View
2
Download
0
Category
Preview:
Citation preview
Creating a Compliant Texting Policy: A Guide for Financial Services Firms
GUIDE #CompliantTextingPolicy
| 2Compliant Texting Guide
03 The Current State of Texting
04 Texting Regulation Principles
05 A Process for Policy Development
06 Policy Guide ContentPART 1: CORPORATE STRATEGY, RULES AND TECHNOLOGY CONSIDERATIONS
PART 2: RULES OF ADVISOR ENGAGEMENT
PART 3: SPECIAL CONSIDERATIONS FOR REGULATED INDUSTRIES
13 Summary Of Related Rules & Regulations
14 Compliant Text Solution: Hearsay Relate™
| 3Compliant Texting Guide
THE CURRENT STATE OF TEXTING
Our goal is to provide you with a process to
follow for policy development, as well as
comprehensive guidance on the topics that need
to be considered and how to incorporate them
into your policy.
At this point, you’ve seen the literature about how your advisors are already
texting with clients. Financial services firms committed to attracting today’s top
talent and empowering advisors for success know that texting is a critical tool.
However, text messaging for business communications presents similar
consumer protection issues, with associated regulations and laws, that email and
social media for marketing do.
The FCC, FTC and FINRA are all involved in regulating text messaging for
financial services firms, and the penalties for not complying with their rules can
be steep. Not only do you have to worry about regulatory fines from FINRA and
the SEC, but text messaging is also hotly litigated. A number of financial
services firms have been required to pay multi-million dollar class action
settlements as a result of TCPA litigation (lawsuits that include texting). This
guide will assist in building a comprehensive framework for your texting policy
to help you avoid such a fate.
| 4Compliant Texting Guide
TEXTING REGULATION PRINCIPLES
All industries must comply with consumer protection laws interpreted by the
Federal Communications Commission (FCC) for texting that protect consumers
from spam. If you addressed CAN-SPAM for email, you may have some
experience with similar laws.
Text messaging is slightly different because mobile technology is newer and
constantly evolving. It’s important to understand the perspective of the FCC
when they think about consumer protection laws in the face of this changing
landscape, because any changes to laws and regulations will be influenced by
these principles.
Principle #1A mobile phone is inherently personal and businesses should respect the
intimacy of the channel. Unlike an email, which you access through a web
browser, you receive texts on a device that sits in your pocket (your phone).
Therefore, the FCC wants to make sure that businesses are thoughtful about
how they use it.
Principle #2Text messaging is not necessarily free for consumers. Not all consumers have
unlimited text messaging policies; some will experience a real, per-text cost
when they interact with your business. Therefore, the FCC wants to ensure that
consumers don’t bear an undue financial burden because businesses are eager
to engage with them. The FCC has been consistent about maintaining these
principles when interpreting the laws and regulatory actions with regard to
texting over the past 20 years. So even though the regulations today will not be
the same as the regulations in five years, writing your policy to these principles
will ensure that it endures any changes that occur.
Mobile phones are
inherently personal;
businesses should respect
the intimacy of this
channel.
| 5Compliant Texting Guide
POLICY DEVELOPMENT PROCESS
Policy development can
be a daunting task. Start
with this big picture
framework that outlines
the steps you need to
take, from the beginning
all the way to successful
advisor roll-out and
maintenance.
STEP 1Establish a texting task force. Bring together stakeholders from compliance, sales/distribution and marketing leaders from corporate, and most definitely get an advisor or two to join the team.
STEP 2Determine your company’s texting strategy. For example, is your firm trying to increase client interaction, or have more organized communication in the field?
STEP 3
Draft a comprehensive advisor texting policy. Use simple language and clear examples to prevent and address compliance risks when advisors text their clients. Be sure to include a consumer facing policy on how your texting program works that advisors are required to share at regular intervals.
STEP 4
Get executive and “advisor influencer” buy-in. Get executive and “advisor influencer” buy-in. Be sure executives sign-off on your final draft and commit to evangelizing the policy. Find advisors who will adopt the policy and share success stories.
STEP 5
Widely distribute your policy. Deliver your policy through as many communication channels as possible: email, advisor portal, training sessions, onboarding handbooks and orientation sessions, etc.
STEP 6Share success. Share advisor success stories, particularly if you’ve adopted a compliant text messaging solution.
