Messaging Compliance is a Mess— and Fund Managers should be Paying Attention

Let’s talk about the compliance elephant in the room: messaging. WhatsApp. iMessage. LinkedIn DMs.

Your team’s using them. So are your LPs, your ops folks—and, let’s be real, probably your compliance team too. It’s fast, it’s easy, it’s how people actually communicate. And the SEC? Yeah, they’ve noticed.

Since 2021, regulators have dropped over $2 billion in fines on firms for failing to capture and archive off-channel communications. The headlines focused on big banks—but the real story? Mid-sized firms and RIAs are now firmly in the spotlight.

So, what does that mean for fund managers, especially in the alt space? More scrutiny. More risk and pressure. Less room for “but we didn’t know.”

Here’s what’s happening:

• The SEC isn’t waiting around. Surprise audits and data sweeps are on the rise.1
• Confusion around SEC 17a-4 rule changes means even firms trying to comply might still fall short. (It’s the rule that outlines how electronic records must be preserved, accessed, and audited.)
• Employees keep defaulting to their favorite apps—despite official policy.

In other words, it’s not just a tech problem. It’s a cultural one.

Why Alts are in a Tough Spot

Unlike giant institutions, most alt managers run lean. Less bureaucracy, more flexibility, faster decision-making. It’s part of what makes the industry thrive.

But that also means there’s often less formal infrastructure around communication and compliance. Your team might be texting LPs from their iPhones between meetings. Your IR person might be following up with an allocator over LinkedIn. Your ops lead might be handling vendor convos via WhatsApp.

It’s not nefarious — it’s normal.

But the SEC doesn’t care whether the message was “innocent” or not. If it wasn’t captured and archived, it’s a problem. Meanwhile, the industry is shifting – and fast.

• Active mutual funds have seen $1.8 trillion in outflows over the last two years — more than the previous seven years combined.
• Evergreen fund structures like interval funds and BDCs have doubled since 2018, holding over $350 billion AUM across 520 funds.
• Over $60 billion in mutual fund assets have been converted into ETFs since 2021.
• And alt managers are increasingly tapping retail channels, creating even more communication touchpoints — and more potential compliance gaps.2

Translation? Fund managers aren’t just dealing with regulatory pressure. They’re doing it while the product, platform, and investor mix is rapidly shifting.

The Rules may Shift — But the Pressure isn’t Going Away

Sure, the Fifth Circuit just tossed out the SEC’s Private Fund Adviser Rule. And yes, it’s a win for fund managers — on paper. But it would be a mistake to think the compliance conversation ends there.

The SEC didn’t write that rule because it was bored. They wrote it because they believe too many private funds operate with inconsistent processes, opaque LP communications, and outdated oversight tools.

Messaging compliance is part of that same ecosystem — and is still very much on the radar.

Even if the courts are pumping the brakes on certain rules, the direction of travel is clear: more transparency, more accountability, and more expectations around how you communicate — with clients, investors, and colleagues.

And Let’s Not Forget Reg S-P

In May 2024, the SEC amended Reg S-P to expand privacy and recordkeeping obligations for RIAs.

While framed as a data protection update, it also highlights growing expectations around how RIAs handle and track customer communications, especially when third-party providers are involved.3

Translation: if investor info passes through platforms your firm doesn’t fully control, it might now fall under your compliance umbrella. The line between “communications risk” and “data liability” is blurring.

So What’s the Move?

This isn’t about fear-mongering. It’s about being realistic. Here’s where fund managers can take action:

1. Review How Your Team Actually Communicates

(not just what the policy says)(not just what the policy says)

• Survey team members to see what channels they use.
• Map out communication flows. Is your team texting LPs, or the other way around? That’s where risks start to show up. If you know the typical communication flow, you’ll see where there may be opportunities to improve.
• Compare the findings to your written policies.

If there’s a gap, don’t just reiterate or update the policy — it won’t fix the problem. Again, this comes down to convenience and workplace culture.

2. Understand Ongoing Regulation Changes

(even when they’re a little muddy)

Your compliance team doesn’t need more work — they need better systems.

How to make it easier:

• Set up a #compliance-updates channel in Slack or Teams with the SEC Releases RSS feed.
• Encourage your team to work smarter, not harder. Use AI summary tools (like ChatGPT or Claude) to break down dense regulations into digestible updates.
• Already use Trello or Airtable? Use your existing tools to keep track of new regulations, with tags like IR, OPS, and Compliance.
• Use Loom for quick, asynchronous compliance updates — no need for a full meeting each time something changes.. Instead, empower your compliance officers to quickly summarize what compliance aspects have changed, and how it affects the team.

3. Adopt Tools That Don’t Break Workflows

(because people will default to what’s easiest, every time)

• Use platforms that quietly capture and archive off-channel messages. (Bonus points if they can tell business from personal.)
• Start with a pilot group before rolling out firm-wide.
• Choose tech that integrates easily into everyday workflow.

If you’re asking someone to log into a new platform every time they text an LP — they’re going to skip it. The best compliance tools run quietly in the background, capturing WhatsApp, LinkedIn, or iMessage without disruption.

Whether you’re in growth mode or just trying to keep things buttoned up, messaging compliance can’t be an afterthought anymore.

Regulators are watching. LPs are watching. The industry is watching. In 2025, messaging compliance isn’t just a “nice-to-have. You don’t have to overhaul your whole tech stack overnight. But starting the conversation internally? That’s table stakes in 2025.

Messaging is how your team works.

If your compliance strategy ignores that, it’s already outdated.

**********

Jeremiah Church is the Founder of Tres Comma Compliance