Guide to the Web for Registered Representatives
FINRA has developed this page to make registered representatives (RRs) aware of the compliance requirements and potential liabilities when using the Web and electronic communications for business purposes.
This page addresses some general compliance requirements that apply to electronic communications. It also discusses specific considerations relating to the use of email, instant messaging and websites including social networking sites, chat rooms, blogs, bulletin boards as well as the use of personal devices. We have based the information on published rules, interpretations and notices. Wherever possible, a link to the actual text of the rule or interpretation is provided.
An RR's compliance responsibilities when communicating via the Web or other electronic media are the same as in face-to-face discussions or in written communications with the public. In addition, RRs must be aware of internal firm policies and procedures that may restrict or prohibit the use of electronic communications.
Categories of Electronic Communications with the Public
Electronic communications may fall under any one of categories of communications defined in FINRA’s advertising rules. FINRA has provided detailed guidance on social media communications and websites in Regulatory Notice 10-06 and Regulatory Notice 11-39. Information on these and related advertising compliance issues can be found on the Advertising Regulation Web page. In general:
Rules that Affect Electronic Communications
All communications with the public are subject to compliance with FINRA rules and related interpretative materials. Set forth below are highlights of the rules that apply to all forms of electronic communications. RRs are urged to view the actual rules using the links provided.
Standards of Commercial Honor and Principles of Trade (FINRA Rule 2010)
Rule 2010 requires RRs to adhere to high standards of commercial honor and just and equitable principles of trade in conducting their business. Guidance regarding compliant ways to transact business and ensure just and equitable principles of trade are addressed in Interpretive Material related to this rule.
Communications with the Public (NASD Rule 2210)
Communications with the public must:
Guidelines to Ensure Communications With the Public are Not Misleading (IM-2210-1)
IM-2210-1 makes it clear that every member is responsible for determining whether any communication with the public is compliant. It also addresses what must be considered in determining whether a communication complies with all applicable standards.
Recordkeeping (SEC Rule 17a-4, NASD Rule 2210(b) and NASD Rule 3110(a)1)
In accordance with SEC Rule 17a-4, firms must retain all incoming and outgoing communications related to their firms business as such. Also, under NASD Rules 2210 and 2211, firms must retain all communications for a period of three years from the date of last use. For example, if an RR maintains a business-related web site, all information posted on the site must be captured and retained by the broker dealer. Similarly, any business-related email, instant messages or postings on a social media site must also be captured and retained by the broker dealer. RRs must know and comply with their firm’s policies and procedures with respect to record keeping. If an RR’s firm permits the use of personal devices such as a smart phone for firm business communications, the firm must be able to retain, retrieve and supervise business communications.
Approval and Supervision (NASD Rules 2210(b) and 3010)
Web communications that meet the definitions of advertisements, sales literature or independently prepared reprints set forth in NASD Rule 2210(a) must be approved prior to use and in writing by a registered principal of the broker dealer. For example, a website or search engine advertisement must be approved before use. In addition, the rules require that correspondence (which can include email and instant messages) distributed to more than 25 individuals within a 30-day period also receive prior-to-use principal approval. For example, an email message that contains a recommendation of a security and is distributed to more than 25 existing clients must be approved. Firms may employ an electronic system to capture and document these approvals.
In contrast, email or instant messages distributed to 25 or fewer individuals may be supervised in accordance with written policies and procedures developed by the firm. Regulatory Notice 07-59 provides detailed guidance to firms about how to supervise this type of electronic correspondence. Your firm may require that all of your electronic correspondence be approved prior to use and in writing, or your firm may audit your electronic correspondence using systems and controls it has developed. You should be aware of your firm’s policies with respect to electronic correspondence and ensure that you follow them at all times.
FINRA has also provided guidance about how firms can supervise interactive electronic communications by representatives using social media websites such as blogs or social networking sites (see Regulatory Notice 10-06 and 11-39). The firm must review prior to use any social media site that the RR intends to employ for a business purpose in the form in which the site will be “launched.” In addition, some communications on social media sites are considered advertisements that must be approved prior to use and in writing, while other communications may be considered public appearances that can be supervised in accordance with procedures adopted by your firm. For example, static content such as profile information on a social networking site or a blog posting will generally be considered an advertisement that requires firm approval before use. In contrast, your firm may choose to treat interactive comments posted in response to other comments by an unrelated third party as a public appearance. As such, the firm may choose to allow such comments to be approved after use. As this is an area of firm supervision, you must get the approval of your compliance department and learn the appropriate policies and procedures before engaging in business use of a social media site.
