Several more Wall Street banks have been hit with substantial fines by two regulatory agencies for utilizing “off-channel” messaging services and failing to properly preserve communications. The SEC is imposing fines totaling $289 million across nine firms, while the CFTC is imposing $260 million in fines — resulting in a combined total penalty of $549 million.
The agencies found that employees frequently used personal devices and platforms like iMessage, WhatsApp, and Signal to discuss business matters, according to the complaint, but failed to retain most of the communications, violating securities laws. The SEC’s press release is also urging firms to “self-report, cooperate and remediate.” They added, “If you adopt that playbook, you’ll have a better outcome than if you wait for us to come calling.”
As more regulators continue to dig up off-channel communication issues at firms, here are five recommendations every compliance team should be implementing to help bolster their compliance and risk management programs.
Clear Communication Policies: Establish comprehensive communication policies that outline the approved channels and methods for client communication. Ensure all employees are aware of these policies and understand the consequences of violating them. Also, request that employees periodically certify that they only use approved communication methods through a bi-annual questionnaire.
Ask Quest CE how you could build your own “Off-Channel Communication Questionnaire” in our system today!
Regular Training and Education: Provide regular training to employees on communication regulations, emphasizing the importance of using approved communication channels. And, don’t be afraid to use some of these high-profile cases as an example! Keep them updated on any changes to rules or guidelines and provide proper instructions for what they should do in the scenario that a client does reach out via a personal device/application.
Ask us about our Off-Channel Communications course and how you can customize content to fit the needs of firm policies and procedures.
Archiving/Lexicon Solutions: Implement communication technologies that monitor and capture all communication, including emails, instant messages, and social media interactions. These technologies can help identify potential violations and maintain a record of all communications. In using a tool like this, it’s important to also do lexicon analysis by reviewing employee business emails for specific terms (e.g. “text”). This may even require your team to get a little creative and brainstorm different abbreviations, terms, or acronyms employees may use to avoid getting flagged.
Restricted Device and Platform Usage: Restrict access to external communication platforms and devices that are not compliant with regulatory guidelines. Provide employees with approved devices and tools to communicate with clients and stakeholders.
Regular Audits: Conduct regular internal audits of communication practices to identify any deviations from established policies. Address any issues promptly and take corrective actions!