Trade Associations Criticize SEC's Application of Adviser Act Recordkeeping Rules on Electronic Communications
Commentary by Steven Lofchie
In a joint letter to the SEC Chair, an industry coalition (the "Associations") criticized the agency's recent enforcement sweep against investment advisers saying that the actions exceed the scope and application of recordkeeping rules on text messaging and other electronic communications. The sweep follows the news of significant fines imposed by the SEC on broker-dealers for violating recordkeeping rules (see previous coverage).
According to the Associations, the extent of the SEC's demand for information substantially exceeds the extent of the SEC's authority under the Advisers Act. The Associations stated that whereas broker-dealers are required to maintain a record of not only a long list of specified materials, but also "all communications relating to their business as such," investment advisers are required to keep a significantly shorter list of specified materials with no language in the Advisers Act requiring advisers to keep other materials. The Associations argued that the SEC is attempting to interpret the specific requirements of the Advisers Act recordkeeping provisions to incorporate a far broader range of materials than a plain language reading of the Advisers Act would suggest is required.
The Associations also contended that the SEC does not have authority to bring a securities law enforcement claim against an investment adviser when its personnel fail to comply with a provision of the adviser's compliance manual, but that failure would not (in the absence of the requirement set out in the compliance manual) constitute a violation of law.
In addition, the Associations expressed concern that the SEC did not consider the privacy implications of requiring firms to provide all off-channel communications, even those unrelated to business matters. The Associations said that collecting communications from a representative's personal device is highly invasive, typically requiring the entire contents of the device to be copied, including potentially sensitive data. In certain cases, that may be in violation of data privacy laws, the letter argued.
The Associations urged the SEC to apply IAA Rule 204-2(a)(7) ("Books and records to be maintained by investment advisers") "as written," and said that if the SEC determines that a different interpretation is necessary, it should issue guidance on the matter after consulting with relevant industry participants. The Associations insisted that the SEC (i) properly interpret and apply the Compliance Rule and (ii) utilize existing tools to address recordkeeping requirements.
Commentary
The Associations make a number of very significant legal points in their letter. The first is that the broker-dealer record keeping requirement is far broader than the investment adviser recordkeeping requirement. This seems very straightforward on the words of the different rules and based on the regulatory history of the rule applicable to investment advisers, as recounted in the Associations' letter.
The second point is that the SEC should not treat the violation of an adviser's compliance manual by the employee of an investment adviser (or implicitly by the employee of any SEC-regulated entity) as constituting a deemed violation of the securities laws when the employee's failure would not (absent the language in the compliance manual) violate the law. The Associations point out that an investment adviser may have many reasons for writing a compliance manual that goes beyond the requirements of the Securities Laws; e.g., an adviser may wish to ensure that the employee does not disclose trade secrets or the adviser wishes to create a best practices standard in communications.
Among regulatory lawyers, it is generally considered good advice to tell clients not to write compliance procedures that are stricter than the letter of the law, because the SEC will deem the compliance procedures to be the law. This seems a logically odd result, because an investment adviser (or other regulated entity) does not write law when it adopts a compliance manual. Further, there are good reasons why a regulated entity might want to adopt a manual that goes beyond the requirements of law, for example to a "best practices" standard. By treating the compliance manual as equivalent to applicable law, the SEC arguably discourages firms from creating compliance procedures that embody best practices rather than the minimum legal standards.
This is a very interesting issue worthy of public discussion. Perhaps regulated entities should also adopt a disclaimer in their compliance procedures that to the extent such procedures go beyond the law, they are not intended to impose securities law obligations on the firm or its employees, but only to impose "work standards" on its employees that are enforceable between the firm and its employees.
Related Articles
-
A broker-dealer settled FINRA charges for failing to preserve business-related text messages sent by its registered representatives on firm-issued iPhones using Apple's iPhone-to-iPhone messaging system.
-
A broker-dealer settled FINRA charges for failing to preserve employees' business-related text messages. The settlement was part of a larger joint agency sweep to assess compliance with recordkeeping and supervision requirements related to "off-channel" communications involving employees' personal devices.
-
Sixteen dually registered entities settled SEC and CFTC charges for recordkeeping and supervision violations related to "off-channel" communications involving employees' personal devices.