Did you know that nearly half of all people looking for professional services begin their search on Google? Think about it: Do you find more prospects wandering through your firm’s front door or reaching out online?
A website is a great way to put your RIA in front of more individuals, establish your brand and grow your book of business. But it also brings a new challenge: adviser website compliance.
If you’re in the process of building a website for your firm, we’ve rounded up seven key elements you should consider before hitting “publish.”
Seven Essential elements of a compliance-friendly adviser website
From archiving to testimonials and your Form ADV, these tips can help keep your site engaging without raising red flags at your next compliance audit.
Archiving
The SEC’s books and records requirement extends beyond just your client statements or email account – you also need to document your website.
Specifically, Rule 204-2 “requires every SEC-registered investment adviser to retain copies of all advertisements and other communications (collectively, “advertisements”) that the adviser has circulated, directly or indirectly, to ten or more persons (excluding persons connected with the adviser).”
Records of your website need to be complete and accurate for at least
five years from the end of the fiscal year in which the advertisement (or marketing piece now) was most recently used.
Related: A Quick Guide to Website Archiving for RIA Firms
Of course, documenting every time you publish a blog or update your team’s “About” page can be time-consuming and exhausting – so many firms choose to employ website archiving software.
Proper use of testimonials
While there is still some debate over whether testimonials are worth the risk, advisers can include testimonials on their websites as a way to boost credibility and show social proof – but there’s no cherry-picking. That means that if you ask one client to provide a testimonial, you must ask all your clients.
Samantha Russell of FMG recommends advisers set up a Google Business Profile (formerly known as Google My Business), where clients can leave reviews via a link you send out. You can then add a few of those testimonials to your site – however, you must include a link to view all the reviews.
Keep in mind that while many RIAs view testimonials as a great addition to their firm’s site, you’ll need to include several disclosures about client status, compensation and more.
Avoid hypothetical performance
The SEC marketing rule outlined new guidelines for how advisers can use performance advertising, including hypothetical performance.
A recent review of the rule from Kitces.com states that:
“Hypothetical performance advertisements may not be distributed to investors (or even to a single investor in a one-on-one setting) that:
- Do not have access to the resources to independently analyze such hypothetical performance; or
- Do not have sufficient financial experience to understand the risks and limitations of hypothetical performance.”
Even if the adviser satisfies the above requirements, they must also meet several other criteria to pass SEC inspection, including creating policies and procedures to ensure the hypothetical is relevant to the intended audience.
In short, we recommend avoiding any talk of performance altogether when it comes to your online presence. You have zero control over where your online traffic comes from, so you have no idea if the people visiting your website meet the above criteria.
The right disclosures
An adviser website compliance guide wouldn’t be complete without proper disclosures. Let’s take a moment to recap which disclosures are must-haves on your firm’s website:
- Your name and contact information
- Form CRS
- Any applicable performance advertising or testimonial disclosures
- Website/marketing disclosure*
*Note: A RIAs website needs to include a disclosure about the firm being a registered investment adviser who is only permitted to conduct business where the firm is registered or exempt from registration. The disclosure also needs to note where the firm is registered as well as disclose that the material provided is for educational purposes, etc.
Beyond having these available, you’ll need to keep a copy of each revision or update to the disclosures, including when it was made available and how.
Privacy policy
This element isn’t adviser-specific, but it is a best practice to include a privacy policy on your website. It should be noted, however, that international regulations (like GDPR) do require websites to include the disclosure of specific information gathered, how it is used and the rights of the individual. A privacy policy states how you’re collecting data from site visitors and what you’ll do with that information.
Marketing software company MailChimp states that while there is no federal requirement for one, “any website collecting personal data to identify an individual must provide a privacy policy as international laws require.”
Furthermore, a lack of privacy policy could get you in trouble with state regulators or the Federal Trade Commission (FTC).
Cybersecurity
Keeping your site secure is important, especially if you use it for client or prospect interactions. For example, many firms have a client portal where clients can submit documents or request meetings. It’s also common to have a space on your website where new prospects can enter information and get in touch.
These are both great ways to keep your site engaging, but it also means you’re collecting important or even confidential client information online.
The SEC has multiple cybersecurity-related rules, including Regulation S-ID and Regulation S-P, as well as proposed rules which could increase cybersecurity requirements placed on firms.
From internal training to virtual infrastructure, it’s important to pay attention to your website’s security.
Related: The 2023 RIA cybersecurity guide: What your RIA can do to stay compliant
Mobile presence
Websites aren’t just for desktops and Macbook users – in fact, over half of all website traffic comes from mobile devices like cell phones or tablets.
As you design and build your website, it’s a great idea to work with a developer that can optimize design and functionality for mobile users. You’ll also want to double check that all those must-haves are still easily available to site visitors.
Your firm’s website is a great way to connect with clients and engage new prospects, but it also brings a new level of compliance considerations to your team. With these seven factors in mind, you’re better equipped to build a site that can wow both users and compliance auditors alike.
Complying with COMPLY
Compliance extends to each layer of your firm’s practice – from client meetings to online archiving and more. At COMPLY, we understand that!
COMPLY offers tailored consulting and technology services to help your firm identify and address compliance risks. A thorough compliance program can make or break your firm, so you need a partner in compliance who takes it as seriously as you do. By utilizing COMPLY’s tools and solutions, your RIA firm can ensure its compliance with regulators’ expectations.