To Monitor or Not to Monitor…

That is the question. At least that’s the question likely being asked in the Board room of MML Investors Services, a subsidiary of MassMutual. Maybe it’s a question that’s now being asked in board rooms all over the world in light of last month’s three fines levied on MML by the Securities and Exchange Commission. September 2021 was not a good month for the dually registered broker/trader and investment advisor company.

Let’s dig into why MML was fined: both penalties were incurred for failing to monitor for non-compliant activities. In the first instance, the firm admitted benefiting from recommendations for select mutual fund share classes made by their contracted clearing broker. According to the SEC and the $2.1 million settlement, the affiliated broker never disclosed conflicts of interest to their clients.

The transgressions were episodic from October 2015 through to 2019. This is a classic example of the “fox watching the hen house” where MassMutual, and MML, were supposedly monitoring the clearing broker’s activities – only they weren’t doing so. And that lack of monitoring cost MML two million dollars. Call it a lapse of compliance monitoring; concerning, but its impact is localized and minimal.

The second fine of $750,000 was a costly error for the firm. How 478 new broker/dealer agents failed to be registered by MML on the SEC trading list is mind-blowing. What should be a standard operating procedure was exposed as yet another failure of the firm to monitor its own activities.

SEC Pounces on Roaring Kitty

The third instance is far more interesting and has the explosive potential to trigger dramatic changes in monitoring. It begs questions about how explicit policies need to be and where that line between personal and professional life should be drawn. Compliance officers, law enforcement, and regulatory authorities are generally uncomfortable with ambiguity and aspire to operate in a world defined by explicit rules. The saga of Roaring Kitty blurs all those lines – for everyone.

It only took about 24 hours for the SEC to track down the identity of YouTuber, Roaring Kitty. They were also posting as “DeepF___Value” on Reddit. But you can only hide behind an avatar and pseudonym for so long. As it turns out, the person behind the social media handles is Keith Gill. The fact that he was allowed to make two trades of more than $700,000 on GameStop (far exceeding his employer’s policy for a $250,000 limit per trade), along with 1,700 other trades without triggering heightened monitoring of his activity is a real head-scratcher.

Why MML was fined is crystal clear; what happens next in the world of monitoring employees for their social media activity is muddy, at best. MML has a policy that prohibits its employees from discussing securities on social media. Here’s the conundrum – were Gill’s personal posts on social media in violation of that policy if he never mentioned his name, employers, or brokers that he was trading with.

Is it incumbent upon the financial firm to rigorously monitor all its employees’ social media and public commentary? Apparently so given the nearly five million dollars fine levied on MML. The fine has spurred extensive changes to the social media policies of the subsidiary’s parent, MassMutual. No doubt other firms are grappling with the same need to do so.

We have a failure to communicate…

Gill, aged 35, gained rockstar-like influencer status when he began describing how his $53,000 investment in GameStop in 2019 grew 4,000% to millions of dollars by early 2021. Bullish on the stock, he routinely encouraged the large group of followers that he amassed on YouTube and Reddit to invest in the stock. Almost single-handedly, that sparked the buying frenzy and market chaos of 2021 around the then-dying games retailer, boosting its stocks up more than 400%.

There were two compliance monitoring failures in the Roaring Kitty saga. One, high trades are supposed to get flagged. Once flagged, compliance officers are tasked with investigating the trade thoroughly to assess if any financial crime was committed by making the trade. That didn’t happen. Two, social media posts – personal and private – are supposed to be duly monitored by all MassMutual subsidiaries. Again, MML failed here with its inadequate monitoring efforts for social media.

While Gill may be the newest “fall guy” for financial fraud, it’s clear why his influencer status quickly morphed into being famous for all the wrong reasons. In contrast, the perils of monitoring social media are not yet understood. The emerging term is “social listening” and it’s a phrase you’re going to hear often, even if you’re external to the RegTech industry.

The Financial Regulatory Authority (FINRA) makes the rules pretty clear regarding how experts in the investment field can – and cannot – communicate with the public. But there’s also a clear gap where those rules aren’t applicable to personal use of social media. Current rules highlight the use of social media largely for advertising, branding, and other business purposes. Expect that to change.

Social listening is the next frontier

Listening goes beyond tracking and interpreting statements made by your audience about your brand; it needs to be comprehensive enough in scope to detect activities relevant to your company. In the case of Roaring Kitty, high trade volumes and pumping up the value of a stock should be flagged by all financial firms – regardless of which one employs the person making the posts.

Here’s the corollary which is worth contemplating. It’s one thing for firms to monitor social activity by their marketing teams. And, if they’re doing it right, they’re also monitoring all social activity by their employees across every department. But what are they doing about their monitoring their traders who are monitoring social media? It opens Pandora’s Box where some traders may be influenced by other traders, like Roaring Kitty. They may be tantalized by the prospect of a quick commission cheque. As such, some traders may be persuaded to make recommendations or transact certain deals because of what they saw on social media: it is akin to the infinite staircase problem.

Many firms aren’t closing the loop on monitoring their employees’ personal social media feeds. One reason is the sheer volume of content to sift through; this can be an insurmountable challenge for smaller firms that lack the RegTech resources required for such a task. Another reason is the obfuscation of bad behavior masked by emojis. Internal silos, often resultant from multiple mergers and acquisitions where the result is a spaghetti mass of legacy systems loosely (and often not at all) integrated. For some of those companies that are monitoring social media and collecting data, they don’t have a closed-loop process: effort is made but none of the posts tagged or flagged prompt a response against the person who posted them.

The bottom line? Monitoring is the essence of compliance. If you don’t do it, you’ll have to pay the price.