Employee communications — and how well banks monitor them — have made headlines twice since markets closed Dec. 10.
First, JPMorgan Chase could pay around $200 million before the end of the year to settle a probe by the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) over lapses in communications monitoring, Bloomberg reported Friday.
There’s no guarantee a settlement will be reached, JPMorgan has said. But if one arises, it will shed light on the bank’s directive in June that traders, bankers, financial advisers and some branch employees review text messages that were made on personal devices — including on platforms such as WhatsApp and WeChat — and save any work-related ones from as early as 2018 until JPMorgan’s legal department tells them otherwise.
At the time, the bank, in an internal notice, warned of "consequences" if employees failed to comply, according to Bloomberg.
Since then, JPMorgan has given updates on the probe in SEC filings at least twice. The bank said in August it was "engaged in certain resolution discussions" with regulators "concerning its compliance with records preservation requirements in connection with business communications sent over electronic messaging channels that have not been approved by the Firm." A filing last month contained the same language but described the discussions as "advanced."
JPMorgan’s bankers have installed the call-recording app Movius on their work phones. Bank employees also must regularly attest they will not use messaging apps for work material.
But questions emerged, as the COVID-19 pandemic pushed more employees to work remotely, regarding how companies would stay in compliance with regulations governing the keeping of recordings made using other forms of communication. The SEC’s inspections unit has issued an alert prodding companies to consider strengthening their record-keeping efforts.
Banks often review the conversations employees make via phone, email and instant message and keep records in case accusations of illegal activity such as fraud or insider trading arise. But mobile apps that encrypt messages from end to end have proved problematic.
JPMorgan, however, has proved willing to follow through on "consequences." In January 2020, before the pandemic began, it put a senior credit trader, Edward Koo, on leave — then later fired him — in reviewing whether he broke the bank’s code of conduct by using WhatsApp group chats to discuss market chatter with other trading employees. In the same case, the bank also cut the bonuses of a dozen other employees.
JPMorgan isn’t the only bank to tighten its communications policy. Credit Suisse is also asking its employees for access to their personal devices if they’re used to communicate with clients or co-workers, the Financial Times reported Saturday.
The bank does not provide its U.S.- or Europe-based bankers with a corporate mobile phone but rather offers workers a discount through an approved telecommunications provider. Internal policy allows Credit Suisse to access, monitor or review any phone covered by the bank’s corporate plan.
Credit Suisse may inspect a non-approved phone if it is used to make "logistical" communications such as arranging a meeting with a client, the Financial Times reported, citing people familiar with the policy. Bank employees are also expected not to delete potentially relevant messages from their personal phones.
JPMorgan, for one, doesn’t typically read the messages unless it has cause. Credit Suisse’s policy likewise indicates it would access a private device only for purposes it has specifically laid out. The bank, however, did give its employees a deadline to acknowledge the policy, according to the Financial Times.
Credit Suisse declined to comment to the publication. Similarly, JPMorgan and the CFTC declined to comment regarding a potential settlement. The SEC didn’t immediately reply to Bloomberg on the matter.
If JPMorgan’s spoofing penalty last year is any indicator of a timeline, a settlement between regulators and the bank could come quickly. The $920 million settlement in the 2020 case dropped less than a week after anonymous sources told several news outlets the bank was preparing to pay nearly $1 billion in penalties.
In the communications monitoring case, however, SEC commissioners have yet to vote on resolving the matter, one of Bloomberg’s sources said.