What’s Behind SEC WhatsApp Fines?

In a stunning settlement, the SEC has fined 16 firms more than $1.1billion dollars because of loose record keeping – primarily on employee’s personal devices through use of messaging apps and text messaging.

A Push to Digital Commerce

While the SEC has encouraged electronic commerce for decades, including the Electronic Signatures Act, the latest action points to a new extension of recording keeping requirements for broker-dealers.  The SEC is actively encouraging the move to digital commerce and sees digital record keeping as a fundamental aspect to maintain the bedrock of trust in those exchanges.

While record keeping – in paper or digital form- has been a fundamental aspect of compliance, the new settlement points to an expanded requirement for recording – personal device communications.

Expanded Responsibility – Now Personal Devices 

The settlement points out that between 2018 and 2021, the firms used their personal devices and messaging applications to communicate business matters. And, as such, all records of those communications were not maintained. 

Turning a Corporate Blind-Eye

It’s apparent that these behaviors were sanctioned at all levels of the organization and continue to persist and the release states that these and others should find ways to ensure communications are recorded.

“These 16 firms not only have admitted the facts and acknowledged that their conduct violated these very important requirements, but have also started to implement measures to prevent future violations. Other broker dealers and asset managers who are subject to similar requirements under the federal securities laws would be well-served to self-report and self-remediate any deficiencies.”

Capturing Customer Communication From Personal Devices

In recent discussions with several of the firms mentioned, many have yet to deploy solutions to ensure that personal device communications with customers are also recorded. So while ‘best effort’ might have sufficed until 2018, this recent ruling and fine has shown the need to actively record, block and control communication from all devices.

It appears that the recent ruling shows that the corporate responsibility now extends to personal devices of their employees. There is no longer a difference in compliance responsibility between corporate sanctioned channels, and private communication channels.

Companies must actively monitor, record and control all employee-customer communication.

Membit HQ

Bnei Brak, Tel Aviv, Israel
dina@membitbot.com 
+448082387566

Membit UK

Fitzroy Street, Fitzrovia London 
Sales@membitbot.com 
+ 44 203 411 7263