Fairwords Weekly: More Off-Channel Communication Penalties, Proactive Compliance, and Technology Governance
May 18, 2023
“When risk-based, properly conceived, and well-implemented, compliance controls become second nature, invisible yet invaluable.”
– Jessica Sanderson, Partner, The Volkov Law Group
This week, learn how three more institutions have been fined for failing to preserve electronic communications and using off-channel communications platforms. Consider why it’s vital to get proactive about compliance programs. Finally, explore how tech trends shape technology governance at the board level.
The Securities and Exchange Commission (SEC) has charged HSBC Securities and Scotia Capital for violating recordkeeping provisions of federal securities laws by failing to maintain and preserve electronic communications, leading to penalties of $15 million and $7.5 million. Both firms admitted to using off-channel communications and messaging platforms like WhatsApp on personal devices for securities business matters. The SEC emphasized the importance of complying with recordkeeping requirements and commended both firms for self-reporting and self-remediating the violations. The CFTC also settled charges against HSBC entities, resulting in a $30 million penalty for recordkeeping and supervision failures.
The author reflects on the importance of compliance programs and compares them to seat belts in cars. Compliance controls, when well-implemented, become second nature and invaluable, just like buckling up. The author emphasizes that as companies grow and face risks such as theft, fraud, or corruption, proactive measures, and strong internal controls are necessary to survive potential “crashes.” They discuss the challenges of proving innocence when facing whistleblower allegations and highlight the significance of proper compliance procedures and evidence of transparency and oversight to mitigate doubt. Without these controls, trust is compromised, and the consequences are more severe. The author concludes by urging readers to prioritize compliance for a smoother journey.
In the digital age, board members face complex decisions regarding technology governance. A holistic approach is needed to navigate this complexity, focusing on the business use case rather than novelty. Deloitte’s Tech Trends 2023 report identifies six macro-level forces driving technology innovation: interaction, information, computation, technology, cyber and trust, and core modernization. These forces offer guideposts for understanding stakeholder expectations. Boards must prioritize technology and enterprise matters, considering broader perspectives beyond specific platforms or trends. Proactive technology governance strategies have been linked to performance, making technology trends an essential agenda item.
Robinhood Markets Inc. is under investigation by regulators for potential non-compliance with recordkeeping requirements, particularly regarding employees’ use of “off-channel communications.” The SEC and Financial Industry Regulatory Authority (FINRA) enforcement divisions are conducting probes, and the SEC is also examining trade reporting compliance related to securities lending and fractional share trading. Last year, regulators settled with major banks over unauthorized messaging app communications.