Suitability: Recommendations to Customers (NASD Rule 2310)2 and Online Communications (NASD Notice to Members 01-23)
RRs must have a reasonable basis for believing that each recommendation to a customer is suitable based on the information provided by the customer. To this end, RR's should make reasonable efforts to obtain information concerning a customer's financial status, tax status, investment objectives and other pertinent information considered reasonable in making a recommendation to the customer.
Notice to Members 01-23 addresses the applicability of suitability standards to electronic communications and clarifies what constitutes a recommendation in this environment. In this regard, RRs should note that the suitability rule fully applies to online activities where securities are recommended to customers. The Notice also offers examples of electronic activities that may fall outside the definition of a recommendation. Regulatory Notice 10-06 also makes clear these standards apply to social media participation.
Conflicts of Interest (NASD Rule 2711, IM-2210-1 (6)(C) and Regulatory Notices 07-04, 04-18 and 03-44)
RRs must avoid any conflicts of interest in transactions with customers. Rule 2711, IM-2210-1 (6)(C) and Notices 07-04, 04-18 and 03-44 cover conflict of interest issues regarding equity research reports and recommendations. Whether or not communicated electronically, conflict of interest and other disclosures required in research reports and recommendations must be made. RRs should note that they must not publish an equity research report without having registered as a research analyst and maintaining related continuing education requirements. Also, FINRA would give close scrutiny to circumstances where an RR personally buys shares of a thinly traded stock and then publicly makes a buy recommendation, or promotes the stock on the Web.
Day Trading Rules (FINRA Rules 2270 and 2130)
Rules 2270 and 2130 apply to member firms, and as such, RRs that promote day trading strategies. Firms are required to furnish a risk disclosure statement to a non-institutional customer prior to opening an account for the customer. In addition, the firm will either have to (1) approve the customer's account for a day trading strategy, or (2) obtain from the customer a written agreement that the customer does not intend to use the account for day-trading purposes. As part of the account approval process, the firm is required to make a threshold determination that day trading is appropriate for the customer. Regulatory Notices 09-72, 02-35 and 00-62, provide more information on these day-trading rules.
Electronic Communications Compliance Issues
EMail and Instant Messaging
RRs may mistakenly believe that sending an email or instant message from home through a personal account or from a personal device such as a smart phone or tablet computer exempts the communication from their firm's supervision or the regulations. In fact, whether sent from the office, home or elsewhere, email and instant messages that concern investments or a FINRA member firm's business fall under FINRA jurisdiction.
Group email and instant messages must be approved prior to use
In general, the same email or instant message sent to 25 or more prospective or existing customers within a 30-day period must be approved prior to use by an appropriately registered principal of the firm. Depending on their content, group messages may also require filing with FINRA's Advertising Regulation Department. Firms have flexibility to adopt their own procedures for how emails or instant messages sent to fewer than 25 individuals are handled. RRs should familiarize themselves with their firms' procedures and ensure they comply fully with them. RRs should contact their compliance departments for details in this area.
Firms must retain business-related email and instant messages
In addition to approval, firms must be able to retain and produce business related emails in accordance with specific regulations. RRs should familiarize themselves with their firms' requirements for email use and retention. For example, many firms require that all emails and instant messages be sent using firm equipment or software.
Web and Electronic Communications Compliance Issues:
The fact that an individual is registered subjects him/her to a higher standard than members of the general public. Given the fast-paced environment of electronic forums such as social media sites, chat rooms, blogs and bulletin boards, casual or off-handed statements have the potential of crossing the line from a reasonable opinion to a misleading, exaggerated or unwarranted claim.
Social Networking Sites and Chat Rooms
Social networking sites such as Facebook, Twitter and LinkedIn usually have static and interactive content. Static content like a profile, background or wall information is usually considered an “advertisement.” Static content is generally accessible to all visitors and usually remains visible until it is removed. As with all advertisements and sales literature as defined, a registered principal for the firm must approve, prior to use, all static content. Interactive content includes real-time extemporaneous online discussions with unrelated third parties such as in a chat room. Chat room or other content posted in an interactive electronic forum is considered a public appearance. Similar to extemporaneous discussions by an RR at a public appearance, interactive content does not require prior principal approval, but must be supervised.
