Multiple fines for improper record keeping

To anyone who has been paying attention to SEC enforcement over the past few years, it should be no surprise that the Commission is focused on the record keeping requirements and communication monitoring of investment advisers. With multiple established businesses being penalized by the regulator for breaches in their record keeping, now’s the time to determine what you need to do to keep your communication strategies compliant.

In December 2021, JPMorgan paid a $125 million penalty levied by the SEC related to record keeping failures. And last September 16 different Wall Street firms were charged for a total of more than $1.1 billion in penalties, with similar record keeping failures. Earlier this month, the SEC announced that they were charging two more organizations, HSBC and Scotia Capital, with widespread record keeping failures. The organizations will be required to pay penalties of $15 million and $7.5 million respectively.

The investigation revealed that employees at both firms frequently used personal devices, like WhatsApp, for securities business communications and failed to preserve and maintain records for most of them. The violations involved employees at all levels of the organization, including senior executives. While this pricked our ears as it continues to emphasize this an area of focus for the SEC, where this really became interesting is the next day the CFTC charged HSBC with a $45 million fine that included the same record keeping failures for which they were just penalized by the SEC.

While we already advize clients that this is an area of business to focus on, these additional enforcements continue to hammer that point home. The fact that the same company was issued penalties by two different regulatory bodies for the same thing at the same time broadens the scope of this issue and make addressing it ever more appropriate. It’s worth noting that both the CFTC and the SEC acknowledged that these two organizations co-operated with the investigations and, as a result, the penalties were reduced.

Leveraging technology and training

If your organization has not already, it’s time to turn your attention to your firm’s record keeping policy to avoid being subject to these same violations. Make sure you have reviewed your record-keeping policy to ensure it is up to date with the current market.

Technology is moving and changing fast, and it is easy for policies to become out of date quickly. Make sure it’s clear to employees where communications are currently being recorded, and that those are the only places they may communicate with clients. We suggest implementing a specific e-communications policy.

The most impactful action we would suggest is training. No matter how strong your policy is, it doesn’t make a difference if employees are not aware of or following it. There’s an old saying that it takes teaching ten times to learn it once. Given the high scrutiny in this topic currently, companies should be out in front of their employees regularly making sure the appropriate communication methods are understood by the organization. We would recommend considering regular attestations from all employees who have contact with clients that they are not communicating outside of approved methods.

How we can help

Our team of international regulatory experts can help you understand the different rules and requirements of the SEC and adapt your compliance systems accordingly.

If this is an area of concern for your business, please don’t hesitate to reach out and we can help provide guidance on how to make sure your business is not the next one to get swept up in one of these headlines.