Archive | Compliance RSS feed for this section

New LinkedIn profiles raise compliance concerns as there appears to be no way to hide endorsements

LinkedIn rolled out its new Endorsements feature several months ago to all users. Since then, financial advisers have been worried about publicly displaying Endorsements on their profile, since they can be construed as testimonials which are strictly prohibited by FINRA and the SEC.

Fortunately, hiding Endorsements from one’s public profile is a fairly straightforward process (see: How to hide endorsements from your LinkedIn profile)

But now, LinkedIn is slowly rolling out redesigned profile pages worldwide that appears to remove the “Hide Endorsement” functionality.

Watch the screencast below to see a sample of the new profile design rolled out to one adviser’s account and how the “Hide Endorsement” button is missing.

I’ve reached out to LinkedIn for comment and have not yet received a reply. I’ll update this post accordingly.

(click here to watch on YouTube)

PODCAST: Advisers using Yammer can enhance collaboration without sacrificing compliance

Advisers experimenting with enterprise social networks now have an option to solve their compliance needs.

Sam Kolbert-Hyle, vice president of business development and strategic initiatives at Smarsh, Inc.

There are a host of new collaboration tools on the market today, all attempting to harness the promise of an enterprise social network.

Services like Chatter, Jive, and Yammer allow you to create your own internal network for your business that resembles many of the popular networks like Facebook and Twitter.

These services offer many new ways to work with colleagues and review important news at a glance, but advisers must address one persistent complication of any new technology: compliance.

Until now, there have been few methods available to capture and archive content posted on enterprise social networks, which is required for all communications related to client service.

Earlier this week, Smarsh, the email and social media compliance provider, announced the launch of Archiving and Compliance for Yammer, the popular enterprise social network.

For more information on Archiving and Compliance for Yammer, I spoke with Sam Kolbert-Hyle, vice president of business development and strategic initiatives at Smarsh.

Listen to the podcast below to learn how these collaboration tools can now be used without sacrificing compliance.

How to hide endorsements from your LinkedIn profile

Advisers must hide LinkedIn Endorsements to avoid compliance violations

Update 01/21/2013! LinkedIn is rolling out completely new profile designs to users, changing the way Endorsements are managed. Go read How to hide LinkedIn Endorsements on the new LinkedIn profile design now and watch the screencast reflecting the new changes.

As a financial adviser, you’re well aware that you can’t use client testimonials in any of your marketing materials. SEC and FINRA regulations prohibit the use of client testimonials (see: Adviser Use of LinkedIn May Violate SEC Rules).

LinkedIn’s latest feature called Endorsements, opens up another issue for financial advisers with LinkedIn profiles. Anyone can visit an adviser’s LinkedIn profile and endorse specific skills and expertise. Considering the broad language against client testimonials, allowing such endorsements should be avoided.

So how do you remove or disable Endorsements from showing up on your profile?

In the screencast below, I walk you though two ways you can prevent Endorsements from showing up on your public profile.

Watch the screencast now and hide any public endorsements on your own profile to avoid triggering compliance violations.

RegEd announces agreement to acquire Arkovi: What financial advisers need to know

This morning, compliance and risk management solutions provider RegEd announced an agreement to acquire social media archiving vendor Arkovi.

Click here to view the full press release RegEd Announces Agreement to Acquire Arkovi, the Award-Winning Financial Services Provider of Social Media Archiving and Surveillance.

Terms of the acquisition were not disclosed.

To get more details on the announcement, I invited RegEd CEO John Schobel and Arkovi CEO Blane Warrene to a Google+ Hangout. Below is the replay of that Hangout so you can hear from each company’s CEO about the acquisition and respective plans for the future.

PODCAST: Smarsh president Stephen Marsh addresses Pinterest and compliance

Founder of email archiving provider says advisers can use Pinterest without skirting compliance requirements

I had the opportunity to connect with Stephen Marsh, Founder and CEO of Smarsh, Inc., a company well-known for its email and social media archiving services.

Smarsh Founder and CEO Stephen Marsh

By now, most advisers are aware of multiple archiving solutions for social media websites like Facebook, LinkedIn, and Twitter, but it’s not so clear whether updates to emerging social media sites like Pinterest can also be archived.

In this podcast, Marsh shares information on his company’s Web Archiving product and how it allows advisers to “pin” updates to Pinterest and archive them for compliance purposes.

Marsh also addresses the company’s annual Electronic Communications Compliance Survey report with key statistics.

After listening to the podcast, use the following link to download the free compliance survey: 2012 Electronic Communications Compliance Survey

Click to view/download the PDF podcast transcript.

