Highlights:
1. Reports have identified that compliance teams are sending “dummy” messages on platforms like WhatsApp and WeChat to unveil whether staff are using unapproved channels for business communications
2. Some firms are also beginning to utilize access stations, which require employees to leave personal devices behind upon entering the office
3. In 2025, an FCA survey found 178 off-channel communications breaches reported across 11 firms over the course of just 12 months, with over 41% coming from senior staff using channels like WhatsApp and Signal
4. These off-channel communication phishing tests highlight that recordkeeping is still a focus for firms as well as regulators
5. As regulators continue to flag widespread breaches, including many that involve senior staff, are these tactics addressing the root of the problem?
This week’s Regulatory Wrap is brought to you by Global Relay’s Director of Regulatory Intelligence, Rob Mason.