Social Networking and Web 2.0 – Compliance Building

Social Media Pump and Dump is Not Illegal (?)

Pump and Dump schemes brought the fiduciary standard to light. In SEC v Capital Gains Research Bureau the US Supreme Court said a pump and dump scheme by an investment adviser violated its fiduciary duty.

More recently, the SEC published an investor alert about Social Media and Investment Fraud. There is a lot of different frauds in there, but one is

Fraudsters may use social media to conduct schemes including:

Pump and dump schemes – pumping up the share price of a company’s stock by making false and misleading statements to create a buying frenzy, and then selling shares at the pumped up price.

A little over a year ago, the US Attorney is the Southern District of Texas thought they had seen a fraudulent social media pump and dump and brought charges against eight social media finance influencers. Edward Constantinescu aka Constantin 38, of Montgomery; Perry “PJ” Matlock, 38, of The Woodlands; John Rybarczyk, 32, of Spring; Dan Knight, 23, of Houston; along with Gary Deel, 28, and Tom Cooperman, 34, both of Beverly Hills, California; Stefan Hrvatin, 35, of Miami, Florida; and Mitchell Hennessey, 23, of Hoboken, New Jersey were accused of “pumping” the prices of securities by posting false and misleading information, and concealing their intent to later “dump” their securities after the prices rose. It was lucrative. The US attorney claimed the eight had illegally made more than $114 million.

Last week a federal judge in Texas said this wasn’t illegal and dismissed the criminal charges against the eight. Matt Levine thinks it’s a “weird opinion.” I agree.

I think what the order is trying to get at is that the eight had no obligations to the companies it was pumping, no obligations to their follower on social media, and since they were nota regulated entity, had no obligation to the financial markets.

Assuming this holds up to appeal, if there is one, pump and dump by influencers is not illegal, as long as as they are outside the finance industry. Or hired by the finance industry.

An alternative take on social media influencers is the action by FINRA against M1 Finance for social media posts made by influencers on the firm’s behalf that were not fair or balanced, or contained exaggerated, unwarranted, promissory or misleading claims.

M1 Finance paid social media influencers to post content promoting the firm, and instructed the influencers to include a unique hyperlink to the firm’s website that potential new customers could use to open and fund an M1 Finance brokerage account. …

FINRA found that M1 violated FINRA Rule Rule 2210 (Communications with the Public) and Rule 2010 (Standards of Commercial Honor and Principles of Trade). In addition, M1 Finance did not review or approve the content in its influencers’ posts prior to use or retain those communications. M1 Finance also failed to have a reasonable system, including written procedures, for supervising the communications that the firm’s influencers made on its behalf. These were in violation of FINRA Rules 2210, 2010, 3110 (Supervision) and 4511 (General Requirements-Books and Records).

The firm got in trouble, but the social media influencers seem outside the reach of FINRA.

Sources:

Beware of Social Media Consultants

The Securities and Exchange Commission packaged together five separate settled proceedings against registered investment advisers, investment adviser representatives, and a social media consultant for violations of the Testimonial Rule the use of social media and the internet.

If you get a pitch from someone to increase your firm’s presence in search results ask that person if they can gather up reviews from clients to publish. Read the rest of this post and we will revisit what to do with the answer.

SEC Rule 206(4)-1(a)(1) states that:

It shall constitute a fraudulent, deceptive, or manipulative act, practice, or course of business . . . for any investment adviser registered or required to be registered under [the Advisers Act], directly or indirectly, to publish, circulate, or distribute any advertisement which refers, directly or indirectly, to any testimonial of any kind concerning the investment adviser or concerning any advice, analysis, report or other service rendered by such investment adviser.

When it adopted the rule, the SEC stated that, in the context of investment advisers, it found that testimonial “advertisements are misleading; by their very nature they emphasize the comments and activities favorable to the investment adviser and ignore those which are unfavorable.” The staff has stated that the rule forbids the use of a testimonial by an investment adviser in advertisements “because the testimonial may give rise to a fraudulent or deceptive implication, or mistaken inference, that the experience of the person giving the testimonial is typical of the experience of the adviser’s clients.”

