Compliance
SEC marketing rule reminder for fund outbound mail
Finmail Compliance
This bulletin applies to US-registered investment advisers (RIAs) and exempt reporting advisers using Finmail for investor-facing email.
Before bulk investor updates
- Review content — Confirm performance claims, testimonials, and forward-looking statements meet SEC Marketing Rule (Rule 206(4)-1) requirements for your firm.
- Secure Share settings — When distributing sensitive documents, use Finmail Secure Share with burn-after-read and access badges; verify recipients before sending.
- Audit trail — Ensure compliance officer roles can access
compliance_audit_logsfor send, download, and secure-link events relevant to the campaign. - Team shared outbound — Mail merge and linked send-as identities require Team or Enterprise; verify the sending identity matches your ADV disclosures.
Finmail controls that help
- Append-only CM6 audit chain for high-risk actions (open, download, forward, secure link).
- Privacy gateway header scrubbing and tracking-pixel neutralization on outbound HTML.
- Auto-BCC to compliance archive when all recipients are external (Team+ configuration).
Questions
Contact your compliance lead or [email protected] for architecture evidence. For enterprise Legal Hold or examiner packages, email [email protected].
See also the Security Trust Center and online security whitepaper.
