The Risks of Using Unapproved Channels for Business Communication
Unapproved channels of communication, especially in finance companies, have come under the scrutiny of regulatory authorities recently.
The US Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority (FINRA), and even the Commodity Futures Trading Commission (CFTC) are all breathing down the necks of banks, stock brokers, hedge fund managers, etc.
The regulators’ intention is to ensure data protection, compliance with business communication archiving laws, and adherence to e-discovery requirements.
These regulatory authorities have all zeroed in on unapproved channels of communication as the primary culprit when it comes to data security breaches, unabashed insider trading, and violations of regulations governing business communication archiving.
Unapproved channels can end up as your firm’s undoing
Unapproved channels of employee communication/ off-channels pose significant risks to individual employees, such as stock brokers, the firms themselves, and the clients as well.
Notably, registered financial firms that have employees communicating business-related information on personal, unsecured devices or instant messaging applications can face:
Books & record violations
Failing to adhere to SEC and FINRA text archiving guidelines due to the use of unapproved channels can lead to stiff penalties.
In September 2022, an investment adviser and 15 broker-dealers agreed to pay over $1.8 billion in civil penalties to the SEC for not maintaining and preserving business communication on personal devices, violating the Securities Exchange Act of 1934, Commodity Exchange Act, and the Investment Advisers Act of 1940, in addition to many other relevant rules.
Major players in the industry, including Goldman Sachs and Morgan Stanley, are also in the crosshairs of the SEC; in recent times, these Wall Street majors have had to cough up nearly $2 billion in penalties for not sufficiently monitoring their employees’ use of unauthorized messaging channels.
Due to this crackdown by the regulatory agencies, companies need to become wary of the challenges presented by text messaging/voice call applications, such as Telegram, WeChat, iMessage, and WhatsApp to communicate with clients or colleagues.
Communication via these apps can easily be deleted or lost due to backup issues, causing firms major problems when they are asked to present business communication as part of e-discovery during legal proceedings. Even if the communication can be retrieved, the text messages are all unorganized, and companies, legal teams, or regulators may find it challenging to find what they are looking for amid all the personal messages and calls.
Fines for individual brokers
A stock broker based out of New York was fined $7,500 for using an unapproved channel for communication by FINRA. The broker had used his private phone to text a customer about the securities business, account performance, investment choices, and other topics, which the regulatory agencies frown upon.
Another broker faced a fine of $10,000 for texting customers privately and guaranteeing that the firm couldn’t preserve the communications as mandated by the regulators.
In another instance, a broker was barred from associating with FINRA members because he refused to turn over information requested by FINRA as part of its review of a FORM U5 submitted by the company.
Given the increasing frequency of these fines by the FINRA and SEC, financial firms that intend to protect their top talent and reputation need to crack down on the use of communication channels that aren’t authorized.
Lack of a control mechanism for the management
FINRA mandates that firms must have in place mechanisms to review incoming and outgoing written communication, including electronic, especially when the messages contain information related to securities or investment banking business. Not meeting FINRA retention requirements, such as the FINRA Rule 3110(b)(4), FINRA Rule 2110, etc., that have been put in place to protect client and company information can have negative ramifications for the company.
When employees use unapproved channels for their business-related communication, the company is largely powerless to prevent harmful, misleading, or otherwise problematic messages from being sent out by the employees. This could also mean that companies aren’t in a position to identify leaks of sensitive financial data of the clients or the company’s proprietary trading strategies.
Even if companies have in place written supervisory procedures to routinely monitor employee communication about business, it is impossible to identify sensitive information communicated via unauthorized messaging channels because the messages can be deleted anytime and companies have to rely on employee testimony to determine whether they have breached SEC or FINRA rules.
Further, firms with BYOD (bring your own device) policies have a harder time preserving internal and outgoing calls and text messages for regulatory compliance and e-discovery purposes.
Productivity issues of unapproved channels
Messaging channels that aren’t approved by the company or regulatory authorities aren’t just unsafe. They can also be highly distracting; employees can spend hours sending non-work related messages when they are allowed to utilize unapproved channels that can’t be supervised by the employers.
Another major issue with unofficial communication channels is that messages from the management that are important may be drowned out by the flood of random messages sent by employees, and the company will have no way of knowing if the information they sent out has reached everyone.
When it is time to audit employee communication while facing litigation, companies have to again sift through volumes of irrelevant information to get to the text messages they are looking for, further draining company resources.
Curbing the ill effects of unapproved channels of communication
It is mission-critical for companies to mitigate the problems caused by the use of unapproved channels in the workplace and remote settings for communication with coworkers and clients.
One of the most impactful things a company operating in the finance sector can do is implement a text message and call monitoring software and archiver built for complying with FINRA, SEC, CFTC, etc., regulations.
Such an archiver can put the management’s mind at ease, as all the communication channels are monitored in real-time for non-compliance.
With an archiving solution like TeleMessage, employee communication can be retained and preserved for as long as necessary. Not just that, the messages can be easily retained when needed for internal investigations or e-discovery. The messages can further be segmented based on keywords to identify potentially problematic communication within the team or with clients.
The best part is that irrespective of the device or network used by employees, companies can be on top of all their business communication and meet all of the regulatory authorities’ archiving, auditing, data privacy, and e-discovery requirements.
If you are a financial firm looking for an effective, all-inclusive archiving solution to neutralize the threat from unapproved channels of communication, contact us for a consultation.
