1. /
  2. Confident Insights Newsletter/
  3. Social Networking May Be All the Rage, but Risks Abound

Social Networking May Be All the Rage, but Risks Abound

March 9, 2011


This TechBrief looks at the most relevant considerations facing organizations today.
Last January, the Financial Industry Regulatory Authority (FINRA) issued Regulatory Notice 10-06, titled “Social Media Web Sites – Guidance on Blogs and Social Networking Web Sites.” According to FINRA, a key goal of the notice was to show how its rules governing communications with the public apply to social media sites sponsored by financial firms. In addition, FINRA looked to provide guidance on how recordkeeping and supervision apply to these sites.
Shortly thereafter, Socialware, a developer of social media software, released “The Companion Guide to FINRA/SEC Social Networking Compliance.” The guide summarizes the key FINRA rules, with specific social network considerations and recommendations.
While FINRA Notice 10-06 and the Socialware Companion Guide may pertain only to the highly regulated financial services sector, they nevertheless address issues that all organizations should be aware of before participating, or allowing employees to participate, in social networks. This TechBrief looks at the most relevant considerations facing organizations today.

Recordkeeping responsibilities

According to FINRA, “every firm that intends to communicate, or permit its associated persons to communicate, through social media sites must first ensure that it can retain records of those communications.”
It is up to each firm to determine whether any particular technology provides the retention and retrieval functions necessary to comply. However, FINRA does not provide guidance as to how firms should do this, “nor is it certain that adequate technology currently exists.”
Since January 2010, technology has evolved quickly to meet these requirements, and as Socialware notes, solutions are available that enable firms to capture and retain all social networking activity (with associated metadata) and to archive this content in a structured fashion to enable more efficient and accurate discovery.

Prior approval

According to FINRA, “while prior principal approval is not required under Rule 2210 for interactive electronic forums, firms must supervise these interactive electronic communications...in a manner reasonably designed to ensure that they do not violate the content requirements of FINRA’s communications rules.”
In its guide, Socialware points out that, until the release of Notice 10-06, it was assumed that a status update, Tweet, or post to a discussion board required pre-approval. While pre-approval is not required under FINRA’s guidelines, firms are encouraged to employ “risk-based principles” to determine the proper amount of review.
Firms that require manual prior approval will quickly generate a compliance review bottleneck. Solutions that automatically route social media messages to a registered principal can alleviate this hurdle by accelerating the review process while also providing an audit trail.

Supervision of social media sites

FINRA Rule 3010 says in part: “Each member shall develop written procedures that are appropriate to its business, size, structure, and customers for the review of incoming and outgoing written (i.e., non-electronic) and electronic correspondence with the public relating to its investment banking or securities business.”
The scope of “correspondence” can be overwhelming. Socialware notes that social networks offer multiple ways to communicate with customers—from status updates to discussion boards to email and chat—and all are considered electronic communications. As a result, policies need to take into account the unique communication channels available on each social networking site and how best to address and control these content sources.


Notice 10-06 states: “Firms must adopt policies and procedures reasonably designed to address communications that recommend specific investment products. As a best practice, firms should consider prohibiting all interactive electronic communications that recommend a specific investment product and any link to such a recommendation unless a registered principal has previously approved the content.”
For example, Linkedin provides a mechanism to capture and display recommendations. In order to address this issue, firms may want to consider adopting a solution that allows them to disable the ability to accept or request Linkedin recommendations.

The handling of third-party posts

Notice 10-06 states: “As a general matter, FINRA does not treat posts by customers or other third parties as the firm’s communication with the public subject to Rule 2210. Thus, the prior principal approval, content and filing requirements of Rule 2210 do not apply to these posts.”
“Under certain circumstances, however, third-party posts may become attributable to the firm. Whether third-party content is attributable to a firm depends on whether the firm has (1) involved itself in the preparation of the content or (2) explicitly or implicitly endorsed or approved the content.”
According to Socialware, firms need to consider that republishing a comment from a third party (such as re-Tweeting) is likely to be considered an endorsement. So too will “Favoring” a post on Twitter or “Liking” a comment on Facebook. Consequently, firms may want to consider disabling the ability to “Favorite” or “Like” a Tweet or comment.


Social networking is an increasingly popular way for organizations to communicate with prospective clients and to generate sales leads. However, the rules of engagement for social networking are still developing, and organizations need to be mindful of the potential risk that interacting on these sites can create. As FINRA Regulatory Notice 10-06 demonstrates, regulators have taken notice of social networking much as they did more than a decade ago when email and instant messaging emerged as forms of business communication. While FINRA’s guidance applies specifically to the financial industry, the issues it highlights are equally applicable to organizations in all industries and verticals.

Related Link

Back to Newsletter