SEC Risk Alert Provides Electronic Messaging Guidance to RIAs

The SEC’s Office of Compliance Inspections and Examinations (the “OCIE”) recently issued a risk alert (the “Alert”) regarding electronic messaging by registered investment advisers (“RIAs”).[1] As used in the Alert, the term “electronic messaging” refers to written communications sent electronically using text or SMS messaging, instant messaging, personal email, or private messaging, both through the RIA’s systems and through third-party apps (e.g., Twitter and Instagram).[2]

The Alert notes that electronic messaging implicates Rule 204-2 (the “Books and Records Rule”) and Rule 206(4)-7 (the “Compliance Rule”) under the Investment Advisers Act of 1940 (the “Advisers Act”). The Books and Records Rule generally requires RIAs to retain records of communications containing recommendations and marketing materials. The Compliance Rule requires RIAs to adopt and implement written policies and procedures reasonably designed to prevent violations of the Advisers Act and rules thereunder.

To support compliance with the Books and Records Rule and the Compliance Rule, the OCIE recommends that RIAs adopt the following practices when engaging in electronic messaging:

  • update policies and procedures to specifically address electronic messaging;
  • train employees on policies and procedures relating to electronic messaging;
  • regularly monitor the RIA’s electronic messaging activity, including activity on social media platforms; and
  • oversee employee use of electronic messaging by requiring prior approval of activity and content and utilizing security software.[3]

In the past year, we have seen a substantial number of RIAs, including some of our own clients, utilize electronic messaging platforms to reach potential and existing clients. We believe the Alert provides welcome guidance, but leaves many important questions unanswered. Accordingly, we encourage RIAs to consult with legal counsel to draft comprehensive policies and procedures before marketing through exciting new electronic mediums.

If you have any questions about the Alert or about the regulation of RIAs generally, please feel free to contact us.

John I. Sanders and Ali Fenno are associates based in the firm’s Winston-Salem office.


[1] Observations from Investment Adviser Examinations Relating to Electronic Messaging, SEC Office of Compliance Inspections and Examinations, (Dec. 14, 2018),


[2] Id. at 2-3.


[3] Id. at 3-5.

Knowledge assets are defined in the study as confidential information critical to the development, performance and marketing of a company’s core business, other than personal information that would trigger notice requirements under law. For example,
The new study shows dramatic increases in threats and awareness of threats to these “crown jewels,” as well as dramatic improvements in addressing those threats by the highest performing organizations. Awareness of the risk to knowledge assets increased as more respondents acknowledged that their