But marketing consultant Leonard S. Schwartz and his company Create Your Fate, LLC ignore the rule and looked for investment advisers as clients.

The first victim went unnamed in the SEC Order. Schwartz reached out to the clients of “Adviser A” and solicited testimonials. Schwartz then published some of those testimonials on “Adviser A”‘s Facebook page and Twitter feed. He also sprinkled in some videos on YouTube. “Adviser A” realized there was a problem, sent Schwartz information on the Testimonial Rule and asked for the testimonials to be deleted.

Schwartz continued the practice with other investment advisers: Greenfield, Eyster and Biel.

I would guess that the last three did not ask Schwartz to remove the testimonials as “Adviser A” did.

There is additional guidance form the SEC on social media. You can’t stop third parties from providing ratings on your firm on Yelp or other services. But if you control the page and publish the content, that’s prohibited. Recommendations posted by the adviser or its employees are strictly prohibited. Similarly, an adviser can’t pay for recommendations or offer discounts to clients to post commentary.

So if your marketing consultant/social media consultant/ search results consultant says to go ahead and solicit those reviews. Stop right there and show the consultant the door. It’s clear that publishing reviews of your firm is very problematic. Any “yes” answer with out a careful analysis of the SEC’s marketing rules and Testimonial Rule can lead to trouble.

Sources:

This Year’s Most Popular Posts

As 2015 comes to an end, I looked back at some website wonkiness and saw a report for the top stories this year based on the number of views. Maybe you missed some of these.

Qualified Purchasers under the Investment Company Act

What is a Security? Is Real Estate a Security?

Private Equity Real Estate Top 50 – 2014 Edition of Who Is Registered

Private Fund Exemptions under the Investment Company Act

Private Equity Real Estate Top 50 – 2015 Edition of Who is Registered

SEC Exam Document Request Examples

Real Estate Funds and the Investment Company Act

Is a Note a Security?

Social Media Policies Database

Yes, the SEC Wants Real Estate Fund Managers to Register

Hypothetical Backtested Performance

The NFL Teaches Us the Difference Between Ethics and Compliance

Is a Fund Manager an Investment Adviser?

Corporate Compliance Scam Continues. . .

Corporate Compliance Fraud in Georgia, Florida and Massachusetts

Is a General Partnership Interest a Security?

Kleptocracy Asset Recovery Initiative

The Knowledgeable Employee Exemption for Private Funds

Ethics and the Sales Relationship in World-Class Bull

Ethical Integrity Leadership – Setting the Tone From The Top

LinkedIn and Compliance for Private Funds

At the recent NRS Fall Compliance Conference I was talking with another attendee about LinkedIn and the SEC rules on advertising. The basic question was can her employees use it. That became a more nuanced discussion of the various features.

One topic was the messaging feature of LinkedIn. You can send massages to people on LinkedIn. It’s not a great tool, but some people like it. Her interest was because some of her employees wanted to use it to communicate with clients and potential clients. That was the first red flag.

As a registered investment adviser, her firm was subject to the record-keeping rules. Rule 204-2(a) (7) requires an investment adviser to keep records of certain communications between the adviser and its clients. If the communication is happening on a third-party platform, it’s outside of the investment adviser’s reach. That means getting a third-party application to capture that communication. There are several vendors who claim to be able to do so. ( Smarsh is one. Global Relay is another. )

The other question that I, and those nearby, latched onto was the “testimonials” implication of LinkedIn.

The advertising limits under Rule 206(4)-1 limit the use of any communications “which refers, directly or indirectly, to any testimonial of any kind concerning the investment adviser or concerning any advice, anaylsis, report or other service rendered by such investment adviser.” LinkedIn has several features that could be considered a testimonial.

The first is the recommendation feature. If a client writes a recommendation of the investment adviser, you’ve violated the rule. A recommendation would be considered a testimonial. The SEC’s view is that a testimonial may not represent the experience of a typical client. You can agree or disagree with the rule, but the rule is still in effect. My opinion was to have her employees shut off the recommendations feature and not allow them to use it.

The other feature that raises concern is the skills and expertise feature. That allows your connections to endorse particular skills. I personally find this feature to be wonky. The list of skills and expertise that I see in my profile seem a bit random and off base. Although some are right on target.

