Morgan Stanley imposes steep fines for unauthorized messaging on platforms like WhatsApp

The backstory: US regulators require financial institutions to keep records of all communications between the company and clients to make sure there are no issues with breaking anti-fraud or antitrust laws. So, back in 2021, the US Securities and Exchange Commission (SEC) decided to take a closer look at how major banks were handling digital communications. It wanted to know if they were keeping track of what their employees were saying about official business – especially on personal devices and messaging apps like WhatsApp.

More recently: The SEC wasn't playing around last September when it fined 16 firms, including some big banks, for more than US$1 billion because their staff was using unapproved devices and apps for business communications. Two Morgan Stanley execs even got axed for using WhatsApp for work stuff. Last year, Morgan Stanley also had to fork over US$200 million to settle investigations with the SEC into their employees' use of non-approved messaging platforms. And in 2021, JPMorgan Chase had to pay the same fine.

The development: Banks are now keeping an eagle eye on employees' phones and computers to avoid any breaches in communication policies. And if you thought using outside apps like WhatsApp or iMessage was no big deal, think again. Some banks, like Morgan Stanley, are docking pay and bonuses for employees caught breaking the rules. These fines can range from a few grand to a whopping US$1 million, based on things like the number of messages sent, the employee's seniority and previous warnings, according to the Financial Times. But, because of the popularity and convenience of these outside messaging platforms, some companies may start looking into how to make using them compliant with the laws.  

Key comments:

“Since the 1930s, record-keeping obligations have been vital to maintain market integrity and the SEC’s work as the cop on the beat,” said SEC Chair Gary Gensler in a press release when the SEC adopted the amendments to the electronic record-keeping last year. “This will enhance the Commission’s ability to preserve market integrity and protect investors.”

“Finance, ultimately, depends on trust. By failing to honor their record-keeping and books-and-records obligations, the market participants we have charged today have failed to maintain that trust,” said SEC Chair Gary Gensler in a statement announcing fines to the 16 firms in 2022. “As technology changes, it’s even more important that registrants appropriately conduct their communications about business matters within only official channels, and they must maintain and preserve those communications.”

“The requirements for WhatsApp or iMessage are similar as for any communication channel a bank is using — email, Slack, Microsoft Teams, Zoom, whatever. Anyone communicating on behalf of the bank…needs to be monitored,” said Shiran Weitzman, CEO of mobile risk intelligence platform provider Shield. “With today’s technologies, it’s doable. Why they haven’t done it, that’s a different question. I have my guesses.”