Banks Need to Embrace WhatsApp

June 23, 2020by Shaun Hurst

Subscribe to the Smarsh Blog Digest

Subscribe to receive a weekly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

This article was originally published in the Banking section of Global Banking and Finance Review on May 15.

How we interact and communicate has evolved dramatically over the past decade. This is especially true in the workplace. Ten years ago, our working days were spent communicating via e-mail and phone calls. For most companies, this has been replaced by a broad range of modern collaboration tools and instant messaging platforms. Microsoft Teams, Slack, Zoom and WhatsApp now dominate the way we work.

As the coronavirus outbreak has led to many professionals starting to work remotely, we can see just how far these platforms have come in enabling us to connect and collaborate from anywhere in the world. But for companies in regulated industries, the adoption of these tools has been less straightforward.

For the most part, partial or outright restrictions have been introduced by financial services companies due to fears of compliance issues. Many lack the technology solutions they need to capture, archive and monitor the more diverse flow of communications data that these modern platforms create. But corporate bans haven’t stopped employees from adopting these tools on their own, leaving companies open to compliance issues later down the road.

WhatsApp and Financial Services Regulations

This is most evident with WhatsApp. Many people working in the financial services industry already know that the end-to-end encryption messaging tool is ubiquitous and widely used to keep in touch with colleagues, clients and contacts. But while company policies largely prohibit the use of WhatsApp, financial regulators have stayed away from an outright ban. Instead, they have issued guidance requiring companies to ensure that the instant messaging tools used by their employees are supervised and in compliance with already existing record-keeping rules such as MiFID II.

Last year, the FCA stated that firms need to “take reasonable steps to prevent an employee or contractor from making, sending or receiving relevant telephone conversations and electronic communications on privately-owned equipment which the firm is unable to record or copy”. Similarly, the SEC issued guidance in late 2018 reminding companies of their responsibility to monitor electronic messaging and encouraged them to “stay abreast of evolving technology.”

Ensuring that these guidelines are adhered to has been complicated by the fact that many companies have brought in outright or partial bans on unmonitored instant messaging tools while also adopting bring-your-own-device (BYOD) policies. Largely implemented to cut costs, these BYOD policies mean businesses are now less able to police which communications apps and platforms their employees are using. This means that they now do not have the oversight they need to ensure that employees are adhering to the bans.

Legal Issues with WhatsApp

Several legal cases brought against investment banks in recent years have been centered around the misuse of messaging tools like WhatsApp. Bankers at two of these institutions spoke to the FT last year. They highlighted that while employees are trained on how to use new media at work in accordance with compliance regulations, they are still able to install communications apps on their private phones.

The compliance challenges this raises have been widely played out in the financial media over the past two years, with multiple firms being handed significant fines due to their communications-monitoring oversights. This doesn’t have to be the case. Companies working in regulated industries, and especially financial services companies, must embrace the tools that they know are in wide use by their employees.

The Solution: Capturing and Supervising WhatsApp Communications

Very few have introduced the monitoring solutions they would need to adequately manage the use of WhatsApp or other encrypted messaging tools by its employees. But encrypted messaging tools like WhatsApp and WeChat can be captured, monitored and supervised. Firms simply need to invest in the technology they need to do so.

This is true not just for encrypted services like WhatsApp, but for all modern collaboration tools. Many financial services firms have been hesitant to fully integrate these productivity-enhancing platforms. In times like these, where effective collaboration between remote teams is so important, the measures taken to ensure communications tools are being used compliantly is becoming increasingly important. Companies must accept the realities of their employees communicating through new and innovative mediums. What matters now is enabling them to use these tools in a compliant way.

Share this post!

Shaun Hurst
Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

Recent Posts

call voice unkown caller mobile phone featured img
Collaboration Tools for a Stay-at-Home Workforce Present Opportunities to Empower Businesses
Read more
gavel and books with green blue gradient overlay
Four Issues to Consider About the California Consumer Privacy Act (CCPA)
Read more
Regulatory Updates
SEC Fines Firm One Million Dollars for Compliance Violations
Read more

Get a Quote

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Contact Us

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.