The United States Securities and Exchange Commission (SEC) recently fined 16 financial firms over $1 billion for failing to comply with regulations around capturing and retaining electronic messages using third-party messaging apps such as WhatsApp.
What Actions Led to the WhatsApp Fines?
Financial firms have long been governed by rules and regulations requiring them to capture and store business-related communications. As third-party messaging apps have grown in popularity, employees of financial companies have begun using these apps to communicate with clients.
As a result, regulations have changed to include WhatsApp and other similar apps, making it clear that companies are required to monitor, capture, and archive these types of electronic communications. A number of companies, however, have been slow to change their policies and operating procedures, leaving them open to fines and penalties. Despite warnings from regulators, many individuals at various securities firms were using WhatsApp and other unauthorized apps without maintaining the required records.
Widespread and systemic breaches were discovered, with guilty parties including managing directors, heads of trading desks, and other employees. Even those who were responsible for enforcing company policies prohibiting employees from using WhatsApp for business-related purposes were caught violating the policies.
How to Prevent Receiving WhatsApp Fines
There are lessons to be learned from the consequences faced by the companies whose employees did not adhere to the rules and regulations regarding the retention of electronic communications. Following are best practices that companies can follow to ensure that they are in full compliance:
- Commitment from the top – it is critical for everyone from the C-suite down to show commitment to compliance practices.
- Close gaps in recordkeeping – given the likelihood of employees using a whole range of messaging apps to communicate with clients, companies should conduct a thorough assessment of all methods of communication (including WhatsApp, Zoom, Slack, Facebook Messenger, etc.) in order to determine where there might be gaps in the capturing and archiving of messages. Once identified, those gaps should immediately be closed and messages retained.
- Technology assessment – many firms already have some compliance solutions in place, but they may not be set up to capture messages from the full gamut of messaging apps. A solution like LeapXpert provides an all-in-one platform that can easily enable a company to capture and archive messages in accordance with all relevant regulations.
- Employee training – providing ongoing training to all employees will ensure that they are up-to-date on the most recent laws and regulations that they are required to follow.
- Monitoring and accountability – companies should implement a process by which they monitor the recordkeeping policies and ensure that all employees are held accountable to following the rules. Any potential breaches should be investigated immediately.
- Address privacy issues – while complying with recordkeeping requirements is crucial, it must be done in a way that does not compromise the privacy of employees or clients.
Get a demo today to learn how LeapXpert can help ensure your company’s full compliance and prevent WhatsApp fines.