Keeping pace with digital innovation can be exhausting, with transformative technologies emerging every day – from the metaverse to Artificial Intelligence (AI). But evolving channels and technologies can present emerging risks, and failing to stay cognizant of these risks – even if those risks might seem innocuous at first glance – can lead to serious repercussions. And regulators and organizations alike are beginning to get to grips with these new risk areas.
You can’t spell Social Media without ESMA
A recent supervisory briefing issued by the European Securities and Markets Authority (ESMA) has illustrated how regulators are working to keep pace with digital change. The briefing updates an advisory from 2010 in an effort to modernize what constitutes investment advice under the Markets in Financial Instruments Directive 2014 (MiFID II). ESMA has undertaken the review to ensure that ‘recent technological developments’ are considered.
Noted among these developments are social media channels. The advisory acknowledges potential “issues around the form of communication, including whether the Internet or apps are always a ‘distribution channel’, use of social media posts … distinguishing corporate finance and investment advice and whether these are mutually exclusive”. ESMA’s guidance highlights MiFID’s delineation between issuing recommendations to ‘the public’ and to individuals, and how delivery channels factor into this:
“It should be clarified that a recommendation issued, even exclusively, through distribution channels, such as internet, could qualify as a personal recommendation. Therefore, situations in which, for instance, email correspondence is used to provide personal recommendations to a specific person, rather than to address information to the public in general, may amount to investment advice.”
The briefing expands out this list of channels to include other digital formats:
“Therefore, a recommendation concerning financial instruments made through internet websites, investment apps, and/or social media (including through influencers) could, in certain instances, be regarded as a personal recommendation and not as issued exclusively to the public.”
By including social media and influencers in the guidance, as well as subsequently identifying ‘social media private messages’, the ESMA has covered a lot of bases in terms of digital modes of delivery. Organizations and individual advisors need to be aware that regulators are catching up on the means by which they connect with clients, issue advice, and advertise services.
The anti-social club?
While there is discussion around whether regulators are keeping pace with innovation, the advisory update from ESMA is part of the wider trend of regulators acknowledging the risks that social channels present.
The OCC’s semiannual risk report, released on 14 June, 2023, summarized areas of risk facing national banks and federal financial agencies, with social media included among them. Acknowledging the part social channels have played in recent shifts in the risk landscape such as the collapse of SVB, the report states:
“The combination of social media, a highly networked and concentrated depositor base, and technology may have fundamentally changed the speed of bank runs … As part of a bank’s risk management practices, it may be prudent for bank management to … monitor social media for shifts in sentiment or other negative news.”
With regulators well aware of the impacts social channels can have, organizations need to ensure they are factoring social media into their risk posture and compliance training. But they aren’t the only digital channels and behaviors that legislators and regulators are beginning to turn their gaze towards in earnest.
Giving emojis the thumbs up 👍
Emojis may seem innocuous, something that many of us use every day across messaging apps and social channels without giving them a second thought. But a recent ruling by a Saskatchewan court has given emojis legal weight.
The case involved a contract dispute: the seller sent a photo of a signed contract, also requesting confirmation, to which the buyer replied with a ‘thumbs up’ emoji. The seller argued that this was confirmation to enter into the agreement, whereas the buyer sees the thumbs up as merely acknowledging receipt of the contract – a clear lesson in one of the challenges of emojis: differing interpretations of their meanings.
For presiding judge Justice T.J. Keene, however, the interpretation is clear enough to set a legal precedent:
“This court readily acknowledges that a [thumbs up] emoji is a non-traditional means to ‘sign’ a document, but nevertheless, under these circumstances, this was a valid way to convey the two purposes of a ‘signature’ – to identify the signator … and to convey … acceptance of the contract.”
The ruling accepted that the thumbs up emoji constituted ‘action in an electronic form’ that can be treated as acceptance of the document. Keene’s ruling is future-facing, aiming to not stand in the way of how technology is progressing:
“This appears to be the new reality in Canadian society and courts will have to be ready to meet the new challenges that may arise from the use of emojis”.
Language is changeable, and emojis are now very much a part of the modern lexicon (although their meanings may already be changing along generational lines). With emoji usage now starting to be accepted in a legal context, it is not the throwaway, light-hearted means of communication it once was – and regulators are taking this into account as well.
New channels, new challenges
“Emojis do carry meanings, and emojis do mean something in the context of electronic communications – and firms should have the ability to supervise that.” – Chip Jones, Executive Vice President, Global Relay
Regulators are beginning to turn their attention to the risks errant emojis can pose to institutions in terms of monitoring and capturing communications compliantly. Michael Solomon, head of the examination program of the Financial Industry Regulatory Authority (FINRA), has made it clear that the regulator’s overall scrutiny of firms’ written procedures for supervising off-channel communications will include the use of emojis to convey subtextual messages.
As with the differing interpretations of a thumb’s up emoji seen above, the multiple potential meanings of emojis can complicate monitoring messages.
At the FINRA annual conference in May, Solomon used the example of a financial advisor using an angry, upset emoji as part of a message. The organization that advisor was working for would then need to assess what the use of that emoji might mean, and what to do with this information in a reporting context. This will also present a challenge at a systems level, with organizations needing to utilize a surveillance tool that can capture, identify, and store messages that contain emojis.
These software and interpretation challenges mean that organizations will need to ensure there is a ‘human element’ to their monitoring processes. While surveillance solutions like the Global Relay platform can monitor many different communications channels, it is up to firms to decide what emojis might need to be flagged and then reviewed by compliance teams to evaluate their meaning.
While the viability of AI driven solutions is being assessed, the interpretation challenge is one that can only be solved currently with human intelligence, and by compliance teams discussing the intended meaning of the emojis with those involved in sending the message in the first place.
New channels like social media, and new means of communication like emojis, are opening up new avenues of risk for individuals and organizations – areas that regulators and legal systems are beginning to establish rules and best-practice around. Whatever your stance on social media and emojis – be it 👍 or 👎 – if you’re not making sure they are being used and captured compliantly, you might end up 😭.