STEP 7
Continually update the policy guide. Texting etiquette and guidance from lawmakers change rapidly. Your policy should be a living document subject to constant modification, with a minimum of a once-a-year update.
| 6Compliant Texting Guide
POLICY GUIDE CONTENT
Part I: Corporate Strategy, Rules
and Technology Considerations
CONVEY SUPPORT FOR TEXTING USEA half-hearted approach to texting use will not generate the results you seek.
When you set up your policy, communicate how much you value the business
opportunities afforded by texting and the role your employees can play. Write
your policy in layman’s terms so advisors understand it.
BEGIN THE TEXTING POLICY WITH COMPANY VALUESA texting policy is an opportunity to reinforce company values and branding. By
starting your policy with company values, you will remind advisors of your brand
promise and the appropriate tone and language to use in text messages.
COMMUNICATE TRUST AND GOALSFormally acknowledge that the company is entrusting advisors with its
professional reputation, trade secrets and other confidential information. Give
examples of proprietary information that should not be shared by text.
UNDERSTAND THE LEVEL OF CONSENT REQUIRED TO
CONTACT INDIVIDUALSConsumer consent is required for all business text messaging conversations.
However, the type of consent varies, depending on the type of communication.
There are two main types:
Advertising:
Solicitations or invitations to
purchase a product, good or
service, e.g., “Come by the
office and sign up for a life
insurance policy.”
Non-advertising:
All other messages, e.g.,
“Want to meet for coffee?”
THE TYPES OF CONSENT FOR EACH
OF THESE ARE:
Is this an ad?
No Yes
(Any material advertising the
commercial availability or quality of any
property, goods, or services)
Prior express express content
Prior written express content
WrittenSignature
Oral Permission
Implied Permission
Written/Digital
Content
MESSAGE
| 7Compliant Texting Guide
TEXTING METHOD: SHORT CODES AND LONG CODESShort codes are short numbers that have a simple call and response
functionality. They can only interpret very simple commands (e.g., voting on
American Idol by sending a message to a short code number records a vote). A
long code, in the United States and Canada (and most of the Caribbean), is a
unique 10-digit number. How it’s used or what it can do is entirely configurable
(receive voice calls, text, use it as an ID to enable apps, etc.).
Your firm must decide what type of technologies best support your preferred use
case. Clearly, every texting policy will allow long codes, which can work as well
for advertising as non-advertising. But what about short codes? They’re often
used in consumer campaigns for ease-of-use/memory.
Do you want your advisors to have texting campaigns? If you do, don’t forget
FINRA Rule 2210, where you must pre-approve (supervision capabilities
required) electronic communications that are sent to 25 or more retail investors.
This won’t be an issue for long codes, because conversations are dynamic. But
when you run a campaign, it’s something you need to think about.
RECORD OF CONSENTConsent must be recorded. Even if consent can be obtained orally or can be
implied by circumstance, ensure you have a corresponding record that
demonstrates such consent was properly obtained. Include the need to obtain
and record consent in your texting policy guide.
SET RULES ABOUT ACCESSING TEXTING CAPABILITIESTo ensure compliance, create a single texting and archiving methodology. If
advisors want to use text to engage with customers and prospects, they will be
forced to adopt your one texting option. This allows you to keep appropriate
records and consumer opt-in data.
But what about ‘mixed-use’
texts? Here’s an example:
“Our company is offering a special
for first time investors. Why don’t
you come down to the office?”
Each sentence, by itself, is not an
invitation to buy anything; it tells
you factual information (first
sentence) or a request that doesn’t
relate to services (second
sentence). But, put together, you
must ask yourself, “Would an
average consumer, under these
circumstances, reasonably believe
that the purpose to come to the
office is to buy something?” It’s
likely the answer is yes and
therefore falls into the category of
advertising message.
| 8Compliant Texting Guide
BYOD, COPE or CYODWhat device will you allow agents and advisors to use to text? If they’re
employees of your firm, you’ll have more control over this issue than if they’re
independent advisors. In your policy guide, be clear on which of the following is
permissible:
Bring Your Own Device (BYOD)
A BYOD policy allows advisors to use their personally owned phones
for business, including access to privileged company information and
applications. It’s the most flexible and appears to be on its way to
becoming the most popular approach, even among enterprises.
However, security remains a concern. If you’re considering BYOD, it’s
important to educate and control conduct through a very detailed
policy about how advisors can use their phone—or with the right
enterprise-class texting solution.
