Advantages of Corporate Phones for Compliance

Contact Us

Contact Us

[contact-form-7 404 "Not Found"]

The entire regulatory ecosystem has consolidated around its disdain for communication via unapproved channels, especially among employees at regulated firms.

The U.S. DOJ has joined the likes of the SEC, FINRA, and the CFTC to issue stern warnings to the firms they oversee regarding the importance of supervising their staff’s business-related interactions across communication channels.

Failure to oversee the use of personal devices and instant messengers used by employees and keep records has cost firms millions of dollars, while simultaneously ending the careers of the non-compliant individuals who got suspended.

Enforcement agencies, such as the DOJ have gone as far as to state that the mechanisms the companies have in place to preserve their communication “may well affect the offer it receives to resolve criminal liability.”

Why personal devices and instant messengers (IMs) may spell disaster for regulated entities

With the stakes for maintaining communication compliance being so high, companies are in no position to relinquish control of the regulator-mandated recordkeeping initiatives to employees with personal devices and unapproved instant messengers. Compliance teams, in most cases, will end up having to issue corporate phones with a pre-installed enterprise messaging application because:

  • Employee use of personal devices and IMs don’t come to the attention of the compliance team until it is too late, as evidenced by the case of the WhatsApp fines of nearly $1.1 billion issued by the SEC on 16 Wall Street firms for long-standing failures to maintain electronic communication.
  • There is no centralized record of employee communication when employees use different messaging platforms and devices to interact with colleagues and clients. Consequently, they won’t be in a position to “maintain, preserve, or produce records” till the duration of the retention period or “diligently supervise matters related to their businesses” per the requirements of regulators, which could lead to hefty fines, as was the case with the CFTC settlements with 11 firms that were asked to pay over $710 million.
  • Even with many IMs and phones coming with cloud-based backup options, they are prone to tampering by the employees before the compliance team has a chance to evaluate the messages. There is also no way for them to track the sharing of sensitive company information or non-compliant communication if employees switch to another application for problematic conversations.
  • Many of the consumer messaging apps aren’t built for enterprise-level compliance; their messaging is end-to-end encrypted, and the developers are constantly introducing privacy-focused features, like disappearing messages. Case in point, the FTC has leveled serious allegations against Amazon for its executives allegedly using Signal’s disappearing messages feature to destroy evidence related to an antitrust investigation.
  • Even if the compliance team is able to enact some kind of WhatsApp recordkeeping, call recording, etc., on the devices, employees have the option of switching to another app that isn’t supervised or even a different medium of communication, like video conferencing.

How corporate phones with an approved enterprise messaging platform can be a gamechanger for compliance

Issuing corporate phones to employees, along with adopting a supervised and company-wide enterprise messaging service to communicate business-related matters can bolster your compliance efforts greatly.

It is worth mentioning that the implementation will come with an initial investment, a strict communication policy so employees adhere to the device and app recommendation, and penalties in place to reinforce compliant communication.

However, once the employees are accustomed to conducting their conversations via corporate phones and the approved messaging platform, it can bring major wins for compliance teams, including:

  • Giving compliance teams the ability to disable messaging platforms and functionalities that may hinder compliance, such as iMessage, which allows users to unsend messages, effectively tampering with electronic communication in direct violation of multiple industry regulations.
  • Enabling integration of company phones and the approved enterprise messenger with third-party compliance solutions, including an archiving solution.
  • Allowing the compliance team to retain their employee communication messages and calls with a mobile archiver as needed for audits, review requests, internal investigations, and e-discovery, with policies in place to delete the records once the retention period is over.
  • Making the communication easy to archive, since the messages and calls will all be over the same network.
  • Having a central repository of messages, calls, documents, etc., sent over the enterprise messaging service within an archiving vendor of choice that has tight access controls and an audit trail to ensure transparency and accountability when it comes to sensitive information.
  • Auto red-flagging of certain pre-determined phrases or keywords sent via the approved messaging platform that the compliance team can investigate.

The one-stop solution to communication compliance with company-issued devices

The TeleMessage network archiver can capture messages and calls sent across enterprise communication platforms without the need for any app installation, meaning compliance is automated without any dependence on employees. The archiver creates a copy of the communication, which can be stored on the server of the company’s archiving vendor.

Crucially, the communication can’t be altered or deleted, and the compliance team has the ability to control who can access the information. Since the information is secured along with the relevant context, including the contact details of the sender and receiver, date, etc., compliance teams can filter out the necessary conversations for compliance purposes.

Further, there is the option of setting up automated alerting systems when certain words are mentioned in a conversation, which can go a long way in preventing the leakage of sensitive company information and non-compliant exchanges among employees.

The analysis of the employee communication information can provide the compliance team with deep insights into problem areas, when it comes to compliance with industry and company policy, including the team or individual most likely to violate the rules, so corrective measures can be taken ahead of a disaster.

Most importantly, the archived records will serve as a “single source of truth” for investigations, which will go a long way in helping the regulated entities avoid fines or legal action over complaints of non-compliance.

To see the TeleMessage mobile archiver in action, contact us for a demo.

 

About TeleMessage

TeleMessage captures and retains mobile content, including mobile SMS messages, voice calls WhatsApp, and WeChat conversations from corporate or BYOD mobile phones to ensure compliance with various data protection regulations. The messages are securely and reliably retained within TeleMessage servers or forwarded to your choice of archiving data storage vendor.

Our mobile archiving products securely record content from mobile carriers and mobile devices for various ownership models (BYOD, CYOD, and employer-issued). With our multiple archiving solutions, you can always find the right tools or blend for your requirements:

     

    Skip to content