The financial industry is one of the most regulated industries in the world, with different communication compliance regulations that must be fulfilled in each country. Unlike when email was the dominant digital communication method, social media, Instant Messaging (IM), and collaboration apps have become imperative for financial services today.
In the aftermath of the pandemic, many global organizations, including financial services, have adopted remote and hybrid working practices. It has been demonstrated by several research studies that organizations are still adapting to remote working cultures after the pandemic has passed..
For example, one study revealed that 36.2 million American employees will work remotely by 2025. This will increase the demand for digital communication channels to continue business operations from anywhere.
That being said, using new digital communication channels in the financial industry has increased global communication compliance risks. With the drastic transformations in communications, compliance violation charges have increased. Some notable examples include the SEC recently charging 15 broker-dealers and one affiliated investment adviser for longstanding failures to maintain and preserve electronic communications, including communications from WhatsApp and Signal apps, insider trading charges of SEC against Bay Area finance employees, etc. Also, the Annual Analysis by Eversheds Sutherland indicated a drastic increase in financial sanctions by FINRA.
The regulators have included many emerging digital communication mediums in their laws and increased scrutiny of such channels. For example, SEC has declared that it will focus on market manipulation through social media. Therefore, financial companies must comply with new rules that govern instant messaging, social media, and collaboration apps they allow employees to use by monitoring, capturing, and archiving all work-related or business communications.
Digital Communication Compliance Laws for the Financial Industry
In order to understand how communications compliance laws have been amended to include many emerging communication platforms, the following describes major digital communication compliance laws in the USA, the UK, the EU, and Canada.
- SEA Rule 17a-4(b)(4) – SEC Book and Records Keeping rules require keeping all electronic communications relating to the firm’s business, including emails and instant messages, for at least three years in an easily obtainable location.
- SEC Advisers Act Rule 206(4)-7 – Firms should not use testimonials or referrals as part of social media advertisements and promotions.
- SEC DFA Section 764 and CFTC SEA Section 15F(g)(1) -trading communications and related records of security-based swaps must be recorded. This includes all electronic communications (e.g., emails and instant messages).
- FINRA Regulatory Notice 10-06 and 11-09 – Guidance on Blogs and Social Networking Web Sites indicate that ‘Every firm that intends to communicate, or permits its associated persons to communicate, through social media sites must first ensure that it can retain records of those communications as required by Rules 17a-3 and 17a-4 under the Securities Exchange Act of 1934 and NASD Rule 3110. SEC and FINRA rules require that for record retention purposes, the content of the communication is determinative, and a broker-dealer must retain those electronic communications that relate to its “business as such.”7.’
- Investment Advisers Act, Rules 204(2) and 206(4)-1 – financial advisers must keep categories of written communications received and copies of written communications sent by them. This includes ‘ investment advice, buy/sell orders, receipt, and distribution of funds or securities, and the performance of managed accounts or recommended securities. Therefore, if an advisor uses an IM app like WhatsApp to place an order, they must maintain records of that communication.
- FINRA Regulatory Notice 11-39 – Social Media Websites and the Use of Personal Devices for Business Communications – Financial firms or associated persons may not sponsor a social media site or use a communication device that includes technology that automatically erases or deletes the content. Also, this notice includes reminders on other record-keeping requirements.
- FFIEC Social Media Guidance – Firms must ensure to implement a recordkeeping system to archive activities
- Dodd-Frank Act (CFTC) Section 731 – All electronic communications, including instant messages related to all transactions, need to be captured and retained safely and in a way that is easily retrievable by the regulators.
UK and EU
- FCA Market Watch 66 – FCA expects firms to continue to comply with the recording obligations according to SYSC 10A. They have highlighted that increased remote working has also increased misconduct, especially from “unmonitored and encrypted communication applications (apps) such as WhatsApp.”
- FG15/4 by FCA – Social media and customer communications guidance or the FCA’s supervisory approach to financial promotions in social media states that any form of communication (including through social media) is capable of being a financial promotion, depending on whether it includes an invitation or inducement to engage in financial activity. Firms must also keep satisfactory records of any significant communications and demonstrate that they have a system to sing-off digital media communications.
- IIROC Regulatory Notice – Communications from all digital communication mediums, including print, broadcasting, and electronic media like “Facebook, Twitter, YouTube, blogs, and chat rooms, need to follow the IIROC Dealer Member Rules. Thus, firms must keep records of business transactions, customer communications, financial affairs, and all other related communications.
- IIROC Dealer Member Rule 1300.1 – Firms must use tools to monitor all content and activities from social media with detecting phrases and words for non-compliance
The above regulatory updates aimed at covering all the communication channels firms use nowadays emphasize the need to capture the relevant communications, including social media communications.
Financial firms must invest in modern record archiving solutions that capture all the communication in financial services from all modern channels like WhatsApp, Signal, Slack, Teams, Facebook, LinkedIn, etc. The solution should comply with all the regulations, including data privacy regulations, and store data in a central repository.
Most importantly, financial firms must ensure mobile compliance while allowing their employees and clients to use their preferred communication channels by equipping companies with modern, cloud-based technologies for capturing, archiving, and monitoring every channel.
How does using LeapXpert help achieve global digital communication compliance in financial services?
LeapXpert provides financial firms with a modern, high-quality, and compliant mobile messaging solution. Its federated architecture integrates with many instant messaging apps, including WhatsApp, iMessage, SMS, WeChat, Telegram, Signal, and LINE, and supports all regulatory laws in the financial industry. This allows organizations to carry out secure and compliant mobile communications.
LeapXpert has several deployment models and supports fast information search and retrieval. Additionally, our mobile communication capturing and archiving solutions are ‘secure by design’ because they maintain a high level of security using mechanisms like malware scanners, antiviruses, DLP, and many more.
SUBSCRIBE TO OUR NEWSLETTER
Useful tips and helpful information.
You can unsubscribe at any time - obviously!