Corporate Owned, Personally Enabled (COPE)
COPE is an alternative to BYOD that provides some flexibility but
maintains the security and archiving compliance that regulated
businesses need. Firms provide a sanctioned (and paid for) device to an
employee, who can also use the device for personal tasks. Employees
get many of the benefits of BYOD, and IT maintains governance over
the device and its data by limiting and managing the allowable
hardware, services and apps.
Choose Your Own Device (CYOD)
CYOD is a hybrid of BYOD and COPE. Firms that offer this approach
provide a predetermined selection of devices that advisors and other
employees can choose from, for their business use. IT departments can
configure the device with necessary apps to protect sensitive data, and
offering a limited selection of devices saves IT time while still providing
privacy and options for advisors.
| 9Compliant Texting Guide
MOBILE DEVICE MANAGEMENT (MDM)MDM, also known as Enterprise Mobile Management (EMM), is
command-and-control security software used to monitor and manage any
mobile devices that access critical business data. It can be used for BYOD,
CYOD or COPE deployment models and across multiple carriers and operating
systems. Depending on how you configure your MDM, you can prevent advisors
from using certain functionality, or from using certain mechanisms. MDM is very
attractive when it comes to policy enforcement, but it is another piece of
complex and highly customizable enterprise technology that must be managed.
Creating a customized MDM with intricate rules necessarily complicates the
capabilities of your texting platform. That said, you can also configure your
MDM to certain industry standards, which helps reduce internal management
cost.
MMS OR SMSSMS stands for short message service and MMS is multimedia service. SMS is
simply single text messages passed back and forth to telecom networks. MMS
includes both media (pictures, videos, emojis, etc.), and additional texting
functionality. For instance, if you send a group text via SMS to three individuals,
the SMS protocol delivers the message as a one-to-one communication three
times (each person in the group receives the same message from the sender,
but can’t see anyone else in the group). MMS, on the other hand, can send a
group message like a “chat room” – everyone in the group can see the phone
number of other members, and all conversations will be threaded (they follow in
a single string like email).
DELEGATIONIt’s reasonable to expect that every text message number is associated with a
single person. However, the ability to share the same number between multiple
people is enormously handy. Imagine how much more time advisors could
spend face-to-face with clients if their assistants could send texts on their behalf:
reminders, birthday greetings, work to scheduling meetings. There are texting
tools, like Hearsay Relate, that can make this happen through a web interface.
Include any policies or rules around what type of tasks can be delegated.
| 10Compliant Texting Guide
Part II: Rules of Advisor Engagement
HELP ADVISORS MAKE A CLEAR DISTINCTION BETWEEN
PERSONAL AND BUSINESS COMMUNICATIONSRegulations in the financial services industry require supervision, capture and
archival of all activity and content related to soliciting business in any capacity or
engaging with customers or prospects for business-related reasons. FINRA uses
the standards of “business as such” and “communications with the public” to
determine whether financial firms’ supervision and archiving responsibilities
kick in.
REQUIRE INTEGRITY AND HONESTY IN MARKETING AND
ADVERTISINGImpress upon your advisors that texting communication is a reflection of the
company and must be accurate. If you conduct business in a regulated industry,
pay special attention to compliance requirements. Posts should not be created
with the intention of manipulating consumers into buying, prospecting or
soliciting a service or product. Insist that posts and recommendations disclose
any relevant relationship between recommenders and endorsers and the
company. Financial incentives, especially, should be disclosed according to FTC
Endorsement Guides.
PROHIBIT HARASSING AND LIBELOUS STATEMENTSAdvisors who make disparaging, defamatory or harassing statements can subject
themselves and/or the company to liability. Include digestible definitions of
defamation, libel and harassment in your policy and trainings.
PROVIDE RULES AND EXAMPLES FOR TEXT RESPONSESAdvisors are an extension of the company’s brand. Explain why employees should
not respond with an unpleasant or retaliatory text if they receive a negative text
about them, the business or brand. Besides potential legal consequences, studies
have shown that defensive behavior reflects negatively on the brand no matter
the wording used.
