SEC Proposes Rule to Limit Conflicts of Interest in AI-Based Investor Engagement Tools

To keep pace with the rapid expansion of digital engagement practices and new technologies that firm’s use to interact with investors, on July 26, the SEC proposed two new rules to put guardrails around the use of predictive data analytics (PDA). The new rules would apply to broker-dealers and investment advisers using artificial intelligence, specifically targeting technologies that “predict, guide, forecast, or direct investment-related behaviors or outcomes of an investor.” The Commission’s goal is to limit the use of technology in ways that favor financial firms’ interests.  

Key Elements of the Proposal

While potential conflicts between the interests of an investor and firms are nothing new, the SEC’s proposal notes that AI-based technologies and predictive models are becoming increasingly better at understanding and learning from investor behavior. Because of this ever-increasing predictive power, these tools could be used to the detriment of investors. As noted by the SEC in its proposing release, “a firm may use these technologies to optimize for the firm’s revenue or to generate behavioral prompts or social engineering to change investor behavior in a manner that benefits the firm but is to the detriment of the investor.”  

The rule, if adopted in its current form, would require that firms: 

• Evaluate covered technologies to determine if any use, or reasonably foreseeably use, by the firm would create a conflict of interest that places the interests of the firm or associated persons above the interests of investors. 
• Eliminate the effect of any identified conflict of interest that would arise from the use of covered technologies.
• Establish policies and procedures to comply with the rule, that outlines how the firm will identify and eliminate these conflicts of interest.
• Maintain books and records related to compliance with this rule, including documentation of when covered technologies were made available, how the firm evaluated the intended and actual outcomes of the technology for conflicts of interest, any restrictions placed on the technology after testing, any third-party research related to the testing of the covered technology, and disclosures made to investors regarding the use of covered technologies.

Next Steps

The proposal will now be open for public comment for 60 days from when the rule is entered into the Federal Register and may be submitted through the SEC’s website. 

ACA will continue to monitor developments related to this rule and will provide updates when they become available.  

How we help

We can help your firm develop, implement, and maintain the required information security and compliance programs to meet regulatory requirements and industry best practices, including: 

• Support and advice to build and to assess an organization’s cybersecurity risk, identify cybersecurity program gaps, and draft and execute against a mitigation roadmap.     
• Policy development, business continuity planning, and impact analysis complete with robust policies, plans, and procedures to better protect your company from data breaches and efficiently recover from a cyber incident or significant business disruption. 
• ACA Signature, a scalable solution curated to suit your firm’s unique compliance needs, including a customizable combination of compliance advisory services,  innovative technology and managed services that is right for your firm.

For questions, or to find out how we can help you meet industry best practices contact us here.