Guidance on Email Reviews

 

Although the SEC expects advisers to conduct email reviews as part of the adviser’s compliance program under Rule 206(4)-7, the Commission and its Staff have not offered much guidance with regard to what that review should entail, including the sample size.  So how should you approach this review?

grpx_895

As with most tests and reviews conducted as part of your annual review, the SEC is not necessarily concerned with the sample size, but rather that the testing/review is being conducted, is meeting its purposes, and is being thoroughly documented.

Therefore, as a first step we recommend using a third-party solution to archive your e-mails, which will also make the e-mail review more effective and efficient.  From there you can:

  • Review a sample of e-mails using keyword searches.
    The sample size should be based on a risk assessment and should be adjusted depending on the results of the email review over time.
  • Review the sample of e-mails both inbound and outbound, across the firm for the following:
    • Customer complaints
    • Violations of privacy / confidentiality
    • Unauthorized or undisclosed payments to third parties
    • Legal issues – for the firm or a supervised person
    • Possible insider trading
    • Hype or promissory language
    • Any attachments being sent with the words “internal use”
    • Marketing and Advertising without proper disclosures
  • Review emails as a result of other testing conducted.
    For example, you test the most profitable trades for potential indications of insider trading and find, based on price movement after the trade and/or news announcements, an indication that insider trading is a possibility. A review of email, searching for discussion of the security, may provide additional indications of insider trading.

Implementing an email review assists in detecting and correcting problems of which you might otherwise be unaware; provides a deterrent when employees know email is being reviewed; helps reduce the reputational risk of the firm; and provides documentation on the supervisory aspects of the firm.  There is a wealth of information available in the firm’s emails, and who knows….you might learn something!

Comments are closed.