How returning to offering ‘work phones’ could help avoid billion-pound fines

Source

Corporate communications have been placed under a microscope with regulatory scrutiny of off-channel communications at an all-time high.

This comes following the U.S. Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) concluded an industry probe, fining a total of $1.8bn to top city firms in 2022 due to misuse of WhatsApp to discuss sensitive information.

Despite being one of the largest collective resolutions in US regulatory history, it failed to curb this apparent epidemic of non-compliance.

Earlier this year, a fresh group of Wall Street firms settled to pay more than $81 million in civil penalties to charges of record-keeping failures, adding to the now more than $2.5 billion in fines inflicted for similar offenses in the US.

Uncovering routine non-compliance and failure from businesses to effectively monitor their employees has triggered a new wave of regulators to launch investigations of their own. The UK’s FCA has recently stated it wants to ensure ‘effective policies’ from firms are in place to monitor communication between staff.

“As watchdogs are doubling down on poor management with hefty fines, a proactive approach from risk managers is needed now more than ever.”

For the regulators, cracking down on poor monitoring is about more than just compliance. It is about ensuring any subsequent investigations can be undertaken thoroughly, and that firms themselves are able to identify and address employee misbehaviour if and when they occur.

Record-keeping of activity has always been deemed an obligation for firms. However, this task is being complicated by a working landscape that increasingly blurs the lines between personal and professional life.

As watchdogs are doubling down on poor management with hefty fines, a proactive approach from risk managers is needed now more than ever.

A new era of communication compliance risk

Compliance concerns in this new era of communication risk has the corporate world witnessing a significant shift back to the provision of the ‘work phone’, reversing the trend of Bring Your Own Device (BYOD) policies seen in the past few years.

Companies are now obtaining mobile phones en masse to implement more active monitoring of their employees and stop off-channel communications.

“Off-channel communications” means any form of work-related communication sent or received on a device or app that has not been authorised by the company.

“It is vital that firms approach this challenge by considering how well they can identify and address misconduct and risks”

A ‘work phone’ renaissance offers firms the ability to have greater control over their compliance risk. However, new tools and communication apps are developed every day.

Although regulators are targeting off-channel communications for fines for non-compliance on encrypted messaging apps like WhatsApp, it is unlikely that they will provide specific guidance on device or app usage.

The result is that companies struggle to certify that they are complying with a changing regulatory landscape as they lack the tools to effectively monitor and evaluate their own communications data.

There’s no all-encompassing solution to stopping employee use of unapproved communication channels. But it is vital that firms approach this challenge by considering how well they can identify and address misconduct and risks before it becomes an issue.

Turning off-channel on

The return of the work phone is a step in the right direction for companies taking back agency over their communications channels.

However, to ensure compliance, firms must remain vigilant in adhering to regulations through implementing robust monitoring networks.

For companies that issue mobile devices, further surveillance systems can be overlayed that utilise AI-powered solutions for monitoring.

These can meet regulatory obligations and identify and manage risks, in addition to managing the scale and flexibility of communications data across messaging applications like WhatsApp, WeChat, Signal and Telegram, and corporate collaboration channels like Microsoft Teams, Zoom and Slack.

“The return of the work phone is a step in the right direction for companies taking back agency over their communications channels.”

Moreover, these monitoring systems are even capable of detecting gaps in communication that could indicate off-channel conversations.

With effective communication monitoring and record keeping in place, firms will be able to effectively respond should any additional investigations, either internal or external, take place.

Although providing employees their own mobile devises and implementing such a monitoring system could be deemed an expensive endeavour to undertake, they are measure that ensures regulations can be adhered to, and billion-pound fines are avoided.