IM archiving and compliance tips for RIAs

February 17th, 2021
IM archiving and compliance tips for RIAs

Today’s RIAs are always on the go, so they rely more than ever on the convenience of chat apps to stay in touch with clients and colleagues. This is critical because sometimes responding in a timely manner spells the difference between investment success and failure.

But with growing reliance on instant messaging (IM) comes a growing concern over whether it’s the correct tool for the job. Popular messaging apps have all had their share of privacy and security concerns. RIAs should understand how to use them when transmitting sensitive information and how they impact compliance.

“With growing reliance on instant messaging (IM) comes growing concern over whether it is the correct tool for the job”




Are chats and instant messaging apps safe?

RIAs should avoid using popular instant messaging apps like Facebook Messenger and Whatsapp for work-related communications because these lack high levels of encryption. Furthermore, anyone with enough time to parse pages of user agreements will discover that Messenger, Whatsapp, and many other apps reserve some rights to use message data as they see fit. These hidden clauses can result in breaches and data loss, not to mention targeted spam and advertising profiling.

Podcast: How off the shelf IT services and support leaves your critical data and IT at risk.

Do these communication tools hurt my compliance profile?

Absolutely. Non-business messaging apps are designed for personal use. They don’t have the archiving, reporting, and discovery capabilities of compliant communications systems. Also, RIA compliance regulations require you to develop policies and procedures that will help prevent violations of the law. Popular messaging apps do not provide IT administrators enough control to meet that requirement.

Sometimes, it’s unavoidable for RIAs to use popular messaging apps. Clients may be more comfortable using apps they are already familiar with, and because good RIAs are also good customer service representatives, they will make that adjustment. So the best thing for RIAs who communicate with clients via Messenger or other common apps is to exercise discretion and always err on the side of caution. To set expectations, RIAs must explicitly alert clients that they will shift to more secure channels whenever they need to transmit sensitive information.

How can I archive data on chats and IM?

If you’re already using non-enterprise messaging apps, the first thing you should do is archive your conversations with your clients. Most messaging apps don’t have archiving functions on their mobile versions, but you should be able to manually copy and paste your conversation threads from the web version of these chats.

Facebook Messenger has an archiving function, but the app defines archiving differently from professional messaging apps. In Messenger, archiving is simply putting aside a chat thread from your list of active chats. It doesn’t provide IT administrators with conversation histories, making complete reportage nearly impossible to accomplish.

To ensure that your RIA firm fully meets compliance requirements, it is best to use messaging apps that are intended for professional use. An excellent example is Teams, Microsoft’s brand new unified communications platform that provides instant messaging, video conferencing, and more.

Related article: How RIAs keep private data safe with data retention

How can my IT provider help?

Your IT provider should understand the unique needs of an RIA — including your need to be systematic about how you archive your IM chats. Pairing up with an IT provider unfamiliar with the rigors of the RIA industry can put client data at risk of theft or loss. Furthermore, you’ll also be at risk of failing to meet compliance rules.

Don’t take any chances with any random communications network. Make sure your RIA company relies on messaging services that allow for complete archiving and total compliance. Contact our technicians today to learn how you can have such systems installed.