Employee social media communications leave financial institutions at risk, even as U.S. regulators threaten fines, results of a study from compliance services provider Shield and business communications firm LeapXpert show.
Only 51% of institutions monitor employee communications over WhatsApp. Even fewer watch SMS, iMessage, LINE, WeChat, Telegram, and Signal traffic.
What compliance officers promise and what companies allow them to do are two different things. Essentially all compliance officers surveyed plan to monitor WhatsApp and their kin by the end of this year. Yet 73% of financial institutions are unconfident in their ability to enforce bans on mobile communications over unapproved channels.
In September 2022, the Securities and Exchange Commission found that from 2018 to 2021, employees of many leading banks did business in off-channel platforms. More than one dozen firms have been fined $2 billion for those indiscretions in the past 18 months alone.
Those fines are not even the biggest headache for compliance professionals. Regulatory audits were cited by 64%, with fines mentioned by 34%. Others listed were internal audits (32%), reputation damage (28%), and losing business data (27%).
Surprisingly, the EU is actually behind the U.S. in monitoring WhatsApp. More than half, 57% of U.S. companies watch the channel, with only 44% of EU compliance officers doing the same.
Looking ahead, expect changes in corporate mobile device policies. While 53% issue them today, that is predicted to grow to 66% by the end of 2024.
Look for most popular channels to be stringently monitored, and soon. Only 29% of respondents said they observed WhatsApp, SMS, iMessage, LINE, WeChat, Telegram, and Signal, which will accelerate to 90% by the end of this year.
“When the massive SEC fines were issued, it seemed imminent that widespread changes across the industry would occur,” said Shield co-founder and chief business officer Eran Noam. “Our report shows that this has not happened. While data capture, monitoring, and user experience challenges are real, confidence in banning policies is low.
“Technology gives companies the option to monitor these channels rather than simply implementing policy bans, which don’t provide full coverage. This is where the Shield and LeapXpert partnership comes into play. LeapXpert offers compliant, governed and secure communications on messaging and voice channels, while Shield offers multi-layered AI surveillance to manage and mitigate communications compliance risks.”
“The surge in demand for comprehensive compliance solutions in 2023 reflects a clear realization among financial institutions that closing compliance gaps is imperative,” added Avi Pardo, co-founder and CBO at LeapXpert. “From installing messaging capture solutions to seeking robust governance controls, organizations are now determined to transform all popular messaging apps used by their team members into approved and compliant channels. As regulatory scrutiny intensifies, companies understand the need for decisive action and solutions that help minimize risk by ensuring messaging compliance.”
The survey was conducted in April by Global Surveyz. It examined financial compliance departments’ challenges in capturing and surveilling unmonitored communication channels, the effectiveness of banning these communications, which channels are the most concerning, and financial organizations’ plans to regulate employees. A total of 200 people were surveyed, with 100 each in the United States and Europe.