You never know when something you write will resurface — or in what context, or with what consequences. Amazingly, even after the damning emails have surfaced from nearly every major financial scandal in recent history, this bears repeating, especially for people working in finance.
It was in this vein that the SEC issued guidance for public corporations’ use of social media in July 2008. Among other concepts, the release acknowledges that corporate blogs may serve as disclosure for purposes of material non-public information practices, and led to the exemptions permitting corporations to announce their earnings by posting them on their corporate website, rather than issuing a press release.
The guidance also opened a labyrinth of reporting, disclosure and retention issues for corporate investor relations departments and their legal counsel to ponder. It’s quite possible that regulators keep their concept and interpretive releases deliberately vague, so that any behavior they like can subsequently be deemed to lie within the scope of some rule or standard. We recognize that both regulators and industry participants view these as “unintended consequences” of overly broad regulatory language. Don’t kid yourselves. They intend it fully.
Here’s an unintended consequence of corporate use of social media. A recent guest column for the National Association of Corporate Directors’ blog paints a scenario of how personal blogs, LinkedIn and Facebook pages of corporate employees can be deemed corporate communications, and how the interplay between employees with partial — or false — information, and seemingly innocent comments on third party observations about a company can form a mosaic that would have regulator salivating.
One key point the writer raises is the low level of expertise around social media in most corporate IR departments — ranging from little to none — and the consequent low level of anything resembling surveillance or archiving that seems to be the norm “at literally hundreds of public companies studied.”
The SEC is now asking registered advisers about their social media policies, and we have heard that examiners are writing up findings on firms that do not have written policies and documented procedures around the use of social media.
Now, looking at how this appears to be viewed in the world of public company reporting, we want to raise this to a higher level: we believe regulators will look, not only at what is being Facebooked, Linked, Tweeted, blogged and otherwise fired off into in the adviser’s own name, but they may consider employees’ own personal blogs, tweets and other bits and bytes to be fair game, if they detect communications that seem to relate to the industry and to the employees’ activities. In the world of public company reporting, this issue affects both management and the boards of directors. In the world of financial firms, this goes right to the top of the org chart — where a little can say an awful lot.
The NACD blog paints a convoluted — and completely believable – scenario, which includes public company employees posting on the company’s behalf to the company’s own blog, Facebook and LinkedIn pages. In the scenario, a couple of employees also post on their personal social media, some with comments on their company, some with links to other people’s media comments or Wall Street analyst reports on their company.
The SEC guidance would indicate that these personal postings are also attributable to the corporation. Firms that permit employees to post on firm-branded social media also need to be aware of the instantaneous nature of social media: it is not possible for the process to be both controlled, and spontaneous, and when more than one employee has access to social media, conflicting information is almost guaranteed to be conveyed.
Investment firms that do not have a strict policy about personal use of social media may be shocked to find out how much their employees are Tweeting, blogging, Facebooking, Linking, etc., about where they work. A personal Tweet that contains an embedded link to a firm press release may find its way into an outside dialogue in an unintended way.
As with its guidance for public company reporting, we think the SEC is likely to view this as the financial firm’s responsibility. A bar located in a highway rest stop cannot say it did not promote drunk driving. If a firm does not completely prohibit behavior, it will be seen as condoning it. We believe firms may need to prohibit any discussion of firm business in personal communication — though based on historical practice, we believe the SEC will not require firms to prove that their employees do not put business-related information in their personal social media postings. If you like, you can call that the Good News.