COMMUNICATE STATE AND FEDERAL CONSUMER
PROTECTION LAWSDepending on the model you support for things like short code or long code,
communicate the associated state and federal consumer protection laws in
your policy.
| 11Compliant Texting Guide
COMMUNICATE THE IMPORTANCE OF PROTECTING
SENSITIVE DATA AND MATERIAL INFORMATIONPersonally identifiable data should never be texted. Consult and publish
industry-specific laws on data security such as state privacy regulations,
international Privacy Regulations, HIPAA, Gramm-Leach-Bliley or SEC Regulation
S-P. If your company is publicly traded, also beware the power of texting to
divulge material information about a company’s value. Consult your legal team
about the implications of Regulation FD (Reg FD) and Sarbanes-Oxley, as well as
texting material of non-public information. Securities laws violations could be
triggered through texting if an advisor shares material information with clients
prior to its public dissemination (e.g., an advisor sends a text to a customer to
invest in XYZ Corporation, as they are about to release good results).
STRESS THE IMPORTANCE OF RESPECTING
INTELLECTUAL PROPERTYCopyrights, trademarks, trade secrets and other intellectual property best
practices should be upheld in all texting forums. Encourage employees to cite,
attribute and link to their sources to give credit where credit is due.
Stress the permanence of texting content. Remind your advisors that texting
can be used as evidence in legal proceedings. Texts last in perpetuity. Evidence
from texting has been used in murder trials, settlement discussions, binding
policies, medical malpractice suits, sexual harassment claims and other
legal cases.
DESCRIBE CONSEQUENCES FOR ABUSE OF THE
POLICY ITSELFDecide what consequences there are for violating the policy. Will you have a
warning system? In what situations will you terminate the advisor relationship?
Make sure to avoid overly broad violations like ‘harm to the company’ or
provisions.
| 12Compliant Texting Guide
Part III: Special Considerations for
Regulated Industries
ADVERTISING REGULATED PRODUCTS OR SERVICESMany regulated industries, such as life insurance and securities, have strict rules
prohibiting potentially misleading advertising language. For example, many
states’ insurance laws provide keywords that cannot be used in life insurance
advertisements (e.g,. ‘guaranteed,’ ‘free,’ ‘limited time only’). Determine what
words apply for your company and call them out in your policy guide.
SUITABILITY OF INVESTMENT RECOMMENDATIONS
AND PRODUCTSAny recommendation to buy or sell a security must be specific to each
prospective investor to whom it is made. Consider that investment products,
services or valuations are difficult to discuss in a compliant manner via texting.
Think about adding a chart to suggest the appropriate channels of
communication for different types of conversations.
REGULATION S-PIn addition to Regulation FD, financial institutions should also consult the SEC’s
Regulation S-P, privacy rules under section 504 of the Gramm Leach-Bliley Act.
This regulation concerns the disclosure of non-public personal information about
customers. Non-public information includes any list, description or other
grouping of consumers (and publicly available information pertaining to them)
that is derived without using any personally identifiable financial information that
is not publicly available.
FINRA AND OTHER REGULATORY NOTICESFINRA and other regulatory bodies have outlined guidelines that require
compliance and supervision for communication channels. Specifically, FINRA
Rule 3110 requires financial services firms to have a system to supervise the
activities of each registered representative, registered principal or other
associated person. It also states that the system must be reasonably designed to
achieve compliance with applicable securities laws and regulations and with
applicable FINRA rules. Additionally, FINRA Rule 3110 requires a broker-dealer
toretain e-communications made by the firm and associated persons who relate
to the firm’s business as such. What does that all mean? To be FINRA 3110
compliant, you need a text messaging solution with the ability to archive and a
supervisory dashboard (like Hearsay Relate). This is your foundation for fine-free
advisor texting.
| 13Compliant Texting Guide
CATEGORY RULES AND REGULATIONS
ARCHIVE & RECORDKEEPING
FINRA Rule 3110, FINRA Rule 2210, FINRA Rule 2111, Advisers Act Rule 204-2 & 206(4)-7, SEC Rule 17a-3, SEC Rule 17a-4, FINRA Regulatory Notices 10-06 and 11-39.
SUPERVISIONFINRA Rule 3110, FINRA Rule 2210, FINRA Rule 2111, FINRA Regulatory Notice 07-59, Anti-Spam Laws, Consumer Protection Laws
CONTENT CONTROLSFINRA Regulatory Notice 07-59, Gramm-Leach-Bliley Act (GLBA), SEC Reg. S-P, Consumer Protection Laws, Anti-Spam Laws
ATTESTATION Consumer Protection Laws, Privacy Laws
GOVERNANCERESPONSE RATE CONTROLS
FREQUENCY CONTROLS
FINRA Rule 2210, Consumer Protection Laws Consumer Protection Laws , FINRA Rule 2210, Anti-Spam Laws
BUSINESS PHONE NUMBERS Employee protection and Privacy Law, Common Law
SUMMARY OF RELATED RULES & REGULATIONS
hearsaysystems.com
BENEFITS• Risk mitigation with enterprise-class
security, controls and compliance.
