Financial Institutions Struggle to Enforce Compliant Electronic Communications Policies

Despite a decrease of 15% year-over-year (YoY), WhatsApp bans prevail as the most-commonly used solution (43%) to marshal internal business communications, according to a new report from Global Relay.

Alex Viall

“Asset managers, broker-dealers, and investment banks are all grappling with the WhatsApp conundrum,” said Alex Viall, Chief Strategy Officer for Global Relay.

The second annual Industry Insights Report: Compliant Communication 2024 also revealed that four out of five firms (79%) are increasingly using communication surveillance technology to identify misconduct and culture risk.

The global survey examines how compliance, surveillance, and risk leaders in financial services are responding to intensified regulatory scrutiny surrounding recordkeeping and compliant communications, charting attitudes to WhatsApp, social media risks, monitoring and surveillance, sentiment around AI, and what the future might hold for compliance. 

Despite many firms noting that they ban the use of WhatsApp at work to mitigate the risk of non-compliant off-channel communications, only 50% of respondents said they thought that channel bans would withstand regulatory scrutiny.

Since the publication of last year’s global Industry Insights Report, U.S. regulators have continued to issue significant fines to firms that “did not maintain or preserve the substantial majority of these off-channel communications,” with three tranches of enforcements totalling nearly $450 million, most recently in February with the SEC’s $81 million in penalties against 16 firms.

Global Relay’s report also revealed that more firms – up 4% YoY – around the globe are facing difficulty getting staff to comply with rules around electronic communication channels, with nearly two-thirds (65%) citing this issue as part of their ongoing challenge around off-channel communications risk. 

Financial services firms are making progress toward monitoring business communications with significantly fewer respondents having difficulty monitoring all communication channels, down to 24% from 54% last year.

“Financial institutions are reacting in response to the substantial regulatory penalties,” commented Viall.

“They have got the message and are implementing strategic compliant solutions that ensure the capture, storage, and monitoring of all essential business communication channels. This is no easy task,” he said.

Viall further said that compliance and risk officers are more aware that banning social media channels and forbidding the use of personal mobile devices are impractical measures that are difficult to enforce.

“Many are still in the planning phase but all are tackling this and prepared to show stakeholders and regulators how they best plan to manage off-channel communications,” he said.

Contrary to industry perception, the report revealed the number of financial institutions using Bring Your Own Device (BYOD) policies has ballooned from 36% in 2023 to 53% in 2024.

Considering continued enforcement for personal device usage, 45% of respondents have looked to clarify their BYOD policies, with 17% moving away from BYOD altogether.

Respondents reported general uncertainty about AI in financial compliance, including whether it is a risk (17%), reward (10%) or both (32%).

Despite this caution, 42% of global respondents said they would be looking to introduce AI to compliance workflows in the next 12 months, with 57% saying that they would not be.

Leaders at North America firms demonstrated reticence compared to their European and Global counterparts, with 65% of North American firms noting they do not have plans to introduce AI within the next year.