The Securities and Exchange Commission (SEC) recently announced charges against twelve firms – including nine investment advisers and three broker-dealers – for failures to maintain and preserve electronic communications. The enforcement action, resulting in $63.1 million in combined penalties, offers crucial lessons for chief compliance officers across the financial services industry.

The Core Violations

The SEC’s investigation revealed systematic failures in how firms monitored and preserved off-channel communications. These violations occurred across multiple levels of authority, including among supervisors and senior managers, highlighting a widespread industry challenge in adapting compliance programs to modern communication methods.

Key findings from the SEC’s investigation included:

  • Widespread use of unapproved communication channels
  • Failure to maintain required records of electronic communications
  • Inadequate supervision of personnel regarding communication practices
  • Violations of recordkeeping provisions under both the Investment Advisers Act and Securities Exchange Act

Regulatory Expectations and Enforcement Approach

The SEC’s Division of Enforcement emphasized that recordkeeping requirements are fundamental to market integrity and regulatory oversight. Acting Director Sanjay Wadhwa noted that these failures “implicate the transparency and integrity of the markets and their participants.”

Notably, the SEC demonstrated its continued commitment to rewarding proactive cooperation. The firm that self-reported its violations received a significantly reduced penalty of $600,000, while other firms faced substantially larger penalties ranging from $4 million to $12 million. This stark contrast in penalty amounts – with self-reporting resulting in a fine roughly 95% lower than the largest penalty – reinforces the importance of self-detection and prompt remediation of compliance issues.

Action Items for CCOs

To address these concerns and prevent similar violations, CCOs should consider implementing the following measures:

Policy Enhancement

  • Develop clear, comprehensive policies governing all forms of electronic communication
  • Regularly update policies to address new communication technologies and platforms
  • Establish specific guidelines for what constitutes approved versus unapproved channels

Training and Education

  • Conduct regular training sessions on communication policies for all personnel
  • Provide specific guidance for supervisors and senior managers
  • Include real-world examples of compliant and non-compliant communication practices

Technology and Monitoring

  • Implement robust communication surveillance systems
  • Regularly assess the effectiveness of current monitoring tools
  • Consider using artificial intelligence and machine learning for communication review
  • Establish clear procedures for flagging and escalating potential violations

Regular Assessment and Updates

  • Conduct periodic risk assessments of communication channels and practices
  • Review and update policies and procedures based on assessment findings
  • Document all program updates and the rationale behind changes
  • Maintain an audit trail of compliance program evolution

Looking Forward

The significant penalties imposed in this case signal the SEC’s continued focus on communications compliance. CCOs should view this enforcement action as an opportunity to reassess their current programs and implement necessary improvements. Regular program evaluation, coupled with proactive identification and remediation of potential issues, remains the best defense against regulatory scrutiny.