• Support all deployment models – BYOD, CYOD and COPE – by providing a separate work number.
• Stop dropping calls; carrier-grade cellular voice delivering high-quality calls.
• Easy integration with your CRM and other core enterprise systems, like archiving.
• Quick implementation, deployment and onboarding for rapid time to value.
• More than text & voice – a mobile productivity center for advisors.
• Improved client and advisor experience with automation, delegation & smart workflows.
COMPLIANT TEXTING & MOBILE CALLING, BUILT FORWEALTH MANAGEMENT
Hearsay Relate helps wealth management firms improve the client-advisor experience. It makes business communications simple and reliable while maintaining the enterprise-class security and controls FINRA, SEC, IIROC, FCA and MiFID II regulations require. Hearsay Relate is a compliant text and high-quality cellular voice solution. Your advisors can connect to their clients from their desktop or any mobile device. More than just text and mobile calls, Relate turns your advisors’ devices into mobile productivity centers. AI-based automation, team delegation and workflows help advisors service clients faster, drive more in-person meetings and save time converting prospects to clients. Relate scales as you grow and automatically captures advisor-client interactions and all related metadata – with no effort from your advisors – creating deeper insights across the organization.
OTHER PRODUCTS
ActionsSocial Sites
Wealth Management
hearsaysystems.com
To improve your lead follow-up process and conversion rate today, contact us at:
VISIT hearsaysystems.com
EMAIL contact@hearsaysystems.com
CALL +1 415-692-6230+1 888-990-3777
ABOUT HEARSAY SYSTEMS
Hearsay Systems is reinventing the client experience in Wealth
Management, Insurance and P&C with compliant digital communications and workflow solutions. Over 150,000 advisors and agents at the world’s largest financial services and insurance firms leverage Hearsay to engage with customers and build stronger relationships to grow their business.
With Hearsay Cloud for financial services, advisors and agents
provide real-time, personalized and seamless client experiences across the right channel - social, texting and mobile - at the right moment. Automated, pre-built industry workflows for insurance and wealth management provide one-click actionable suggestions for targeted engagement. Built for the enterprise, Hearsay Systems connects data and every client interaction to corporate CRM systems and digital marketing programs – all on a secure, compliant enterprise-ready platform.
Hearsay is headquartered in Silicon Valley with locations
throughout North America, Europe and Asia. Connect on Facebook, Twitter, LinkedIn and the Hearsay blog.
© Hearsay Systems, Inc. All rights reserved.
ADVISOR PRODUCTIVITY
• Respond immediately to client outreach with automatically generated smart messages
• Schedule meetings directly from a text with calendar integration
• Delegate service-related text messages to team members; scale communications across your entire book of business
• Bulk schedule and personalize common text messages, like RMD reminders
ENTERPRISE INTEGRATION-READY
• Easily integrate with your CRM and other core enterprise systems
• Seamlessly archive with your existing vendor
SECURITY, COMPLIANCE & SUPERVISION
• Drastically reduce compliance review time and resources with contextual supervision
• Ensure all messages are encrypted in transit and at rest
• Seamlessly integrate text conversations into existing enterprise archiving systems
• Set controls, supervision and record-keeping to address regulatory requirements from FINRA, SEC, IIROC, FCA and MiFID II
• Prevent bad texts from going out in the first place with Forbidden Keyword Lexicon Blocking
• Review lexicon and activity-based alerts through a Universal Supervision Dashboard
ENTERPRISE MOBILITY STRATEGY
• Support your BYOD, CYOD and COPE model
• Integrate leading MDM/EMM platforms
ARCHIVE INTEGRATIONS
“Touch points between advisors and clients are perhaps the most important pillar of the client experience yet often overlooked… To succeed, Marketing, Sales, and IT need to become best friends.”
KRISTIN LEMKAU CHIEF MARKETING OFFICERJP MORGAN CHASE
EMM INTEGRATIONS
Recommended