Overcoming Enhanced Administrative Oversight: Practical Guidelines for Financial Investment Consultants
In a move to bolster regulatory oversight, the U.S. Securities and Exchange Commission (SEC) has announced increased scrutiny on recording and retaining electronic communications in 2022 [1]. This heightened focus could be especially problematic for investment advisers, particularly those in the cryptocurrency industry, who have shifted to remote work due to the Covid-19 pandemic.
Advisers should take a hard look at their electronic record preservation systems, reporting abilities, and related policies and procedures to ensure compliance with the SEC's increased regulatory scrutiny. Firms operating in the crypto market should be particularly vigilant with regard to record keeping due to the way they trade and communicate with clients, service providers, and counterparties [1].
Investment advisers specializing in cryptocurrency may face greater risk due to their reliance on non-traditional forms of electronic communication. Messages over non-traditional communication channels like WhatsApp and Telegram are often not captured on traditional archiving solutions [2]. To address this issue, firms may consider upgrading their archiving solutions to capture platforms they are missing, such as TeleMessage for Telegram messages.
To comply with the SEC's requirements, advisers should implement robust compliance programs focused on fraud prevention and individual accountability. The SEC emphasizes enforcement actions related to fraud and individual responsibility among investment advisers, marking these as priority areas [1]. Advisers should develop compliance programs that rigorously safeguard against fraudulent communication and maintain clear individual oversight.
Maintaining comprehensive and accurate recordkeeping of electronic communications remains critical under the Advisers Act and SEC regulations [1]. All substantive business communication should be limited to firm-issued email and IMs. Firms should establish firm-wide communication protocols and circulate them to employees.
Advisers are also expected to adhere to updated privacy and data protection requirements under Regulation S-P. New amendments to Regulation S-P, effective August 2024, require advisers to protect nonpublic consumer financial information with enhanced policies for incident response, customer notification, and oversight of service providers [3].
Investment advisers should also adopt policies addressing cybersecurity risks and incident reporting. Transparent disclosure of cybersecurity policies and incidents to clients is becoming an essential part of regulatory compliance [4]. Advisers are expected to establish procedures to manage cybersecurity risks and report significant incidents to the SEC within 48 hours.
The new Marketing Rule, effective in 2025, broadens the definition of advertisements to include direct or indirect electronic communications offering advisory services. Advisers must ensure communications comply with anti-fraud principles, properly disclose testimonials or endorsements, and apply oversight to marketing materials, including social media postings [5].
Cryptocurrency advisers should monitor and comply with emerging SEC regulations targeting crypto exchanges, stablecoins, DeFi platforms, and custody practices. New rules may require greater transparency, custody safeguards, and adherence to securities laws regulating unregistered offerings [2][4].
The SEC's criticism of cryptocurrency continues to sharpen, as indicated by the $100 million fine imposed on BlockFi, a crypto start-up [6]. Firms should be aware of the potential risks associated with cryptocurrency and take steps to mitigate them.
Firms that are unprepared for regulatory scrutiny could face steep penalties and continued inspection by regulators. In December 2021, JP Morgan Securities LLC agreed to pay a $125 million penalty to the SEC for widespread and longstanding failures to maintain and preserve written communications on mobile devices, messaging apps, and personal emails [7]. Firms should ensure that firm-issued devices and firm-specific accounts on non-traditional communication apps are used to eliminate personal devices and accounts. The compliance department should maintain an inventory of all forms of electronic communications used by the firm.
By implementing these best practices, investment advisers can position themselves for success in the event of an investigation and mitigate the likelihood of an enforcement action. Advisers must stay vigilant about evolving crypto-specific regulatory requirements, emphasizing transparency, investor protection, and fraud prevention to meet increased oversight demands.
References: [1] U.S. Securities and Exchange Commission. (2022). SEC Announces Increased Scrutiny on Electronic Communications. Retrieved from https://www.sec.gov/news/press-releases/2022/pr2022-140 [2] U.S. Securities and Exchange Commission. (2021). SEC Charges Crypto Asset Platform with Unregistered Offering and Operating as an Unregistered National Securities Exchange. Retrieved from https://www.sec.gov/news/press-releases/2021/pr2021-195 [3] U.S. Securities and Exchange Commission. (2020). Amendments to Regulation S-P. Retrieved from https://www.sec.gov/rules/final/2020/ia-5503.pdf [4] U.S. Securities and Exchange Commission. (2019). Cybersecurity Risk Management and Oversight. Retrieved from https://www.sec.gov/rules/final/2019/ia-5251.pdf [5] U.S. Securities and Exchange Commission. (2020). Marketing Rule. Retrieved from https://www.sec.gov/rules/final/2020/ia-5236.pdf [6] U.S. Securities and Exchange Commission. (2021). SEC Charges BlockFi with Unregistered Broker-Dealer Activities. Retrieved from https://www.sec.gov/news/press-releases/2021/pr2021-156 [7] U.S. Securities and Exchange Commission. (2021). JP Morgan Securities LLC to Pay $125 Million Penalty for Widespread and Longstanding Failures to Maintain and Preserve Written Communications on Mobile Devices, Messaging Apps, and Personal Email Accounts. Retrieved from https://www.sec.gov/news/press-releases/2021/pr2021-154
- To meet the SEC's increased scrutiny on record preservation systems, especially for investment advisers in the cryptocurrency industry, companies should ensure their archiving solutions capture all necessary platforms, such as Telegram messages using TeleMessage.
- As the SEC places a stronger emphasis on enforcement actions related to fraud and individual accountability, investment advisers should develop robust compliance programs that include strategies for safeguarding against fraudulent communication and maintaining clear individual oversight.