Blogs and Bulletin Boards
Blog and bulletin board postings by an RR are typically static communications. As with all advertisements and sales literature as defined, a registered principal for the firm must approve all static content. Blogs may also feature interactive content, where a third party posts a comment in response to the initial blog and then the blogger responds to the third party comment. Such interactive comments by the blogger are considered to be public appearances. Similar to extemporaneous discussions by an RR at a public appearance, the interactive content does not require prior principal approval, but must comply with the content standards of the advertising rules and must be supervised by the broker dealer.
Since interactive content in social networking sites and blogs is considered a public appearance, RRs must follow the same requirements for participating in these forums as they would if they were speaking in person before a group of investors. There are no filing requirements, but RRs are accountable under FINRA rules and the federal securities laws for what they say. Like all public communications, interactive electronic postings must be fair, balanced and not misleading.
RRs Must Contact their Compliance Department
Firms are responsible for supervising the business-related activities of RRs including participation in these interactive forums. The rules apply regardless of whether an RR is in the office, at home, on a public computer or using a personal device. Because of the difficulties of supervision and the potential liabilities from participating in these forums, many firms limit or prohibit participation in certain on-line media. Accordingly, RRs who are considering communicating in a social networking site, chat room, bulletin board or a blog, should contact their compliance department to determine whether such activities are permitted and what procedures may apply. Regulatory Notice 11-39 provides further guidance on accessing social media sites from personal devices.
September 12, 2011
September 19, 2011
September 26, 2011
Third Party Communications
Procuring Material from Third Party Websites
Sales communications sold at a third party site may not be compliant with the Rules, since such material may include misleading or dated information or be subject to filing with FINRA. Therefore, RRs should exercise extreme caution when procuring sales communications from a third party Web site.
Linking to Third Party Websites
Linking to other sites raises concerns because these sites may contain misleading or incorrect information. An RR's web site should not have a link to a site that he/she knows or has reason to know contains false or misleading content (see Regulatory Notices 10-06 and 11-39). RRs should exercise the same care in choosing links as they would in referring customers to any outside source of information.
Third Party Postings
Although third party postings (such as customer posts) on an RR’s or firm’s site are not treated as the firm’s communication, RRs should exercise caution regarding a third party posting or link to the firm’s social media site, especially if it is business-related. Content added to the site by a third party may be deemed the firm’s communication if the firm had a role in creating it, endorsing it, or approving its use, as well as how the firm or the RR responds to the content. In addition, while the third party posts may not be deemed a communication of the broker dealer under FINRA’s advertising rules, the firm will need to retain such information under SEC Rule 17a-4 if it relates to the firm’s business and may have liability under other FINRA rules or the federal securities laws if such posting is fraudulent. Regulatory Notices 10-06 and 11-39 provide further guidance on this issue.
References to FINRA Membership and Linking to FINRA’s Website
A firm or a person associated with the firm who refers to its membership within FINRA on a website must provide a hyperlink to FINRA's home page at www.finra.org. The hyperlink must be located in close proximity to the reference to FINRA membership. If more than one reference to FINRA membership is made on the website, the hyperlink may be placed in close proximity to any FINRA reference that is reasonably designed to draw the public's attention to FINRA membership.
There is no independent obligation requiring a member to mention its FINRA membership. Thus, the hyperlink is required only if a member or associated person of the member firm chooses to mention its membership on its website.
Please note that the use of FINRA 's logo on a firm's or RR's website is prohibited.
State Registration Requirements
Each state has separate registration requirements for individuals doing business in that state. Use of electronic communications may be deemed a solicitation of business. Generally, the solicitation of business in a state triggers the requirement for registration. RRs are advised to rely on their individual firms for guidance regarding state registration issues.
Other Pertinent FINRA Information for RRs:
1 Effective December 5, 2011, NASD Rule 3110, Books and Records, will be replaced by FINRA Rule 4511 as announced in Regulatory Notice 11-19.
2 Effective July 9, 2012, NASD Rule 2310 will be replaced by FINRA Rules 2090 and 2111. See Regulatory Notice 11-02.