Compliance Crackdown! Failure to record and retain communications

In September, the #SEC and #CFTC have taken decisive actions against financial institutions, especially Tier 2 firms.

The main concern? Failures in upholding proper record-keeping for communications. This includes lapses in following their own internal guidelines, particularly when it comes to the unauthorised use of communication apps, also by their top management.

Meanwhile, in the UK, #Ofgem made waves by issuing its first-ever sanction related to electronic communication compliance, zeroing in on Morgan Stanley Co. International Plc for failure to use reasonable efforts to make sure that its employees did not use WhatsApp for their trading communications under UK REMIT. But does this apply to you?

Remember, the US standards for corporate compliance programs, updated in March 2023, emphasize that for a compliance program to truly work, risk-based measures for managing communications are a must-have ✅.

Key Questions to Consider

Diving deeper with some practical questions to help you identify requirements and possible measures:

  1. Active in the EU energy wholesale market or engaging with price agencies? Record-keeping requirements might apply to your communications.
  2. Member of an exchange for equity or commodities? Especially in the US, certain communications might be under record and retention mandates.
  3. Recording communications for trading? Consider implications related to inquiries and investigations. Have you considered them?
  4. Have a policy, procedure or document defining communication apps for business? ❌No? Assess if you need one.  ✅ Yes? Ensure it's up-to-date and reviewed regularly. Your IT and CISO teams are key partners here.
  5. Approval process for new communication apps? ✅ Yes? It is Compliance looped in? Collaborate with IT, HR, and Cyber Security teams. ❌ No?  Ensure that Compliance is involved early on and collaborate with others to assess if you need one
  6. Operating in the EU, UK, or Switzerland? Data privacy, especially for personal data like business emails, is crucial.
  7. When did you last address communication topics with your team? Regular training and interactions are essential for compliance.


Facing Challenges in these areas? Let our experienced team assist you!
This website uses its own and third-party cookies to improve the browsing experience as well as for analysis tasks.

What are cookies?

A cookie is a small file stored on the user's computer that allows us to recognize it. The set of cookies help us improve the quality of our website, allowing us to monitor which pages are useful to the website users or and which are not.

Acceptance of the use of cookies.

Necessary technical cookies

Always active

Technical cookies are absolutely essential for the website to work properly. This category only includes cookies that guarantee the basic functions and security functions of the website. These cookies do not store any personal information.

Analytic cookies

All cookies that may not be particularly necessary for the website to function and are used specifically to collect personal data from the user through analysis, ads and other embedded content are called unnecessary cookies. You must obtain the user's consent before running these cookies on your website.