This week, we consider the long-term compliance, regulatory risk, and information management requirements of using quick communication methods and highlight what companies should do to protect themselves. Next, we explore three considerations for managing communications compliance that allow companies to build trust with clients while mitigating risk. Finally, we learn the importance of establishing effective compliance programs and retention policies and procedures that specifically include ephemeral messaging.
Legal department leaders have identified regulatory compliance as a top strategic priority due to evolving regulations related to ESG, data privacy, cybersecurity, and more decentralized teams. Legal teams have a broader range of information to consider, making compliance increasingly complex. Information governance policies and practices must be addressed thoroughly as organizations generate as much as 7.5 septillion gigabytes of data per day, growing by 23% each year. Organizations must have a plan and standard operating procedures for employees using messaging apps, which can be subject to discovery in the case of litigation. In-house legal teams should review their organization’s communication methods and information management policies to prepare for potential litigation.
The use of ephemeral messaging apps by corporations is becoming more widespread globally, offering cost savings and speedy communication. However, concerns have arisen about how this technology affects data preservation, employee monitoring, and compliance obligations. Regulators in the US, EU, UK, and Hong Kong have focused on controls around the use of these apps. The DOJ and SEC have recently announced they will make such messaging a focus of their regulatory efforts. The EU has noted that encryption, typically used in ephemeral messaging, protects data privacy and confidentiality, while global regulators have reservations about the impact of such communications on investigative access. Companies are urged to undertake a global assessment of the risks of ephemeral messaging practices.
The phrase “The customer is always right” has guided businesses to prioritize customer needs, but it can become dangerous regarding communications compliance. Financial service providers must balance their clients’ desire for quick, easy mobile communication with strict data security and confidentiality regulations. To strike a balance, financial institutions should provide secure and compliant mobile communication options and be transparent about security measures. They can also use compliance technology to prevent non-compliant communications, track and analyze internal and client-facing communications, and conduct a gap analysis to identify blind spots in compliance programs. By doing so, financial service providers can build trust with their clients while protecting themselves from risk.