SEC and CFTC Fines for Texting Augur Billions More from DOJ
A number of large financial institutions paid $125 million each to the SEC and $75 million each to the CFTC, for a total of $200 million per firm for record-keeping violations. In fact, even the procedural violations were somewhat ethereal, as the SEC orders described them with language such as “[the firm] likely deprived the Commission of these off-channel communications in various investigations” (emphasis added).
Not that technical violations were absent. The financial services firms apparently did not comply with Section 17(a) of the Exchange Act and Rule 17a-4(b)(4), which require broker-dealers to preserve originals of all communications received and copies of all communications sent relating to their business for at least three years. Still, the fines are far beyond any previously meted out for record-keeping violations, and appear especially severe, given that the regulators allege no specific harm to customers.
The significance of the SEC and CFTC orders extends beyond the regulatory realm into criminal law, as the DOJ has already announced its intent to explore similar territory. And there’s virtually no daylight between the expectations of the DOJ and those of the SEC and CFTC. In a memo setting out the DOJ’s new policies, Deputy Attorney General Monaco states, “The ubiquity of personal smartphones, tablets, laptops, and other devices poses significant corporate compliance risks, particularly as to the ability of companies to monitor the use of such devices for misconduct and to recover relevant data from them during a subsequent investigation. The rise in use of third-party messaging platforms, including the use of ephemeral and encrypted messaging applications, poses a similar challenge.” Then, Monaco’s memo pointedly suggests that off-channel text messages will be deemed noncompliant and uncooperative: “How companies address the use of personal devices and third-party messaging platforms can impact a prosecutor’s evaluation of the effectiveness of a corporation’s compliance program, as well as the assessment of a corporation’s cooperation during a criminal investigation.”
In response, companies will need to shepherd any straying employees back onto the record. Both regulators and law enforcement agencies expect policies and procedures governing the use of personal devices and the retention of messages, and disappointing those expectations could be costly. But merely commanding that wayward employees sin no more will be insufficient in many cases. Smartphones and their apps are designed to be tempting, and many people, including customers, prefer text messaging to other forms of communication. Accordingly, the threat of disciplinary actions or terminations for off-channel texting may not be enough by itself to discourage employees.
Instead, companies should consider how to make compliant messaging possible. And some already have. In the securities industry, some broker-dealers have begun using apps that automatically archive text messages sent and received. Such apps can even be used on employee-owned devices with separate business phone numbers, thus allaying privacy concerns regarding nonbusiness related communications. Compliance is more likely to be effective when it’s convenient.
The information on this website is presented as a service for our clients and Internet users and is not intended to be legal advice, nor should you consider it as such. Although we welcome your inquiries, please keep in mind that merely contacting us will not establish an attorney-client relationship between us. Consequently, you should not convey any confidential information to us until a formal attorney-client relationship has been established. Please remember that electronic correspondence on the internet is not secure and that you should not include sensitive or confidential information in messages. With that in mind, we look forward to hearing from you.