Financial services firms are facing more compliance challenges than ever before when it comes to capturing, storing, and monitoring communications data. Regulators on both sides of the Atlantic are taking action with substantial enforcement penalties, firm reviews, statements of expectations, and more. As a result, financial firms need to think more strategically about their communications compliance programs to ensure they meet their regulatory obligations not only today and tomorrow, but well into the future.
In this blog, LeapXpert joins SteelEye to discuss today’s communications data capture, storage, and monitoring challenges. SteelEye is the first fully integrated surveillance solution for both trade and communications surveillance. Together with LeapXpert, SteelEye delivers a sophisticated, scalable, and efficient solution – so that firms can empower their employees to communicate across a wide range of channels compliantly.
Throughout this blog, partners LeapXpert and SteelEye break down the changing regulatory landscape for communications data and what firms can expect over the coming year. The blog will also explore how taking a more strategic approach to communications data capture, storage, and monitoring – including adopting compliance best practices and putting an integrated technology infrastructure in place – can significantly reduce the risks that firms face. SteelEye and LeapXpert will discuss how, with the right policies, processes, and technology in place, firms can work towards combating today’s communications compliance challenges.
Understanding the Regulatory Landscape in 2024
Although the rules around electronic communications have not been substantially altered in the US, UK, and Europe in recent years, the levels of enforcement of those rules have changed substantially. A $200 million fine levied against a large international bank by the US Securities and Exchange Commission (SEC) at the end of 2021 for the non-compliant use of WhatsApp transformed existing regulatory interest in communications compliance into a blizzard of fines and investigations.
Some 45 fines have been levied against 29 firms for issues related to off-channel communications and record keeping failures – mainly by the US SEC and CFTC. The fines for off-channel communications helped to propel the overall US regulatory fines in 2022 to a record high of $6.4 billion for the SEC and $2.5 billion for the CFTC Regulators are making it clear that it’s the content contained in a communication channel that matters, not the type of communication channel. In fact, the rules in the US, UK and EU are drawn broadly so that they automatically capture any new communication channels that emerge.
Looking ahead to 2024, the pace of enforcement looks set to continue. In the US, the SEC and CFTC have started examining the use of unauthorized messaging apps at medium-sized and smaller firms, as well as hedge funds, asset managers, and broker-dealers. It is safe to say that more fines can be expected in 2024.
Regulatory interest in messaging apps has spread across both sides of the Atlantic. In 2021, the UK Financial Conduct Authority (FCA) published a Market Watch on the topic of communications record keeping. In late 2022, the FCA fined a broker-dealer £531,000 for, among other things, staff use of encrypted messaging services on personal devices for business. The UK regulator has also held discussions with larger international banks about the frequency and content of staff communications via text and messaging applications.
Additionally, the Bank of England’s Prudential Regulation Authority (PRA) recently censured a business-oriented bank for the use of WhatsApp by senior executives and directors for external communications on both personal and business phones. According to the PRA, the bank had no formal record keeping policies or procedures in place to manage or retain WhatsApp messages. And in August 2023, the UK’s Office of Gas and Electricity Markets (Ofgem) fined an international investment bank £5.41m for failing to record and retain electronic communications, with energy traders using WhatsApp on personal phones.
National regulators in the EU are also starting to act. In the summer of 2023, the Central Bank of Ireland performed spot checks on large financial institutions based in Dublin. The regulator released a summary paper, which asserted that these institutions are not doing enough around record keeping of communications on messaging apps.
So, overall, financial firms – no matter the size, business type, or geographic location – can expect increased scrutiny by regulators in 2024 around the use of messaging apps, and they need to take action now to meet regulators’ compliance expectations.
Part 2 – continued here
Daniel Klein has over 10 years of experience in helping financial firms find solutions to complex compliance challenges. He is currently the Head of EMEA Sales at SteelEye, a RegTech scale-up that is simplifying compliance surveillance and reporting for financial firms through holistic data management.
Prior to joining SteelEye, Dan spent time at Bloomberg – driving the commercial arm for Bloomberg’s EMEA financial compliance solutions. Before that, Dan was at Smarsh, where he helped establish the firm’s European operations in 2014 as the Head of EMEA. Dan started his career in sales and trading at various investment banks.
Throughout his career, Dan has helped hundreds of regulated financial firms implement compliance solutions to meet regulatory demand. He is highly experienced in developing tailored action plans to meet clients’ unique needs so they can reduce risk and gain value from compliance.
Chilip brings more than 20 years of business experience to his role as Director of Business Development and Channels having worked in UK,Hong Kong and across Asia Pacific.
He leads LeapXpert’s partnerships withTechnology, Software, Consultancies, Regulatory Bodies, and Government. Along with an extensive background of Sales and Account Management including working with global organisations such as Thomson Reuters, LexisNexis and Relativity, Chilip is an original member of the FinTech Association of Hong Kong (FTAHK) Regulatory Technology (RegTech) Committee since 2017.
His most recent highlight was participation with Microsoft and KPMG’s RegTech event on “Conduct and consumer protection – LeapXpert” with an invite-only audience of financial services
SUBSCRIBE TO OUR NEWSLETTER
Useful tips and helpful information.
You can unsubscribe at any time - obviously!