Some surprising news: in response to a Freedom of Information request from Reuters, the UK Financial Conduct Authority recently confirmed that between 2020 and 2023 it had opened no investigations into Mifid 2 record-keeping failures. This means the FCA didn’t pursue any firms for failing to prevent employees from using unapproved messaging platforms like WhatsApp during that period.
By contrast, US regulators have aggressively targeted record-keeping breaches. The SEC has fined banks $2bn, and the CFTC has fined other institutions over $1bn for their employees’ use of unapproved communications channels.
Whatever the reason for the FCA’s inaction, the direction of travel is clear. Learning from the US, financial regulators around the world could start imposing similar sanctions. To forestall further penalties, banks are warning employees against using personal devices for business-related communication. Platforms like iMessage, WhatsApp, WeChat, Signal, Telegram, Instagram, X, and Snapchat are off limits. Instead, employees must use official channels like office email or Bloomberg messaging.
It’s important to remember that this situation is new. In the late 1990s emails often contained inappropriate content; I can remember my inbox inundated with doctored photos and what today are called memes.
By the early 2000s bankers realised that rogue emails could get them into trouble because they were recoverable even if deleted. The light bulb moment arose in 2002 when the office of New York attorney general Eliot Spitzer disclosed then-Merrill Lynch research analyst Henry Blodget’s emails in its securities fraud complaint.
Bankers still used SMS messaging, but the character limits, onerous typing, and lack of visuals meant you kept messages mostly short and to the point. It wasn’t until around 2012 or so with the explosion of smartphone use that employees had a low-friction way of communicating outside work channels. Even then, it would take a few more years before mass adoption of the messaging apps.
Nice little earner
The crackdown on messaging apps is ironic. Investigations have rarely uncovered substantive wrongdoing beyond record-keeping violations. Employees use these apps for convenience, not malfeasance, and yet US regulators have turned enforcement into a nice money spinner.
For another, if someone really wanted to bypass the rules, they can easily. Several messaging apps offer auto delete features, making it hard for watchdogs to recover erased communications.
...there appears to be no penalty for those leaders and civil servants who used offline communication channels. Their conduct is as cynical as it is hypocritical
So why do bankers use unapproved communication methods? Often, it's due to ease of use or client preferences. Sometimes, it's to discuss sensitive topics that they wouldn't put in an email.
After all, complaints, gossip, and even the odd bit of banter are all part of workplace discourse, but banks drill into their employees from the first day that work email is no forum for saying this stuff. The injunction is usually along the lines of urging a banker to consider how they would feel about what they wrote were it to be made public.
Many financial institutions have monitoring systems to flag potentially problematic content on email, pushing employees towards other communication methods. However, recent regulatory actions have made this increasingly risky.
In the US, senior bankers have faced random reviews of their personal devices. These reviews typically involve lawyers sitting down with the bankers under scrutiny to identify which messages are personal and which breach policy. While there have been a few high profile dismissals, most infractions have resulted in compliance letters rather than severe disciplinary action. But there’s a sting in the tail: no such mercy will be forthcoming if it happens again.
Hypocrisy
It’s understandable that regulators aim to maintain record-keeping integrity by blocking unapproved communication channels. However, there's a double standard at work. Public officials often use similar channels without consequence.
You’d have thought that preservation of communications amongst public officials would be just as important as Mifid 2 record-keeping, but as seen in the recent Covid public enquiries in the UK — in which swathes of messages have magically disappeared amid bedtime deletions, forgotten passwords, reset iPhones and iPads and various other dog-ate-my-homework excuses — there appears to be no penalty for those leaders and civil servants who used offline communication channels. Their conduct is as cynical as it is hypocritical.
The latest crusade is a reminder that for all the exorbitant privilege that bankers enjoy, they are also a uniquely unprotected class in other ways. Bankers are subject to all sorts of restrictions that public officials or even private employees in other critical functions do not endure.
If you’re a banker at most firms, you can’t buy or sell single-name securities, even as Congress, for example, clings to its certain unalienable right to punt stocks. If you’re a banker, you must declare outside interests in more detail than most legislators or government functionaries, and the penalties for omission are much more severe. And you definitely can’t muse on messaging apps about anything remotely business-related, even as British MPs or White House staffers have their own chat groups to discuss politics and policy.
And if you’re a banker, don’t think your personal device is sacrosanct. If your employer or the regulator wants to see it, you are more or less compelled to furnish it. Sure, you can claim privacy, but you risk being cited for non-cooperation and thus deemed no longer “fit and proper” to exercise your regulated function.
The messaging app crackdown shows once again that in the eyes of the authorities, you have consented to all sorts of abridgements of your rights in exchange for the privilege of working at a bank. And those abridgements can be progressively enlarged, presumably because bankers share the collective guilt for crashing the economy in 2008. Nobody — I mean, nobody — will sympathise with a banker who thinks it’s unfair to be held to a higher standard than public servants.
But whatever the actual culpability of bankers for the financial crisis, debacles happen in all areas of public life. It would be good if the officials imposing these rules would subject themselves to the same strictures they impose on the banks. We should always be suspicious of chefs who won’t eat their own cooking.