SEC Fines Multiple Investment Firms for Recordkeeping Failures

The Case

The Securities and Exchange Commission announced charges against nine investment advisors and three broker-dealers for failures by the firms and their personnel to maintain and preserve electronic communications in violation of recordkeeping provisions of the federal securities laws. 

The SEC found that personnel at these firms used unapproved communication methods, also known as off-channel communications. As described in the SEC’s orders, the firms admitted that, during the relevant periods, their personnel sent and received off-channel communications—records required to be maintained under the securities laws. The failures involved personnel at multiple levels of authority, including supervisors and senior managers. The firms were each charged with violating certain recordkeeping provisions of the Investment Advisers Act or the Securities Exchange Act. Firms were also cited for inadequate supervision, as their compliance frameworks failed to prevent or detect these violations.

Regulatory Implications

The SEC’s enforcement action highlights the growing regulatory scrutiny surrounding recordkeeping and electronic communications. Regulators expect investment advisors and broker-dealers to maintain comprehensive records of business-related communications, regardless of the platform used. The widespread use of off-channel communications, such as personal messaging apps, has led to numerous enforcement actions in recent years, signaling a strict approach to compliance failures in this area.

One key takeaway from these cases is the SEC’s focus on firm-wide accountability. The violations were not limited to lower-level employees but extended to supervisors and senior management, reinforcing the expectation that leadership plays an active role in maintaining compliance. Firms are not only responsible for setting policies but also for enforcing them, monitoring employee behavior, and taking corrective action when violations occur.

Additionally, the SEC’s decision to reduce penalties for one firm that self-reported demonstrates the benefits of proactive compliance measures. Firms that identify and report violations before regulatory intervention may receive more favorable treatment, including lower fines and mitigated enforcement consequences.

Practical Guidance for Firms

Firms should take a structured approach to improving their compliance frameworks to follow recordkeeping requirements and reduce regulatory risk.

Step 1: Assess Current Communication Practices

Start by evaluating how employees communicate internally and with clients. Identify whether off-channel communications, such as messaging apps or personal email accounts, have been used for business-related discussions. This assessment should involve compliance teams, IT personnel, and senior leadership to capture a complete picture of communication risks.

Step 2: Implement Clear Policies and Controls

After identifying gaps, establish firm-wide policies on approved communication channels. Policies should be explicit about which platforms are allowed, who has access, and how messages are archived. Any outdated or vague policies should be updated to reflect current regulatory expectations.

Step 3: Deploy Monitoring and Supervision Measures

Compliance teams should implement a system for monitoring electronic communications, using automated surveillance tools where possible. Supervisors should be trained to recognize potential violations and escalate concerns appropriately. Regular testing can help identify weaknesses before they become regulatory issues.

Step 4: Conduct Employee Training and Reinforcement

Training sessions should focus on why recordkeeping is critical, how employees can comply, and what consequences may result from violations. Rather than a one-time initiative, training should be an ongoing effort, with periodic refreshers and real-world case studies to illustrate risks.

Step 5: Establish a Self-Reporting and Compliance Review Process

Encouraging employees to report compliance concerns internally can help firms address violations before regulators intervene. Routine compliance reviews, including audits and spot checks, can also help detect problems early and provide an opportunity to correct them.

By following these steps, firms can build a stronger compliance framework that aligns with SEC expectations. InnReg helps investment advisors evaluate their communication policies, implement supervision systems, and strengthen internal processes to mitigate regulatory risks.