the Division of Enforcement at the agency. Previously, Mr. Karpati was an Associate at Dechert LLP in Washington, D.C..

Mr. Kaplan has served as Assistant Director of the SEC’s Division of Enforcement. He previously held positions as Assistant Chief Litigation Counsel and Senior Counsel/Staff Attorney in the Division. Earlier, he was an Associate with Morgan, Lewis & Bockius LLP in New York.

Market Abuse Unit

Daniel Hawke, head of the Philadelphia office, was selected to run the market abuse unit, which will focus on insider-trading and market-manipulation cases.

Mr. Hawke is Director of the SEC’s Philadelphia Regional Office. He joined the SEC’s Philadelphia office as Associate Regional Director, and previously served in the Washington, D.C. office as Branch Chief and Staff Attorney in the Enforcement Division. Earlier, he was a Litigation Partner at Tucker, Flyer & Lewis LLP in Washington, D.C.

Structured and New-products Unit

Kenneth Lench will run the structured and new-products unit, which will focus on derivatives and newly developed products.

Mr. Lench has served as Assistant Director, Branch Chief, Assistant Chief Counsel, and Senior Counsel/Staff Attorney with the SEC’s Division of Enforcement. Earlier, he was a Senior Attorney with the SEC’s Division of Corporation Finance, and an Associate with Sills Cummis P.C. in Newark, N.J.  (Mr. Lench I have the same college/law school combination:  J.D. from Boston University School of Law, and a B.A. from Brandeis University.)

Foreign Corrupt Practices Act Unit

Cheryl Scarboro will be named chief of the agency’s unit that investigates foreign bribery by corporations.

Ms. Scarboro has served as Associate Director, Assistant Director, Deputy Assistant Director, and Staff Attorney in the SEC’s Division of Enforcement. She also was Counsel to SEC Chairman Arthur Levitt, Jr.. Earlier, she was an Associate at Sutherland, Asbill & Brennan LLP in Washington, D.C.

Municipal-Securities and Public Pension Unit

Elaine Greenberg, a veteran of the Philadelphia office, has been tapped to run the municipal-securities unit. This will also include the new focus on pay-to-play.

Ms. Greenberg is the Associate Regional Director of the Philadelphia Regional Office of the SEC and has served as the Co-Chair of the Division’s national Municipal Securities Working Group. Earlier, she was Assistant Regional Director, Branch Chief, and Staff Attorney in the Philadelphia office.

Beyond these five new units there are two other initiatives.

Office of Market Intelligence

The SEC also created a new Office of Market Intelligence that will assume the responsibilities of the Internet enforcement unit and add new duties, such as handling tips and referrals. Tom Sporkin will lead this office.

Cooperation

The SEC also wants to encourage greater cooperation from individuals and companies in the agency’s investigations and enforcement actions. The new cooperation tools, not previously available in SEC enforcement matters, include:

  • Cooperation Agreements — Formal written agreements in which the Enforcement Division agrees to recommend to the Commission that a cooperator receive credit for cooperating in investigations or related enforcement actions if the cooperator provides substantial assistance such as full and truthful information and testimony.
  • Deferred Prosecution Agreements — Formal written agreements in which the Commission agrees to forego an enforcement action against a cooperator if the individual or company agrees, among other things, to cooperate fully and truthfully and to comply with express prohibitions and undertakings during a period of deferred prosecution.
  • Non-prosecution Agreements — Formal written agreements, entered into under limited and appropriate circumstances, in which the Commission agrees not to pursue an enforcement action against a cooperator if the individual or company agrees, among other things, to cooperate fully and truthfully and comply with express undertakings.

Sources:

SEC News Conference on its Enforcement Program

Bruce Carton of Securities Docket, Francine McKenna of Re: The Auditors and I are attending the SEC’s news conference virtually and taking notes using the CoverItLive tool embedded below.