Enforcement crackdown on use of unauthorised communication channels continues

invAs we wrote about in more detail in our recent article, employee use of personal communications channels for work purposes has become a serious concern for regulated entities. Globally, regulators in financial services customarily require employers to monitor workplace communications and keep records. This is highly challenging for the employer if work communications occur on personal channels.

The SEC fined numerous Wall Street firms for this type of failing in November 2022. These latest fines suggest the problem remains a high priority for the regulator. The topic is also on the radar of the UK’s Financial Conduct Authority (FCA), and we anticipate more enforcement action in this area. That is especially likely given the increased challenge of monitoring work communications during periods of widespread home working necessitated by the COVID-19 pandemic.

Regulated firms should remain alert to the risks. It is worth noting that the latest recipients of SEC fines had identified the problems themselves, self-reported them and undertaken remedial action.  This cooperation was reflected in the reduced penalties which were issued. The firms had policies in place to prevent unauthorised messaging, but employees, including some in senior positions, did not always comply. As noted in our previous updates, “tone from the top” is crucial for firms to ensure they foster a culture of regulatory compliance. Firms should actively consider how their policies are enforced and monitored, and act promptly regarding any concerns; a reminder emphasised by the Director of the SEC’s Enforcement Division (Gurbir S Grewal), “Today’s actions should not only remind firms of the importance of following SEC recordkeeping requirements, but also the value of disclosing violations when they do occur.”