Mobile Regulatory Compliance

Companies in highly-regulated industries like finance, insurance, and healthcare among others are required to comply with strict regulations to protect customer data and mitigate the company’s risk of lawsuits and/or fines. 

Today, with the prevalent use of mobile devices, companies are facing a new challenge of how to remain in full regulatory compliance given the fact that employees are using their personal mobile devices to communicate with customers.  

What is Regulatory Compliance?

Regulatory compliance refers to a company’s requirement to adhere to all laws, regulations, and guidelines that apply to its particular type of business. Depending on the specific industry, each country has different regulatory bodies and policies that may apply. 

For example, the financial industry in the US is regulated and monitored by both the SEC and FINRA, the healthcare industry must follow HIPAA guidelines, and in the EU GDPR rules are in place to protect consumer data. 

Many companies employ entire teams of regulatory compliance specialists whose job it is to keep up-to-date with changing regulations and ensure that the entire organization is complying with all aspects of the various rules. 

How Does “Going Mobile” Complicate Regulatory Compliance?

Employees across industries are using their own personal mobile devices for business purposes, exposing their employers to additional risk and leading to lapses in full compliance with regulations. Over 70% of surveyed employees reported using their phone for work-related purposes more than ¼ of the time, with 37% saying the majority of time they spend on their phones is work-related. 

The increased use of mobile devices over the years has complicated regulatory compliance in several ways. In financial services and other regulated industries, companies are required to retain copies and recordings of all communications. When official business is conducted using personal devices, it’s easy for institutions to fall into non-compliance and be exposed to risk.

In addition, when employees are using their own mobile phones instead of company-issued devices to communicate with clients, it is much more difficult for the company to monitor their activity and make sure they are adhering to regulations about market manipulation, insider information, and more. 

Finally, there is the issue of cybersecurity. Hackers are constantly becoming smarter and bolder, always looking for the most innovative ways to take advantage of even the smallest security lapse. While companies have been able to use firewalls and other protective measures to keep their internal networks and systems secure, providing the same protections to mobile devices is much more of a challenge.

Consequences of Non-Compliance 

Companies and their employees can face steep fines and legal repercussions if they are not in compliance with all regulations, including those that relate to mobile devices. For example, major US banks that did not properly monitor employee use of messaging apps were fined a total of $2 billion. This included $200 million levied by the SEC and Commodity Futures Trading Commission (CFTC) against JP Morgan for the unauthorized use of WhatsApp for business communications as well as a $710 million fine by the CFTC against 11 financial institutions also for allowing employees to use unapproved apps to message with clients. The biggest SEC fine totaled $1.1 billion and impacted 16 big Wall Street names including Bank of America, Merrill Lynch, Citigroup and Goldman Sachs for failing to comply with recordkeeping regulations. 

How to Ensure Mobile Regulatory Compliance 

Companies must put practices in place to ensure that they are in full mobile regulatory compliance. Compliance teams need to stay updated on changing regulations specifically as they relate to the use of mobile devices including messaging apps, text messages and even voice communications. 

The easiest way to stay in full compliance is to leverage technological tools designed specifically to enable organizations to capture and monitor mobile communications. Currently, only 37% of US companies are using communication capture solutions to track and monitor email, messaging and voice communications. 

Using a solution  like LeapXpert’s Communication Platform can help companies ensure that they are in full compliance with all regulations having to do with mobile communications, in a simple and easily-integrated way.