By Andrew Moran
U.S. regulators announced charges and fines against 11 Wall Street firms over their failure to maintain electronic records of employee communications.
The Securities and Exchange Commission (SEC) disclosed the combined $289 million in fines following a two-year enforcement investigation that focused on Wall Street’s “off-channel” work communications, including Apple’s iMessage, WhatsApp, and Signal, that they say violate rules that require companies to retain specific work-related communications.
The 11 firms agreed that employees used side channels to talk about corporate business and failed to preserve records. Using these encrypted third-party applications makes it impossible for banks to record and retain communications logs.
Some of the companies that were fined are Wells Fargo ($125 million), BNP Paribas Securities ($35 million), Bank of Montreal Capital Markets ($25 million), and Wedbush Securities ($15 million).
“Today’s actions stem from our continuing sweep to ensure that regulated entities, including broker-dealers and investment advisers, comply with their recordkeeping requirements, which are essential for us to monitor and enforce compliance with the federal securities laws. Recordkeeping failures such as those here undermine our ability to exercise effective regulatory oversight, often at the expense of investors,” Sanjay Wadhwa, the SEC’s deputy director of enforcement, said in an Aug. 8 statement.
“The 11 firms settling today have acknowledged that their conduct violated the law regarding these crucial requirements, and are implementing measures to prevent future similar violations. However, we know that other SEC-regulated entities have committed similar violations, and so our work to enforce industry-wide compliance continues.”
In addition, banks were ordered to cease and desist from future violations and hire independent compliance consultants “relating to the retention of electronic communications found on personal devices and their respective frameworks for addressing non-compliance by their employees with those policies and procedures.”
Meanwhile, the Commodity Futures Trading Commission (CFTC) announced in a separate statement that four financial institutions would pay a total of $260 million for similar violations. They include Bank of Montreal ($35 million), BNP Paribas ($75 million), Société Générale ($75 million), and Wells Fargo ($75 million).
So far, the CFTC has issued enforcement actions against 18 companies and imposed more than $1 billion in penalties “for violations of the CFTC’s recordkeeping and supervision requirements involving the use of unapproved communication methods,” said Ian McGinley, the director of enforcement at the CFTC.
“The Commission’s message could not be more clear—recordkeeping and supervision requirements are fundamental, and registrants that fail to comply with these core regulatory obligations do so at their own peril,” Mr. McGinley said.
Feds Crack Down on Inadequate Recordkeeping
This isn’t the first time the SEC has clamped down on Wall Street firms over widespread recordkeeping failures.
In September 2022, the SEC reported that 16 companies agreed to pay penalties totaling more than $1.1 billion after acknowledging that they violated recordkeeping provisions of federal securities laws. Eight banks paid $125 million each, including Barclays, Goldman Sachs, Morgan Stanley, and UBS Securities. Jefferies and Nomura Securities International each paid $50 million in fines.
“Finance, ultimately, depends on trust. By failing to honor their recordkeeping and books-and-records obligations, the market participants we have charged today have failed to maintain that trust,” SEC Chair Gary Gensler said in a statement. “Since the 1930s, such recordkeeping has been vital to preserve market integrity. As technology changes, it’s even more important that registrants appropriately conduct their communications about business matters within only official channels, and they must maintain and preserve those communications.
“As part of our examinations and enforcement work, we will continue to ensure compliance with these laws.”
This past spring, HSBC Securities and Scotia Capital paid a combined $37.5 million in fines as part of settlements with the SEC and CFTC over similar issues.
Last fall, the SEC voted to adopt rule amendments to requirements surrounding electronic recordkeeping, production of records, and third-party recordkeeping services. The changes were in response to technological changes over the past 20 years.
“Today’s rule amendments would facilitate the SEC’s ability to examine and inspect records consistent with modern technology,” Mr. Gensler wrote. “They would enhance the Commission’s ability to preserve market integrity. That helps protect investors.”
The Cop on the Beat
Over the past two years, the financial market watchdog has been bolstering its role of reining in bad actors.
In addition to ensuring that Wall Street goliaths are following federal securities laws, Mr. Gensler has been targeting two other components in the sector: cryptocurrency and artificial intelligence.
Appearing before the Senate Appropriations Committee, Mr. Gensler defended the SEC’s $2.4 billion budget, about $73 million less than he initially requested. He argued that these funds are necessary to prevent the SEC from failing to keep up with the various market challenges.
“As the cop on the beat, we must be able to meet the match of bad actors,” Mr. Gensler told lawmakers. “Thus, it makes sense for the SEC to grow along with the expansion and increased complexity in the capital markets.”
Without a heightened presence in the financial markets, there could be a greater “possibility for wrongdoing,” he said.