If a connection endorses a skill and expertise, I think that is a testimonial. Given that the endorsement could be from a client, then publishing that endorsement would violate the advertising rule’s ban on testimonials. My recommendation was to ban use of that feature.

What are your thoughts on the use of LinkedIn?

New Ruling on a Social Media Policy – Come on Down!

The National Labor Relations Board continues to wreck havoc on companies’ social media policies. That latest to get steamrolled in Boch Honda.

I grew up with Ernie Boch’s commercial proclaiming that his costs are less so his prices are less, so “come on down“.

Employers cannot prevent employees from discussing their conditions of employment with their fellow employees, radio and television stations, newspapers or unions. The NLRB will strike down provisions in social media policies that employees could reasonably construe as an unlawful prohibition.

The NLRB dismissed the following provisions, warranting “little discussion” that they are clear violations.

1. The Company requires its employees to confine any and all social media commentaries to topics that do not disclose any personal or financial information of employees, customers or other persons, and do not disclose any confidential or proprietary information of the Company.

2. If an employee posts comments about the Company or related to the Company’s business or a policy issue, the employee must identify him/herself…

5. If an employee’s online blog, posting or other social media activities are inconsistent with, or would negatively impact the Company’s reputation or brand, the employee should not refer to the Company, or identify his/her connection to the Company…

7. While the Company respects employees’ privacy, conduct that has, or has the potential to have a negative effect on the Company might be subject to disciplinary action up to, and including, termination, even if the conduct occurs off the property or off the clock.

8. Employees may not post videos or photos which are recorded in the workplace, without the Company’s permission.

9. If an employee is ever asked to make a comment to the media, the employee should contact the Vice President of Operations before making a statement.

10. The Company may request that an employee temporarily confine its social media activities to topics unrelated to the Company or a particular issue if it believes this is necessary or advisable to ensure compliance with applicable laws or regulations or the policies in the Employee Handbook. The Company may also request that employees provide it access to any commentary they posted on social media sites.

11. Employees choosing to write or post should write and post respectfully regarding current, former or potential customers, business partners, employees, competitors, managers and the Company. Employees will be held responsible for and can be disciplined for what they post and write on any social media. However, nothing in this Policy is intended to interfere with employees’ rights under the National Labor Relations Act.

12. Managers and supervisors should think carefully before “friending,” “linking” or the like on any social media with any employees who report to them.

You can take a look at other social media policies in my social media policies database.

References:

Boch Imports Case at the NLRB (.pdf)
Another Employer’s Social Media Policy Is Found Unlawful By An NLRB Administrative Law Judge by Joseph J. Lazzarotti in Littler’s Workplace Privacy, Data Management & Security Report

Top Social Media Enforcement Issues in the Securities Industry

twitter_button

Broker-dealers and investment advisers are finding access to client through social networks and providing new marketing opportunities. But they also pose the challenge of making it harder for the firms to supervise, review, maintain, and protect the information. The Securities and Exchange Commission and FINRA are struggling to keep the regulatory requirements up to date and protective as the social networks change rapidly.

In their article, “The Social Network Unhinged: #TopSocialMediaEnforcementIssuesintheSecuritiesIndustry,” which appeared in the June 2013 issue of Banking & Financial Services Policy Report, Sutherland attorneys Brian L. Rubin and Caroline A.Crenshaw review recent social media enforcement actions brought by the SEC and FINRA and discuss challenges facing the securities industry as it continues on the Internet.

The authors track the evolution from the early days of email to today. They also dive into cyber-security.

The SEC and Social Media

Netflix chief executive Reed Hastings got into trouble on July 3, 2012 when he used his personal Facebook page to announce that Netflix had more than one billion hours of online viewing in June. That trouble came from an SEC rule implemented in August of 2000: Regulation FD. That rule was implemented to stop the egregious practice of some companies delivering company news to select recipients ahead of a general announcement. Those select recipients would be able to make money from getting the news ahead of time and trading on the upcoming stock movement.

The SEC issued its report on the investigation of Mr. Hastings and determined not to pursue an enforcement action against him. The SEC publicly released its Report of Investigation to help provide some guidance on the use of social media for public company disclosure.

