2022 was a big year for messaging compliance investigations and penalties. Below, we’ve put together a summary of the most noteworthy events of 2022, from crackdowns and penalties to communications non-compliance and everything in between.
JP Morgan Fined $200 Million (December 17, 2021)
Although it technically occurred in 2021, JP Morgan Securities set the tone for 2022 with a cool $200 million in fines levied by the U.S. Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission.
The JP Morgan SEC fine involved the unauthorized use of WhatsApp for business communications. SEC fines for WhatsApp are just one example of how poor messaging compliance can affect businesses, and as the JP Morgan and WhatsApp debacle shows, no organization is immune. Let the JP Morgan fine for text messages act as a warning: Secure solutions for messaging should always be a priority.
Credit Suisse Banker Dismissed (April 1, 2022)
Following in JP Morgan’s footsteps, the global head of Credit Suisse’s equity capital markets syndicate in New York was dismissed in April 2022 for the use of unapproved messaging applications with clients. While it’s unclear whether Credit Suisse WhatsApp usage was the culprit here, the damage was done. Potentially to avoid a huge Credit Suisse fine, the veteran banker was summarily dismissed.
BaFin Pressures Deutsche Bank (May 16, 2022)
In May, the BaFin Federal Financial Supervisory Authority requested that Deutsche Bank provide details about its organization’s use of WhatsApp and similar messaging applications to judge the bank’s compliance standards. BaFin-regulated banks must comply with these audits, and as a top German bank regulator, BaFin regulation enforcement can bring substantial heat to an organization.
SEC Phone Surrender (May 18, 2022)
Coming just days after the Deutsche Bank and BaFin assessment, the SEC announced an escalated texting probe that required numerous teams to surrender their phones, including heads of investment banking teams, traders, and more. Like the above example of a BaFin regulator in Germany acting, this SEC mandate was part of a larger push to examine and encourage messaging compliance at every organizational level. According to some reports, bankers were furious that their personal phones were being examined by regulators.
HSBC Trader Dismissed (June 15, 2022)
Similar to the SEC WhatsApp controversies occurring earlier in the year, in June, a trader from HSBC Holdings in London was released for sending messages through unauthorized communication channels. Just like the text from JP Morgan Chase, the incident didn’t involve directly sharing sensitive details—it was part of a larger investigation into the regulation of private communication channels.
Deutsche Bank’s Leadership Pay Cut (June 23, 2022)
Facing criticism from regulators regarding the widespread use of private communication channels, Deutsche Bank’s leadership waved part of their annual bonuses. The reasons cited had to do with the previous year’s performance as well as the public pressure put on the company from ongoing SEC texting investigations.
The SEC’s $1.1 Billion Fine (September 27, 2022)
We knew this was coming for several months, but didn’t know how many institutions would be involved. In a big push against messaging compliance and recordkeeping failures, the SEC announced charges against 16 Wall Street firms, including Barclays, Bank of America, Merrill Lynch, Citigroup, Credit Suisse, Deutsche Bank, Goldman Sachs, Morgan Stanley, UBS, Jefferies, Nomura, and Cantor Fitzgerald. The combined fine totaled $1.1 billion and is considered a landmark ruling (as well as a warning) to investment advisers and broker-dealers.
The CFTC’s $710 Million Fine (September 27, 2022)
On the same day as the SEC fine, the CFTC announced a collective $710 million fine against swap dealers and futures commission merchant affiliates of 11 financial institutions. Regulators determined that offenders failed to stop their employees (including senior-level staff) from communicating via unapproved applications, including messaging sent through personal text, WhatsApp, and Signal. Aside from the fines, institutions were ordered to perform remedial actions to prevent similar issues in the future.
Regulators Turn to RIAs (October 4, 2022)
In October, regulators turned their focus to registered investment advisors (RIAs) and the way they managed their processes, with specific attention to outsourcing due diligence and maintaining oversight over compliance and recordkeeping responsibilities. These efforts are part of a broader push to protect consumers as more financial advisors explore outsourcing as a strategic focus.
The FCA UK Regulator Questions Banks (October 10, 2022)
The Financial Conduct Authority (FCA), a top banking regulator in the UK, set out in October to learn more about how financial firms handle personal device use and compliant messaging. As one of the top UK financial regulatory bodies, FCA regulations must be adhered to. However, at this stage, the investigation was more of a probe rather than a strict audit of each organization’s compliance with the financial services regulatory framework in the UK.
However, such probes offer insight into how the FCA compliance checklist may evolve in the future, and we fully expect that stricter controls surrounding non-compliant messaging will eventually become part of new banking regulations in the UK.
Pressure Reaches Private Equity (November 9, 2022)
With controls tightening over the course of the year, the pressure finally reached private equity in November when a new SEC texting probe was launched. Per regulatory filings disclosed by groups like Apollo, Carlyle, and KKR & Co, the SEC began questioning their use of electronic messaging for business.
At this point in the year, the connection between SEC fines and WhatsApp is becoming clear. And while the insights gained from the Carlyle SEC filings or Apollo SEC filings are not proof of action, it’s reasonable to assume that comparable entities will face similar scrutiny in the coming years.
We believe that the push for accountability here will be a defining characteristic of 2023, and companies should do what they can now to get ahead of things. Compliance can’t be achieved overnight, and the longer organizations wait to examine their messaging practices, the bigger risk they’ll incur as regulators increase scrutiny of messaging compliance.
SUBSCRIBE TO OUR NEWSLETTER
Useful tips and helpful information.
You can unsubscribe at any time - obviously!