Dropbox user accounts compromised, new security features to appear

Last night I posted this tweet about a TechCrunch.com article on several compromised Dropbox accounts.

Unlike an issue last summer (see Bug Affects Dropbox Security: What Advisers Need To Know), you need to know that Dropbox’s security was not compromised.

Username and password credentials were stolen from a third-party website, which were then used to log in to associated Dropbox accounts.

In response, Dropbox said in a blog post that it will add new security features in the coming weeks, with two-factor authentication being the most noteworthy (see Boost your online security with two-factor authentication).

Events like this should be a lesson to you, even if you’re not a Dropbox user. Remember to follow good security practices to keep your account credentials safe, such as:

  • Avoid using the same username and password for multiple websites/accounts. Make each password unique for each account.
  • Avoid using unfamiliar or shared computers, as keystroke logging programs or other trojans may be installed without your knowledge.
  • Verify website addresses before typing in your login credentials. Look for the https:// address prefix and make sure you’re not redirected to a phishing website (see Cloud computing for financial advisers: How to stay safe)

In a few weeks, Dropbox should be rolling out the new security features. When they appear for your account, be sure to activate and use two-factor authentication. It’s one additional layer of protection you can add to better protect all the information you keep in your Dropbox account.

Smarsh releases Web Archiving, an automated solution to archive adviser websites

New automated tool will help registered professionals eliminate tedious manual processes to meet FINRA and SEC requirements.

In a press release today, Smarsh, Inc., the Portland, Ore.-based company best known for email archiving, announced a new solution to help satisfy archiving and record-keeping requirements when it comes to adviser websites.

Web Archiving is the new solution, and Smarsh created a short explainer video to describe what it does, embedded below for your convenience.

(click to view on YouTube)

Web Archiving is designed to automatically crawl and capture the contents of an adviser’s website. In addition to archiving the full text of all website pages, Web Archiving also captures embedded media such as video, social media feeds, slideshows, and more.

According to the solution feature list, archived pages are rendered in their original format, preserving the “look and feel” of the website page as it originally appeared on the adviser’s site.

“Today’s Web is not static text, but rather an immersive multi-sensory experience. This complicates the critical need for organizations of all kinds to keep an accurate, uncompromised record of what has been published to the world via the Web,” said Stephen Marsh, Smarsh founder and CEO, in the release.

Without an automated tool, advisers may be forced to print individual website pages to PDF files and save them in a compliance file. This is a tedious, time-consuming process at best, and it doesn’t address media like embedded video or slideshows.

Website archiving is not very crowded with vendors. Alternate solutions can be found within the Advisor Websites platform (though an adviser’s website will need to be hosted with the company), Advisor Products (again, website hosting required), Arkovi, and a few others.

Should Financial Advisers use Google Drive?

Broad terms of service language likely makes the latest cloud file storage service off limits for client files

Earlier this week, Google entered the increasingly-crowded market of cloud-based file storage services by introducing its own utility called Google Drive.

Google Drive offers convenient access to files from any device, but advisers may want to keep client files off the service

There are a number of popular cloud file storage services available today, with Dropbox, Box, SugarSync, and ShareFile generating the most buzz and interest among financial advisers. Generally, these cloud file storage services give users the ability to back up selected files and folders to servers in the cloud and enable remote access to those documents using mobile apps and web browser interfaces.

Ever since these services launched, financial advisers have questioned whether or not they’re safe to use for the storage of client files.

Last year I wrote Dropbox for Financial Advisers: Is it Safe? which continues to receive consistent traffic from advisers seeking opinions on whether or not using such services will violate any regulatory rules (the short answer is yes, but with conditions. Read the full post for details.).

Safe for Client Files?

With Google Drive, advisers want to know the same thing: is it ok to use to store files containing client information?

I believe the answer is no.

Google’s terms of service explain how the company may use files and information stored on a variety of its services, including Google Drive. Here is the relevant section for advisers:

Your Content in our Services: When you upload or otherwise submit content to our Services, you give Google (and those we work with) a worldwide licence to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes that we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content. The rights that you grant in this licence are for the limited purpose of operating, promoting and improving our Services, and to develop new ones. This licence continues even if you stop using our Services (for example, for a business listing that you have added to Google Maps).

The terms give Google the license to publish and publicly display content uploaded to their services. In addition, that license continues long after use of the services is discontinued.

Sure, for a listing on Google Maps, the terms make sense. But for files stored on Google Drive, applying the same terms can mean there is no limit to how long Google has the option to use your content.

Google Drive may ultimately prove to be the product that disrupts the cloud file storage market, but for now, financial advisers should stay clear of the service and never use it to store files containing client data.