Personally, I thought Mr. Hastings made a bad decision in using his personal Facebook page to make a company announcement. The information had already been released, but in more technical releases. His personal Facebook page did have 200,000 friends who could see the news, but it was still gated and not available to the general public in a broad and non-exclusionary manner. It was a poor choice, but not one that should subject him or the company to an enforcement action.

Regulation FD is written to be platform neutral. You can release “important” company information as long as it available to everyone at the same time. It applies equally to press releases, company websites, Twitter, Facebook, or the big rock in front of your headquarters.

The key for correct distribution is to let people know where the news will be distributed. You could argue that Steve Jobs’ annual display of the latest gadget from Apple is a distribution channel that everyone knows about. A company could carve company announcements into the stone in front of its headquarters if it so chose.

Mr. Hastings foot-fault was that Netflix had not previously used his personal page as a platform for releasing company news. In early December 2012, Hastings stated for the public record that

“we [Netflix] don’t currently use Facebook and other social media to get material information to investors; we usually get that information out in our extensive investor letters, press releases and SEC filings.”

Hastings errant Facebook post was probably not “important” enough and the Facebook page was probably just public enough that the SEC thought it could not win an enforcement action. I’m sure Hastings and Facebook paid quite a bit in legal fees to address the repercussions of that errant post.

It’s not big news that the SEC has embraced social media. The SEC merely reminded companies that they need to go through the Regulation FD analysis when using social media platforms. The SEC embraced social media a long time ago.

I think Facebook is terrible primary platform for important corporate disclosures. It lacks the workflow and content management tools that any corporate communication professional would want to have. The same is even more so with Twitter. It’s hard to do much with 140 characters, except direct the reader to another website.

To de-emphasize the importance of the SEC guidance, it’s not even released as SEC guidance, a risk alert, or other typical SEC regulatory rulings. It merely restates what Regulation FD says and drops in the word Facebook. Too many social media specialists will merely read the headline.

Even Facebook does not use Facebook for company announcements. This announcement will not change that. Maybe Facebook will see the potential for including content management and compliance tools that will allow companies to embrace Facebook and be in compliance with securities laws.

Sources:

SEC Says Social Media OK for Company Announcements if Investors Are Alerted
SEC’s Report of Investigation
SEC: Social media OK for delivering info to investors in Investment News
Make Sure To Accept All Your Shareholder Friend Requests Before Announcing Material Information On Facebook By Bess Levin in DealBreaker
SEC okays social media disclosure for Reg FD. in the Q4 Blog

Social Media Access by Employers

There was a kerfuffle in the news about employers demanding access to employees’ social media site. The stories stated the employers asked for the employees’ passwords, in addition to their usernames. In response, at least six states have started the legislative process to prevent employers from demanding that access.

As you might expect, the tricky part is defining “social media.” William Carleton put together a collection of the proposed definitions and grades for the legislative definition of social media.

Her is New Jersey’s attempt, as an example:

“’Social networking website’ means an Internet-based service that allows individuals to construct a public or semi-public profile within a bounded system created by the service, create a list of other users with whom they share a connection within the system, and view and navigate their list of connections and those made by others within the system.”

Not surprisingly, the best rated definition was the one that did not have a definition. By defining a social media site, you risk the sites evolving to no longer fit within the definition.

My beef was that the definitions were focused like a laser on Facebook, LinkedIn, and Twitter. They fail to cover web publishing sites like blogs. There is a follow-up post that offers some suggested improvements.

My two cents was that these social media sites should allow employers to monitor employees:

“In the financial services industry, there are regulatory requirements to monitor employees’ interactions with customers. That’s easy to do with platforms controlled by the firm, like email, but difficult with the ever-changing platforms in social media. The solution. The social media platform should allow a company to monitor an employee’s account provided the company pays a monitoring fee. Of course the employee will need to consent to the monitoring. The platform gets a revenue stream and the company gets the monitoring and record-keeping it needs. The employee ends up with ‘big brother’ but only if the company thinks it’s a big enough problem that it is willing to pay the monitoring fee.”

If you charge the company, they will limit the explicit monitoring to those instances when the cost/benefit makes economic sense.

