Telephone and Electronic Recording: Private Device Usage Risks Pandemonium for Firms

For regulated entities, the increasing use of personal devices and servers for work-related communication, and vice versa, creates a problematic situation. Regulators worldwide impose duties on employers to monitor employees' workplace communications and have recently started to impose increasingly significant financial penalties for failures to comply with these obligations. In the U.S, JPMorgan Chase was hit with a $200m penalty after senior employees were found to have used unrecorded and untraceable WhatsApp messages to undertake client-facing regulated activity, triggering a reshuffle of the bank’s operating committee and an initiative to claw back salaries. Back in the UK, the brokerage firm Sigma was fined by the FCA over £500,000 earlier this year following a finding several reporting and recordkeeping failures. In a recent newsletter, the FCA stated that financial institutions face "significant compliance risks" in the use of unmonitored communications.

The dual prospect of huge fines and real reputational damage has rocketed the issue of personal device use to the top of the agenda for many compliance officers. However, the increased attention on the matter has not yet garnered a consistently workable solution. Regulators around the world – including the FCA – are clamping down, but the use of personal devices are increasingly prevalent. Some technical solutions have been proposed, such as software on employees’ personal phones to track outgoing communications, but this is expensive, unpopular, and adds more risks, this time in relation to employee privacy. Tried and tested recommendations remain the best defence, namely: providing employees with tech so they are not tempted to use personal devices, having a clear policy on telephone and electronic communications recordkeeping and, perhaps more generally, building a culture of compliance where managers can be confident in their front office staff behaving in a way that does not ramp up the risk of unwanted attention from regulators.

Find out more

Previous
Previous

Reminder of Consumer Duty Deadline

Next
Next

Market Abuse: FCA to Target a Wider Range of Firms for Surveillance Failures