Financial advisors who send out unsolicited emails to prospective clients could find themselves facing huge fines when a new federal anti-spam law comes into effect later this year.

“You need to start preparing today,” warns privacy expert Christine Carron, senior partner with Ogilvy Renault LLP in Montreal, “if you haven’t done so already.”

The far-reaching legislation, which remains somewhat controversial due to its scope, covers spyware as well as various forms of electronic communications. It applies to individuals and all kinds of businesses, large and small, and carries fines for breaching the legislation of up to $1 million for individuals and up to $10 million for businesses.

“Just about every single business is going to do something that is covered by the act,” says Charles Morgan, partner with McCarthy Tétrault LLP in Montreal and leader of the firm’s technology group. “And, at every single business, their current practices are unlikely to be compliant. So, they’ll have to make a change.”

It’s likely that the Canadian Radio-television and Tele-com-munications Com-mis-sion, which is responsible for enforcing the legislation, will focus to begin with on “true spammers” — that is, on so-called “blasts” of email from companies, groups or individuals with no existing relationships with their targets who are merely fishing for business.

Although most advisors obviously don’t fall into this group, they and their companies are still at a high risk for non-compliance, Morgan says, because the law uses very broad terms to describe what kind of messages constitute spam. Morgan adds that “the potential fines are enormous.”

David Canton, a business lawyer and blogger specializing in technology with London, Ont.-based Harrison Pensa LLP, agrees that you don’t have to be a high-volume spanner to run afoul of the new law, because a single email or text message addressed directly to just one person could be categorized as spam under the new rules.

Furthermore, it is not only the risk of prosecution by the CRTC that you have to worry about. The law also allows individuals or groups of people to launch private lawsuits or class actions against spammers. And, Canton says, directors or officers of your company could be held personally liable for a breach of the act if they participate in spam, agree or acquiesce in it, or fail to put policies in place to ensure the company doesn’t send out spam messages.

So, what should you do to prepare for the new legislation? How can you ensure that you or your firm can continue to market services in the online world while avoiding the huge risks involved in sending out messages that could be found to be spam under the new law?

To begin with, you should take stock of all the activities you or your firm undertake that are likely to be covered by the act, Morgan suggests. The spyware provisions of the act — designed to prevent others from using software to monitor a user’s activity without the user’s knowledge — are not likely to be applicable to financial services firms unless they send out software tools to clients. However, spyware is an issue that should be considered, if only in order to remove it from your checklist of possible concerns.

On the other hand, it is extremely likely, says Morgan, that you or your firm will be marketing your services in some way via electronic messages. These methods can include sending emails to clients, former clients and others whom you have already identified as prospective clients. You will probably need to change how you do this in order to comply with the new law.

As Carron explains, the legislation will allow you to send unsolicited electronic messages of a commercial nature in the following circumstances:

> You have an ongoing commercial relationship with the recipient or have had one in the past two years.

> The recipient’s email address has been conspicuously published with no indication that he or she doesn’t wish to receive unsolicited commercial messages.

> The recipient has given you his or her email address without indicating that he or she does not want to receive unsolicited commercial messages.

What this means is that you or your firm will have to examine your existing email lists to make sure that anyone to whom you are sending messages comes under one of these three categories or has told you that they are willing to receive such messages.

In addition, you will need to document the nature of your contact with each individual, how you got his or her email address and how you know you have permission to use it in this context.@page_break@With respect to former clients, you will need to track when your business relationship ended so that you will, if necessary, stop sending emails to those individuals after two years.

All of these efforts, Carron says, will probably require that you revise your record-keeping procedures and train staff appropriately.

You have to be extremely careful in all of these situations, says Canton. For example, he says, you may meet someone at a social event and subsequently send an email saying that you enjoyed meeting him and suggest getting together for coffee or lunch to discuss whether you and he might be able to do some business together. Says Canton: “That could be spam.”

Other common situations that might now be caught by the new law include direct messages sent to clients using Twitter or other social media. Even giving out a business card could put someone who responds with an email in jeopardy: “Whether you send me emails [that are spam] depends on why I gave [a card] to you,” Canton says. “I don’t know how you are going to track that. It almost forces you to have a database that says, ‘I can send it to him, and here’s why’.”

The safest option is to ensure that everyone on your email list has given you explicit consent to receive messages from you or your firm.

Even this precaution, however, could well lead to more traps for advisors trying to stay in touch with their clients and potential clients. The problem is that messages asking for permission to send further messages will be considered as spam when the legislation comes into force.

“So, the absurd result of this is that it is in everyone’s best interest to send email communications now to get the proper consent,” says Morgan, predicting that there will be a surge in such messages this summer as businesses “spam” while they can.

Morgan suggests revising all standard documents, such as account openings or contracts, to incorporate a check-off box through which a client can indicate whether or not he or she wants to receive electronic communications and updates from your firm in future.

There are also some technological changes that will probably be necessary for anyone sending out electronic commercial messages. Under the new legislation, each message must contain an “unsubscribe” mechanism — an email address, 1-800 number or a web link through which the message’s recipient can easily indicate that he or she does not want to receive any more messages.

But not only do you need to set up and monitor these links, addresses and phone lines, you will also need some mechanisms to ensure that people who unsubscribe are promptly removed from your database and do not receive any subsequent messages. As Morgan points out, many small financial services firms or individual advisors are not currently set up to do this.

But there is some good news in all this, according to Carron. Reviewing marketing strategies in the light of the upcoming legislation could be beneficial, she says: “You can use it to improve your marketing strategy to keep in touch with clients on a more regular basis.”

Morgan, however, cautions that marketing departments will have to comply with new provisions in the act stipulating that subject lines in emails must not be misleading: “Companies will have to think about whether their marketing departments are sometimes a little bit enthusiastic about drumming up business.”

He adds that companies should create guidelines for their marketing departments so that marketing personnel are clear about what they can and cannot do in this area.

There is another unlooked-for result of the new legislation that is somewhat perverse, Morgan says. Once the law comes into force and, as unlikely as it may seem, electronic communications may actually start to decline in terms of their efficiency for many advisors.

Notes Morgan: “People could find themselves sending out a bunch of paper mail.” IE