Off-Channel Still Isn’t Over: When Archiving Gaps Create Compliance Headaches
TL;DR: Regulators continue to crack down on off-channel communication gaps, fining firms that can’t prove their recordkeeping systems actually capture every message as claimed. To avoid costly penalties, firms must actively test, audit, and supervise their archiving technology — not assume it’s working as intended.
Off-channel communications enforcement shows no signs of slowing down. The most recent actions confirm that regulators are continuing to expect firms to prove that every message they say they are capturing is being captured.
Why off-channel communications matter to firms
Enforcement actions have long treated unverified capture systems as equivalent to having no system at all. Whether the platform is approved or third party-hosted, firms remain responsible for confirming that their recordkeeping technology, processes, and supervision function as designed.
Off-channel communications can get costly
During a recent webinar, panelists from Eversheds Sutherland and Smarsh emphasized that recordkeeping lapses keep appearing in familiar forms. The issue is rarely about intent. It is about the execution of controls and the ongoing supervision of systems that firms believe are working properly.
Brian Rubin, Partner at Eversheds Sutherland, summarized the message clearly:
“The lesson is you can’t ‘set it and forget it.’ One firm was ahead of the curve. It approved an instant messaging platform and hired a vendor to archive messages, but they never verified whether devices were connected to the service. FINRA said that failure alone was enough for a fine.”
The firm permitted employees to use a vendor-provided instant-messaging platform that was intended to capture and retain all business communications. According to FINRA, the firm did not:
- Verify that employee devices were connected to the archiving service
- Confirm that the messages were being captured
- Describe in its written supervisory procedures (WSPs) how supervisors should perform those checks
If you’re messaging inside an application your firm uses and it has a chat feature, that can still be a business communication. The SEC and FINRA absolutely expect those to be captured and supervised.
As a result, many employees were either never connected or were connected only part of the time. An unknown number of business messages were never preserved or reviewed, and the firm could not produce them when FINRA requested records. The regulator imposed a $100,000 fine.
What firms can do now about off-channel communications
Off-channel compliance remains one of the most durable enforcement themes in financial services. However, there are proven pathways that firms can take to ensure business communications are retained:
- Test the tech: Regularly audit and confirm that capture feeds, APIs, and devices remain connected.
- Review and update WSPs: Include clear instructions on how supervisors verify message capture and retention.
- Evaluate embedded chat: Identify collaboration, CRM, and other business tools that contain in-app messaging, and ensure those conversations are being captured.
- Increase supervisory attention and practical training: Provide short, scenario-based sessions for managers and staff on reviewing capture reports, recognizing alert signals, and escalating issues quickly.
- Strengthen vendor oversight: Contracts should spell out audit rights, notification requirements, and data retention responsibilities.
As Rubin summarized, “These cases show the risk isn’t in what you don’t know. It’s in assuming what you have is working.”
The technology may change, but regulators’ expectations remain the same: firms must be able to show that every message is preserved, reviewable, and ready to produce when requested.
How Smarsh can help with off-channel communications
When it comes to off-channel communications and the regulatory scrutiny around them, Smarsh offers the kind of comprehensive platform that helps firms close visibility gaps. Our unified communications supervision technology supports 100+ communication channels — mobile, chat, voice, collaboration platforms, email, and more — in native format, with conversation threading and APIs for integration.
This breadth of channel coverage enables your firm to use the communication tools it already has in place. Smarsh supervision tools include customizable policies, review queues, automated dashboards, and open-API integrations — enabling compliance teams to test that feeds are connected, ensure message capture, and demonstrate that supervisory procedures are followed.
Share this post!
- Beyond Email: Supervising Modern Communications - November 25, 2025
- Generative AI: What’s Next for Financial Services - November 24, 2025
- Vendor Oversight Insights from the FINRA Small Firm Conference - November 20, 2025
Smarsh Blog
Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.
FEATURED CONTENT
Ready to enable compliant productivity?
Join the 6,500+ customers using Smarsh to drive their business forward.
More Resources
Subscribe to the Smarsh Blog Digest
Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.
Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing [email protected].
FOLLOW US