Millions in Compliance Violations Stack Up as Mobile Communications Compliance Violations Persist

Massive fines continued raining down last year on financial institutions not following requirements to preserve and maintain communications due to the use of unapproved devices and apps. 

The failure to capture, record, and store all communications, even on personal mobile phones, cost more than two dozen firms in the US a combined $392.75 million in fines from the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC), according to GT Global Trading.

The financial news site reports that Trust, TD Bank and Cowen received penalties from both regulators and that the SEC fined a total of 26 broker-dealers, investment advisers, and others for allowing employees to use personal devices and apps to communicate.

Financial industry regulators around the world require banks, brokers and other investment firms to record and archive communications related to financial transactions.

Mounting Penalties and the Global Regulatory Crackdown

The fines continue a crackdown trend that has been taking place in the US, UK and EU.

The EU regulators levied 117 sanctions and measures totaling 1,263,717 euros, or about $1,370,311.53, in 2021.

In the US, the monetary punishments have been considerably higher.

In the fiscal year 2022, the SEC issued fines and penalties totaling $1.1 billion to 16 broker-dealers and investment advisors from 11 firms. Additionally, the Commodity Futures Trading Commission (CFTC) ordered $710 million in penalties for linked communications by senior employees using email and unapproved messaging apps such as WhatsApp and Signal.

According to Reuters, 16 big financial firms got hit. These include DWS ($400 million), Bank of America Merrill Lynch ($225 million), and $200 million each to Barclays, Citigroup, Credit Suisse, Goldman Sachs, Morgan Stanley, UBS, and Deutsche Bank.

This follows a $200 million fine the SEC and CFTC hit JP Morgan Chase with in late 2021. In that case, more than 100 Chase employees, including senior managers, used personal devices and apps for regulated communications outside official channels.

In the financial sector in the EU, the Markets in Financial Instruments Directive 2 (MiFID 2) requires financial companies to record and store all communications related to financial transactions. 

In the United States, that falls under the Dodd–Frank Act, which grants the Securities and Exchange Commission (SEC) the power to require recording communications “for such a period as may be required by the Commission by rule or regulation” and storing “financial or banking data for any payment instrument.”

These regulations extend to the use of mobile phones and apps. 

In the business world, phones (and the apps on them) could be either company-issued or an employee’s personal phone (sometimes called Bring Your Own Device, or BYOD phones). 

Since employees often don’t like using a company-provided app for calling, they bypass it and use their phones’ native dialer to call – which uses their own personal subscription. 

This presents their personal number, not their business number, to the called party, and most significantly – it bypasses the critical call recording technology required to comply with the regulations.

Since the law doesn’t differentiate between company-owned and BYOD communication devices, companies get in trouble, and the fines come raining down.

A Simple Solution: Tango Extend

Fortunately, there is a simple solution to this – Tango Extend. 

Tango Extend allows any smart phone to become a dual use device. The Extend eSIM adds a separate business line, while maintaining the original private line. The solution supports all leading Unified Communications platforms including Microsoft Teams and Cisco Webex.

All business calls and SMS texts using a Tango Extend eSIM are routed back through the office telephone or UC system, operating just like a landline. Mobile calls and text messages can be recorded by the same system used for landlines. By doing this, all mobile data and communications can be managed by the IT department and meet regulatory requirements by being recorded.

The Extend eSIM in any personal smartphone or company-provided phone results in simple, app-less Mobile Unified Business Communications so you can work from anywhere. 

Contacts can be designated personal or business in the contacts list, so they will automatically use the designated line. And the risk of getting fines ends.

Get in touch today to learn more about how compliance can be made easy with Tango Extend.