In the rapidly evolving world of technology, new developments have often attempted to test the boundaries of our laws. In recent years, modern communication platforms such as WhatsApp, Signal, and Telegram have gained popularity. Major players in the financial sector, including broker-dealers and hedge funds, are alleged to have been using these apps for backroom and offline communications, eluding federal rules mandating the preservation of business communications. Some institutions are even alleged to have utilized these apps as a means to engage in unlawful conduct. While use of these apps in the financial sector have been flying under the regulatory radar, they have arguably not been flying outside of regulatory reach. U.S. regulators—including the Securities and Exchange Commission (“SEC”), the Commodity Futures Trading Commission (“CFTC”), and the Department of Justice (“DOJ”), among others—have taken action to curtail these types of off-channel communications. While regulators teed off with enforcement over broker-dealers under their robust preservation regulations, they have now shifted toward investment advisers who seemingly operate under less stringent rules.
Phase 1: Broker-Dealers
The SEC’s efforts to enforce compliance with record-keeping requirements in this new modern age turned a significant corner in December 2021 when JP Morgan admitted wrongdoing in a settlement, a rare occurrence in such matters. The firm agreed to pay a staggering $125 million penalty—nearly ten times what the SEC has previously imposed in similar matters. The penalty was warranted, as cheekily explained by SEC Chair Gary Gensler, because “[s]ome market participants did not act as if they got the message.”
Since the JP Morgan settlement, over a dozen broker-dealers have faced enforcement actions that have led to penalties that exceeded $2 billion. These institutions have also committed to retaining compliance consultants to enhance compliance practices and conducting comprehensive reviews of the institutions’ communication retention policies and procedures.
The broker-dealer recordkeeping rule at the heart of these SEC actions is Rule 17a-4 of the Securities Exchange Act of 1934. Broker-dealers must preserve originals of all communications related to their “business as such” for at least three years. To meet the electronic record-keeping requirements, firms must maintain records in a non-rewritable, non-erasable format known as “write once, read many” (“WORM”). (Alternatively, as of May 3, 2023, broker-dealers have had the option to use an alternative “audit-trail” method, allowing for the recreation of original records if they are deleted or modified.)
However, the SEC asserted that, in violation of Rule 17a-4, senior and junior brokers, bankers, traders, clients, and other related third-parties were routinely found to be communicating about business matters off-channel, such as debt and equity deals and various trading issues. By not overseeing these unofficial communication platforms (or having the capability to search them, if subpoenaed), broker-dealers were alleged to have created a regulatory blind spot, hindering regulators’ ability to oversee the markets effectively and gather evidence for investigations.
Both the CFTC and the DOJ have also taken aim at these practices. CFTC Commissioner Christy Goldsmith Romero asserted that financial firms have engaged in “widespread unauthorized communication methods” to “evade [CFTC] regulatory oversight,” including “at the direction of senior executives who knew they were violating bank policies but wanted to obfuscate communications surrounding trading.” For example, one Bank of America trader stated, “[w]e use WhatsApp all the time but we delete convos regularly.” The CFTC also found that “the head of a trading desk also routinely directed traders to delete messages on personal devices and to use Signal, including during the CFTC’s investigation.”
To address evolving messaging technology, the DOJ also recently issued guidance, including about the need for automatic disclosure and production of communications from third-party messaging applications during its investigations.
Phase 2: Investment Advisors
More recently, after settling with the traditional broker-dealers and banks, the SEC has sought to similarly expand the reach of its recordkeeping oversight and enforcement to non-broker-dealer advisers, such as hedge funds and private equity advisers. There has been at least one SEC settlement with investment adviser DWS Investment Management Americas, Inc. which agreed to pay $125 million for violating recordkeeping provisions of the Investment Advisers Act of 1940 and failing to reasonably supervise, prevent, and detect those violations. In addition, investment adviser group Edward Jones is cooperating with an SEC investigation regarding the “retention of electronic communications stored on personal devices or messaging platforms that have not been approved by Edward Jones for business use by its employees.”
But investment advisers arguably have different obligations than broker-dealers. While broker-dealers operate under the strict and prescriptive rules discussed above, investment advisers, including hedge funds and private equity, operate under relatively more lax controls. Specifically, Rule 204-2(a)(7) of the Investment Advisers Act requires preservation for at least five years of only certain types of communications, such as original communications relating to, among other things, any recommendations or advice to clients and certain client-specific transactional communications.
It comes as no surprise then that investment advisers and their advocates appear to be pushing back more forcefully than the broker-dealers. Ten trade associations joined forces to express concerns to SEC Chair Gary Gensler, alleging that the commission is overreaching its authority and engaging in rulemaking through enforcement actions. While they acknowledge a place for more prescriptive rules to ensure the preservation of instant messages, they simultaneously claim that other detailed requirements are intrusive and costly. Further, many investment advisers claim to have voluntarily adopted broader electronic communications policies, surpassing statutory requirements.
* * *
From the perspective of consumer groups that support the SEC’s recent actions, clear and stringent rules are essential for protecting customers’ interests and maintaining industry best practices, including for investment advisers.
While the use of more modern messaging apps offers various advantages—including enhanced privacy, security, and convenience for users—failure to maintain accurate records could severely impact the regulated financial services industry, including by enabling fraudulent or illegal activity that has the potential to harm investors and undermine market integrity.
Regardless, it is clear that U.S. regulators’ vigilance in addressing messaging non-compliance signals a firm commitment by regulators to reinforcing transparency and accountability throughout the entire financial market.