Today marks the one-year anniversary of the $549 million fine imposed by the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) on 13 major Wall Street firms for failures in record keeping of off-channel communications.
This significant enforcement action was part of a broader regulatory crackdown aimed at ensuring financial firms maintain proper records of all business-related communications, especially those conducted on personal devices and unauthorized messaging platforms.
Over the past three years, the financial services industry has witnessed a series of significant fines related to the failure to maintain proper record keeping of off-channel communications. This crackdown has underscored the importance of adhering to regulatory requirements in the digital age.
In December 2021, the SEC fined JPMorgan Chase $125 million for failing to preserve off-channel communications. This was one of the earliest large-scale penalties that set the tone for subsequent enforcement actions. The SEC found that the firm’s employees, including senior executives, used personal devices and messaging apps to discuss business matters without maintaining the required records.
By September 2022, the SEC and CFTC had collectively imposed nearly $2 billion in penalties on Wall Street firms. The SEC’s actions targeted 15 broker-dealers and one investment adviser, resulting in fines exceeding $1.1 billion. The CFTC's parallel enforcement saw penalties totaling over $710 million.
In 2023, the trend continued with additional fines. For example, in August 2023, 13 firms were fined a combined $549 million by the SEC and CFTC for similar violations. The fines were split between the SEC ($289 million) and the CFTC ($260 million). These penalties were issued for the firm's failure to maintain records of communications conducted over unauthorized messaging platforms like WhatsApp, iMessage, and Signal. A mere seven weeks later, the SEC fined an additional 10 firms a combined $79 million for similar offenses.
The onslaught of penalties has persisted in 2024. In February, 16 firms found themselves in the middle of the off-channel saga, as the SEC fined them $81 million collectively for their failure to maintain and preserve electronic communications. Notably, one firm involved heeded guidance from regulators and chose to voluntarily self-report its infractions and actively cooperate with authorities. As a result, they received a reduced civil penalty that was significantly lower than the fines handed out to the other 15 firms involved.
As recently as May 2024, the SEC stated that it will continue to treat off-channel communications as a top priority, indicating that the worst may be yet to come.
One year after the substantial $549 million fine, there are mixed indicators of progress in the industry. On the positive side, many firms have started implementing more stringent compliance measures and investing in technologies to monitor and preserve electronic communications. According to SteelEye’s 2024 compliance health check report, 56% of firms are investing in communications surveillance, reflecting a proactive approach to compliance.
However, challenges remain. Only 33% of firms have fully implemented monitoring of relevant eComms channels in response to increased fines related to communications record keeping. A further 22% have initiated projects to introduce monitoring of these channels, 28% have responded by strengthening their policies, while 17% haven’t changed anything.
Despite increased awareness and regulatory scrutiny, only 37% of firms are actively monitoring popular messaging apps like WhatsApp. This gap leaves a significant portion of the industry vulnerable to future fines and regulatory actions.
While the financial services industry has made strides in addressing record keeping requirements, there is still room for improvement.
The hefty fines over the past three years serve as a stark reminder of the importance of maintaining compliance with regulatory standards. As firms continue to adapt to evolving technologies and regulatory expectations, the hope is that they will achieve a more robust and compliant communication framework, thereby avoiding future penalties and maintaining market integrity.
Our fully integrated communications coverage and cutting-edge technology make SteelEye the most advanced Communications Surveillance solution on the market.
SteelEye’s Communications Record Keeping and Surveillance platform captures communications data from a wealth of eComms, vComms, and traditional channels and stores records in a compliant, immutable format, in line with regulations. It thereafter applies advanced surveillance algorithms, AI-statistical models, and intelligent lexicon technology to identify early warning signs of misconduct and market abuse.
DISCOVER THE POWER OF Advanced COMMUNICATIONS SURVEILLANCE
Enhanced risk detection and reduced false positives
All-in-one platform to monitor, manage, and control your communications data
Data consolidation of structured and unstructured sources
Voice transcription and translations
Language switching detection
Advanced call analytics and AI-driven lexicon
Real-time tracking and audit trail for demonstrable compliance
Fast record retrieval for data requests and auditing purposes
Highly customizable and scalable software
About
LOCATIONS
United Kingdom - 5th Floor, 55 Strand, London, WC2N 5LR
United States - 600 Fifth Avenue, New York, NY 10020
Singapore - 600 North Bridge Road #23-01 Parkview Square Singapore 188778
Portugal - Av. da Liberdade 747 1ºD, 4710-251 Braga
India - No. 613, 12th Main, HAL 2nd Stage, Bangalore - 560008
STEELEYE LIMITED, A COMPANY REGISTERED IN ENGLAND AND WALES WITH COMPANY NUMBER: 10581067, VAT NUMBER: 260818307 AND REGISTERED ADDRESS AT 55 STRAND, LONDON, WC2N 5LR.