Many financial firms in the UK once allowed BYOD for their employees until the implementation of MiFID II and the FCA’s blanket ban of BYOD, especially if the firms can’t retain mobile messages. Firms must archive WhatsApp messages and other forms of instant messages if they continue to allow their employees to use their personal devices.
Recording WhatsApp messages is essential to ensure that a firm’s employees aren’t conducting any illegal and fraudulent activities. Failure to retain information or deliberately deleting messages can mean that any records of non-compliant activities were meant to be kept hidden. A former VTB Banker, Konstantin Vishnyak, was charged with non-compliance after deleting his WhatsApp messages.
The FCA alleges that Vishnyak deleted his WhatsApp after he was required to provide as part of an investigation. Vishnyak allegedly knew that the information within the messaging app was relevant to an investigation.
Konstantin Vishnyak’s Violation
Konstantin Vishnyak was under investigation for suspected insider dealing offences, and his communications data was to be checked on as part of the investigation until he allegedly deleted his WhatsApp account. Companies that allow their employees to use their own devices and WhatsApp must keep the FCA handbook rule SYSC 10A.1 in mind to ensure that an incident similar to Vishnyak’s violation. The rule states that “A firm must take all reasonable steps to prevent an employee or contractor from making, sending, or receiving relevant telephone conversations and electronic communications on privately-owned equipment which the firm is unable to record or copy.”
Under the Financial Services and Markets Act of 2000, a person is deemed guilty of an offence if they destroy documents relevant for an investigation that is either ongoing or will likely be held in the future. The falsification, concealment, and disposal of pertinent information also fall under the Act. Like other messages required to be archived by FCA, WhatsApp messages must be retained at all times to keep anyone from disrupting investigations.
Because Vishnyak was under investigation, his alleged actions in deleting WhatsApp is equivalent to the destruction of information relevant to the investigation.
Complying with FCA while Using WhatsApp
Financial firms are not prohibited from using WhatsApp to send and receive messages as long as they can record and retain such communications data. The widespread use of non-enterprise grade communications platforms like WhatsApp is a reality now as many customers prefer such messaging solutions to communicate. Employees can easily communicate with their clients when they use their preferred means of communication.
Using WhatsApp can be problematic since it is a self-deleting messaging application, which is why only firms that can archive WhatsApp messages should use them. Without any means to retain communications data, a firm using the app will become non-compliant with WhatsApp archiving regulations.
Firms must also ensure that they can retain WhatsApp messages even if a rogue employee decides to delete the application or loses their mobile device. Should Konstantin Vishnyak be proven guilty for removing his WhatsApp, then financial companies must ensure that they cannot experience similar cases because of their data retention capabilities.
Companies must invest in WhatsApp Archiving solutions so they can retain the messages in either a secure server or on the cloud.
TeleMessage WhatsApp Archiver
Financial companies can use either TeleMessage’s WhatsApp Phone Archiver or the WhatsApp Cloud Archiver to let their employees use WhatsApp while staying compliant, especially since the coronavirus pandemic led to work from home setups for such firms. The WhatsApp Phone Archiver can capture and record chats, including texts, multimedia, documents, and deleted messages. The WhatsApp Cloud Archiver can support firms using the WhatsApp Business app.
The TeleMessage WhatsApp Archiver is the latest addition to our mobile archiving products that can securely capture and retain content from mobile devices for a variety of ownership models (BYOD, CYOD, and employer-issued). It is tailor-made to solve compliance and regulation issues by capturing and archiving WhatsApp messages. The messages are securely and reliably retained within TeleMessage servers or forwarded to an archiving data storage vendor of the financial firm’s choice. The application works like the standard WhatsApp application, allowing employees to continue sending work-related messages easily and quickly. With our multiple archiving methods, you can always find the right tools or blend for your requirements: