WhatsApp – Don’t Ban It, Scan It 

By Oliver Blower, CEO, VoxSmart 

Oliver Blower

When the news came out last month that the SEC had executed on its long-running threat to impose almost $2billion in fines on eleven Wall Street giants, I can’t say that it came as a surprise. JP Morgan was the first to face such a fine in December last year, and ever since there has been a constant rumbling that a wave of fines was approaching.

Inappropriate use of WhatsApp has been at the centre of several banking scandals this year, including being widely reported as the reason that a few senior executives at both Credit Suisse and HSBC lost their jobs. In reality, though, this story doesn’t start with JP Morgan’s $200 million fine in December 2021 – it starts way back in 2016, when WhatsApp first came to prominence as the communication platform of choice in global energy markets. Ever since then, it has only grown in popularity and has become more and more interwoven with the communication ecosystem of most global financial markets.  

Although it has been the titans of Wall Street that have taken the flak this time around, the fallout is going to be felt by a lot more firms – including mid-tier banks, asset managers, and a host of other market participants who have regulatory recordkeeping and monitoring requirements. And whilst the SEC has got the headlines, and the cash, this time around, regulators around the world will have been closely watching this story unfold as sure as night follows day. Not only are they likely to follow suit soon, but given the value of the fines that can be extracted for these discretions, they are sure to cast the net far and wide. This is an issue for the entire industry, as the regulatory requirements are the same for all investment banks when it comes to exacting comprehensive surveillance and risk management of staff communications.  

This all comes at a time when the markets are contracting and there is high volatility across a range of markets. Not only is it a less than ideal time to receive multi-million dollar fines, which are extremely avoidable if addressed appropriately, but with extreme volatility comes a higher risk of market abuse. Anyone who has worked in investment banks will be able to attest to the fact that historically, the industry has generally not pumped the appropriate level of investment into the less sexy areas of the bank when compared to the resources directed towards the front office. Investing in technology to aid in risk mitigation or elimination would certainly fall into the former category. In terms of the bottom line though, these fines have demonstrated this to be an error in judgement.  

In today’s fast-paced, technology-driven trading environment, the reality is WhatsApp will continue to be used by staff and clients. With so much flexibility in how people now live their lives, a bank’s client dictates the way they want to communicate. And the majority of clients now prefer to use instant messaging applications such as WhatsApp as they integrate easily with their lives. As firms vie for more accounts and quality relationships in an increasingly competitive landscape, being able to communicate with clients in the way that makes life easiest is now a commercial necessity. You need to encourage an environment where traders are using safe work devices to communicate, rather than driving them to turn to personal devices to preserve relationships through WhatsApp or other social messaging apps. Reasonable observers don’t see the use of these apps or any apps declining, only increasing.  

The phrase ‘communications surveillance’ is viewed by traders with suspicion – I can attest to this from my time running a derivatives trading desk at a major investment bank. There has historically been an attitude that it is there as a means to an end – to weed out any bad actors and cover the backs of those in the hot seats. But that is an entirely negative way of looking at what this technology is in place for. In actual fact, it is a way of protecting good people working within the confines of the law, who simply want to be more flexible in the way they handle and maintain client relationships. There is tremendous benefit to staff when financial institutions pursue a proactive form of compliance. 

Recently, the SEC has stated that applications such as WhatsApp may need to be banned outright in favour of more official channels. This seems misguided for many reasons, not the least of which being the fact that it is overlooking the Libor rigging scandal occurred over Bloomberg chat. The answer is not, has never been, nor will be for financial institutions to impose an outright ban on messaging apps including WhatsApp. It is still a number one form of communication between investment banks and their clients. Attempting to change an entire generation’s communication behaviour is not a feasible way of tackling this issue – it is instead up to banks to adapt their approach to risk management to cater for the modern ways of doing business.  

Ultimately, the key to ensuring effective risk management cannot be to throw down a blanket ban on social messaging applications. The moment has passed for that – they are already deeply engrained in the way that modern business is conducted. The solution must be to put a greater emphasis on effective supervision and risk management practices and tackle this issue head on. If the industry persists in sweeping WhatsApp under the rug, the regulators could pull the rug out from under them.