With the constantly evolving privacy settings on the platforms, it’s often hard to be certain who can see what piece of information can be seen by whom. But it should not be hard on the back end for a social media site to create an archive for monitoring purposes.

This will also open up these sites for more prolific use by those who have a regulatory requirement that otherwise limits access.

Sources:

Social Media Policy Update

In the frenetic early days of social media foward-thinking companies thoughtfully sat down and crafted sensible policies to help guide employees who had suddenly turned into web publishers.The companies recognized the risks involved, whether the employee was acting recklessly, or merely writing down unacceptable material without realizing the implications. It was still a small area of risk.

Things change. Facebook has launched as a public company worth billions (although apparently not worth $100 billion). Social media is challenging traditional media in several different way.

You would think that employers should be even more aggressive about curtailing employees and making it clear what is acceptable and note. The National Labor Relations Board apparently thinks otherwise. The NLRB has released its third report on social media cases brought to the NLRB [pdf].

Good luck trying to figure out what the NLRB considers acceptable in a social media policy and what it considers unacceptable.

Confidentiality:

Illegal: A policy that prohibits the “release [of] confidential guest, team member or company information”.
Legal: A policy that cautions employees to be suspicious when asked to disclose confidential information.

Illegal: “Get permission before reusing others’ content or images”.
Legal: “Respect all copyright and other intellectual property laws.”

Offensive or abusive language:

Illegal: “Offensive, demeaning, abusive or inappropriate remarks are as out of place online as they are offline”
Legal: “Employees should avoid harming the image and integrity of the company and any harassment, bullying, discrimination, or retaliation that would not be permissible in the workplace is not permissible between co-workers online, even if it is done after hours, from home and on home computers”.

Accuracy:

Illegal: Requiring employees to be “completely accurate and not misleading”.
Legal: “Make sure you are always honest and accurate when posting information or news, and if you make a mistake, correct it quickly.”

Non-Public information

Illegal: “Do not reveal non-public information on any public site.”

So not everything a policy may work, so how about a savings clause like this?:

This policy is for the mutual protection of the company and our employees, and we respect an individual’s rights to self-expression and concerted activity. This policy will not be interpreted or applied in a way that would interfere with the rights of employees to self organize, form, join, or assist labor organizations, to bargain collectively through representatives of their own choosing, or to engage in other concerted activities for the purpose of collective bargaining or other mutual aid or protection or to refrain from engaging in such activities.

The NLRB says no. A savings clause “does not cure the ambiguities in a policy’s otherwise unlawful provisions.

On the bright side, the NLRB did include the complete text of a social media policy that the NLRB considers lawful.

Sources:

May 30, 2012 NLRB report on recent social media cases (.pdf)
January 25, 2012 NLRB report on recent social media cases (.pdf)
August 18, 2011 NLRB report on recent social media cases (.pdf)
After NLRB’s Memo, Drafting Employment Policies Got Trickier by Daniel Schwartz in the Connecticut Employment Law Blog
Want a labor-law-legal social media policy? Bookmark this, I guess. by Eric B. Meyer in The Employer Handbook
NLRB’s position on social media policies remains a bungled mess by Jon Hyman in Ohio Employer’s Law Blog

NLRB Approved Social Media Policy

The National Labor Relations Board has been ruling on social media policies and making a mess of the regulatory landscape. In its May 30, 2012 report on recent social media cases (.pdf) the Board eviscerates many social media policies that resulted in adverse employment action. In the process it confuses the landscape of acceptable social media policy provisions. More to come on that in another post.

One good part of the report is that it does include the full text of a policy that the NLRB found to be lawful. Since they went to the trouble of blessing the policy, I went to the trouble of reproducing it below.

Social Media Policy

Updated: May 4, 2012

At [Employer], we understand that social media can be a fun and rewarding way to share your life and opinions with family, friends and co-workers around the world. However, use of social media also presents certain risks and carries with it certain responsibilities. To assist you in making responsible decisions about your use of social media, we have established these guidelines for appropriate use of social media.

This policy applies to all associates who work for [Employer], or one of its subsidiary companies in the United States ([Employer]).

