Remedies and technology are required to satisfy the regulators
The sequel we had all been expecting to the blockbuster Nightmare on Wall Street (starring JPMorgan Securities) was released on Tuesday this week and in many ways, it was just as ‘box office’ as the first in the series. There were more well-known actors involved in NOWS 2, and as is often the case the plot and dialogue was repetitive. But probably most noteworthy was the messaging and promotion from the co-production teams behind this, the U.S. Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC).
The original release in December last year saw JPMorgan Securities receive a $200m fine for widespread and longstanding use of unrecorded eCommunication (text, personal email, WhatsApp) at all levels of its business (including senior managers and supervisors). It took the market’s breath away due to the size and severity of the action.
This latest round of fines of $1.8bn ($1.1bn SEC; $700m CFTC) for 15 BDs and one IA was hardly less dramatic and has sent a message to all financial firms that recordkeeping failures will simply not be tolerated. Financial firms’ failure to retain and supply communications related to their business impedes the regulators from doing their job properly, threatens market integrity, and is a core breach of trust.
The SEC’s Director of the Division of Enforcement, Gurbir Grewal said, “Today’s actions – both in terms of the firms involved and the size of the penalties ordered – underscore the importance of recordkeeping requirements: they’re sacrosanct…”
The two events combine to leave senior management and compliance in no doubt about where regulators stand on use of new forms of digital channel and communication in an area where many had conveniently been in denial. What was previously a gray area is now black and white. CFTC Commissioner Christy Goldsmith Romero said, “it was well known within these banks that their internal policies were being flagrantly violated in practice. But no one stopped it.”
The regulators left a rather scary footnote and said that other broker dealers and asset managers subject to similar requirements would be well-served to self-report and self-remediate any deficiencies. Firms will no doubt already be busy working on the second of those options, but the first approach is only for the brave.
Remedies could range from a blend of policy change, increased monitoring, attestation, training, increased corporate device deployment, and the adoption of new technology. Compliance teams need to be thorough, swift, document their approach, and create a path to resolution that has the best chance to be viewed favorably by their regulators.
It is clear that this is going to be part of the fabric now and it is going to be interesting to see how many other regulators adopt this approach in their routine supervision and examination, and to what extent it leads to enforcement. This scene is going to be seen again.
As a WhatsApp Business Solution Provider, Global Relay offers direct integration from a corporate’s WhatsApp business accounts into the Global Relay Archive. This reduces risk of data loss and makes for happy regulators. The bonus is the ability for the business to connect to their customers and prospects to stay ahead of the competition, secure in the knowledge they are in total compliance. For more on how to use WhatsApp for business while still meeting your regulatory recordkeeping requirements, please watch our latest webinar.