In its annual summary of IFSP activities, the regulator warns of limitations of platforms when making disclosures
One of Canada’s provincial securities regulators says that investment fund managers (IFMs) should be careful to ensure that their social media usage does not leave them open to complaint.
In its summary report of activities undertaken by its Investment Funds and Structured Products Branch (IFSP), the Ontario Securities Commission says that it carried out several ad-hoc reviews of fund managers’ social media and other marketing materials during fiscal year 2023.
Most of the complaints dealt with during the period related to insufficient disclosures on social media platforms.
Given the content limitations of platforms such as Twitter, Facebook, LinkedIn, it may not be possible for IFMs to give the clear, accurate, and balanced messages that are necessary to meet the requirements of a sales communication under the rules.
Guidance provided by OSC staff states that: “Staff expect that all information, including disclaimers, should be easily comprehensible to the retail investor on their first viewing of the advertisement.”
And this information should not be more than one click away from the social media post.
Personal accounts
The regulator’s report also highlights that personal social media accounts of IFM employees should also comply with the rules where they are being used to market specific funds or performance.
The OSC says that firms should have monitoring and training in place to ensure compliance by employees.
“IFMs should review the use of personal social media with their employees who use their accounts to market investment funds to ensure that all information presented complies with Part 15 of NI 81-102, including the required warning language, appropriate performance data measurement periods and is not misleading,” the report states.
Cybersecurity risk
The report also calls on IFMs to ensure that investors are made aware of the potential cybersecurity risk associated with the technology used in their fund operations.
This should be included in the “What are the risks of investing in the fund” section of the prospectus and appropriate monitoring and risk assessments should be conducted periodically to ensure robust defences are in place to mitigate the threat of cyberattacks.
The report urges IFMs “to take all reasonable steps to respond to a cybersecurity breach in a timely and diligent manner, including notifying impacted clients and applicable regulators such as the OSC, particularly where clients’ information and assets are at risk, or where the breach could impact multiple funds or IFMs due to shared software or a common service provider.”
The report is available on the OSC website.