Managers and supervisors should use the supplemental Social Media Management Guidelines for additional guidance in administering the policy.

GUIDELINES

In the rapidly expanding world of electronic communication, social media can mean many things. Social media includes all means of communicating or posting information or content of any sort on the Internet, including to your own or someone else’s web log or blog, journal or diary, personal web site, social networking or affinity web site, web bulletin board or a chat room, whether or not associated or affiliated with [Employer], as well as any other form of electronic communication.

The same principles and guidelines found in [Employer] policies and three basic beliefs apply to your activities online. Ultimately, you are solely responsible for what you post online. Before creating online content, consider some of the risks and rewards that are involved. Keep in mind that any of your conduct that adversely affects your job performance, the performance of fellow associates or otherwise adversely affects members, customers, suppliers, people who work on behalf of [Employer] or [Employer’s] legitimate business interests may result in disciplinary action up to and including termination.

Know and follow the rules

Carefully read these guidelines, the [Employer] Statement of Ethics Policy, the [Employer] Information Policy and the Discrimination & Harassment Prevention Policy, and ensure your postings are consistent with these policies. Inappropriate postings that may include discriminatory remarks, harassment, and threats of violence or similar inappropriate or unlawful conduct will not be tolerated and may subject you to disciplinary action up to and including termination.

Be respectful

Always be fair and courteous to fellow associates, customers, members, suppliers or people who work on behalf of [Employer]. Also, keep in mind that you are more likely to resolved workrelated complaints by speaking directly with your co-workers or by utilizing our Open Door Policy than by posting complaints to a social media outlet. Nevertheless, if you decide to post complaints or criticism, avoid using statements, photographs, video or audio that reasonably could be viewed as malicious, obscene, threatening or intimidating, that disparage customers, members, associates or suppliers, or that might constitute harassment or bullying. Examples of such conduct might include offensive posts meant to intentionally harm someone’s reputation or posts that could contribute to a hostile work environment on the basis of race, sex, disability, religion or any other status protected by law or company policy.

Be honest and accurate

Make sure you are always honest and accurate when posting information or news, and if you make a mistake, correct it quickly. Be open about any previous posts you have altered. Remember that the Internet archives almost everything; therefore, even deleted postings can be searched. Never post any information or rumors that you know to be false about [Employer], fellow associates, members, customers, suppliers, people working on behalf of [Employer] or competitors.

Post only appropriate and respectful content

Maintain the confidentiality of [Employer] trade secrets and private or confidential information. Trades secrets may include information regarding the development of systems, processes, products, know-how and technology. Do not post internal reports, policies, procedures or other internal business-related confidential communications.
Respect financial disclosure laws. It is illegal to communicate or give a “tip” on inside information to others so that they may buy or sell stocks or securities. Such online conduct may also violate the Insider Trading Policy.
Do not create a link from your blog, website or other social networking site to a [Employer] website without identifying yourself as a [Employer] associate.
Express only your personal opinions. Never represent yourself as a spokesperson for [Employer]. If [Employer] is a subject of the content you are creating, be clear and open about the fact that you are an associate and make it clear that your views do not represent those of [Employer], fellow associates, members, customers, suppliers or people working on behalf of [Employer]. If you do publish a blog or post online related to the work you do or subjects associated with [Employer], make it clear that you are not speaking on behalf of [Employer]. It is best to include a disclaimer such as “The postings on this site are my own and do not necessarily reflect the views of [Employer].”

Using social media at work

Refrain from using social media while on work time or on equipment we provide, unless it is work-related as authorized by your manager or consistent with the Company Equipment Policy. Do not use [Employer] email addresses to register on social networks, blogs or other online tools utilized for personal use.

Retaliation is prohibited

[Employer] prohibits taking negative action against any associate for reporting a possible deviation from this policy or for cooperating in an investigation. Any associate who retaliates against another associate for reporting a possible deviation from this policy or for cooperating in an investigation will be subject to disciplinary action, up to and including termination.

Media contacts

Associates should not speak to the media on [Employer’s] behalf without contacting the Corporate Affairs Department. All media inquiries should be directed to them.

For more information

If you have questions or need further guidance, please contact your HR representative.