Consumer Duty In Effect, $555mil Fines For Messaging Apps, FCA Supports New ESG Code & More | Latest Financial News Roundup

22nd August 2023 by Samuel Rossiter

Back to

Seems like summer is just flying by, and through all the heat and (sometimes) soggy rain, the financial industry and its regulators never stay quiet.  

Read on below to get up to date with everything that’s been happening in the regulatory world along with our (opinionated) views…  

1. SEC Collects Wall Street’s Private Messages As WhatsApp Probe Escalates

The SEC’s crackdown on unmonitored messaging app use in Wall Street continues as the regulator has now collected thousands of staff messages from more than a dozen major investment companies including Carlyle Group, Apollo Global Management, KKR & Co., TPG and Blackstone. According to sources, executives gave their personal phones and other devices to their employers or lawyers to be copied, and messages discussing business have been handed to the SEC.

There have been previous reports by the media that the SEC’s “off-channel” communication probe has expanded to investment advisers, but this move to review thousands of their staff messages has not previously been reported. It marks an escalation of the investigation and raises the stakes for the companies and the executives concerned by exposing their conduct to SEC scrutiny.

This probe also comes in contrast to the previous probe into broker-dealers, where the SEC asked companies to review staff messages and report on how many were used to discuss work. However, SEC staff only reviewed a sample of messages themselves.

Now, the SEC is targeting more than a dozen investment advisers, including senior employees, and asking to see messages on personal devices during the first half of 2021 that were used to discuss business.

Fingerprint’s Take 

The SEC has nowhere near finished their crackdown on unmonitored WhatsApp use in Wall Street, and this latest development is an interesting one. It seems as though thousands of messaging will be reviewed closely to see the extent to which investment advisers have used unapproved communication channels to discuss business and talk to clients over the past few years. And we know what that means in terms of more fines fines fines…

We do wonder where else this latest probe might go… more fines are in the air, but with such an extensive look into thousands of messages and activity, we wonder if there is more than just off-channel communication fines that are coming?

2. FCA’s New Consumer Duty Now In Effect

The FCA’s new Consumer Duty came into effect on the 31 July 2023, which sets higher and clearer standards of consumer protection across the financial services and requires firms to understand the outcomes that their consumers are receiving and put strategies in place to improve these outcomes.  

A key expectation of the Consumer Duty is for firms to collect data around their products and customer satisfaction to evidence the good (or bad) outcomes that their customers are receiving.  

As the FCA describes, the Consumer Duty brings a “paradigm shift in our expectations of firms in retail markets” and comes with “a stronger focus on customers’ interests and outcomes that goes beyond a narrow focus on compliance with the rules.” Firms “need to consider the Consumer Duty at every stage of its processes and at every level of its organisational structure.” 

The benefit to consumers comes from the “confidence that firms are acting in good faith, in line with their interests” so that they can “choose from a range of products and services that are fit for purpose… explicitly designed to meet the needs of their target market.”  

Here are some useful resources around Consumer Duty: 

Fingerprint’s Take 

Consumer Duty has been a buzz around the industry since it was announced by the FCA, and now firms across the retail market will be affected by its implementation and must understand and evidence the outcomes that their consumers are receiving.  

We’ll be very interested to see what this looks like practically for firms, and in particular how smaller firms with less resources will be able to monitor outcomes in comparison to bigger firms.  

If retail-focused firms are really interested in understanding how their consumers are using their products, then communication is key… and if you’d like to evidence just how well you’re communicating with your customers and understanding their needs, then a communications monitoring platform may just be what you need…  just a thought! 

3. Wells Fargo, BNP Paribas, Others to Pay $555 Million in Fines for Using Unnmonitored Messaging Apps 

Several financial firms in the U.S. including Wells Fargo, BNP Paribas, Bank of Montreal, Wedbush Securities and more have been fined a total of $555 million by the SEC and the Commodity Futures Trading Commission for using unmonitored messaging apps including Apple’s iMessage and WhatsApp to conduct business.  

Banks and brokerage firms are required to preserve and monitor their employees’ digital communications in the U.S. (just as is required in the U.K.), so that regulators can monitor activity to curb the risk of or detect financial crime, as well as enforce compliance with federal securities laws. The firms admitted that their employees, including senior employees, often communicated internally and externally through these unmonitored messaging apps to discuss business since late 2019.  

U.S. regulators have clamped down on record-keeping violations for unmonitored messaging apps and channels in the past year. In September last year, the SEC fined major Wall Street banks a total of $1.1 billion for using unmonitored messaging apps like WhatsApp to conduct business, and it seems like they won’t be slowing down anytime soon.  

Fingerprint’s Take  

We may sound like a broken record saying this – archiving and monitoring all communication channels which are used to conduct business including digital channels like WhatsApp, iMessage and Slack is a key regulatory requirement worldwide. It may seem impossible to do this effectively with limited resources, but using the right regulatory technology is the key to monitoring communications at scale in a simple and effective way.  

That technology exists! It’s here! Fingerprint, alongside multiple other vendors, have created technology platforms that support regulated businesses to monitor their digital communications, and it is well worth the investment and compliance cost in the face of these astounding fines which these regulators are clearly dishing out to make this a point of focus for all firms, big or small.  

Save yourself the stress and don’t wait to invest in this technology until AFTER they make an example out of you, because we’re quite sure there’s going to be more firms, more fines, and more news about this going forwards.  

4. Ofgem fines Morgan Stanley & Co. International plc (MSIP) over £5.4m for failure to record and retain electronic trading communications

Ofgem has fined Morgan Stanley £5.41mil for failing to record and retain electronic communications between January 2018 and March 2020. Communications were made by wholesale energy traders, and employees used WhatsApp on privately owned phones to discuss energy market transactions, despite Morgan & Stanley having policies in place that prohibited the use of WhatsApp for trading communications.

This is the first-ever fine issued in Great Britain under legal requirements to record and retain electronic communications relating to trading wholesale energy products.

These rules, which fall under the REMIT Enforcement Regulations, are designed to protect consumers and ensure market transparency and integrity by providing Ofgem the powers to investigate and sanction against market manipulation and insider trading.

Morgan & Stanley did not take sufficient steps to ensure compliance with its own policies against the use of WhatsApp and admitted to the breaches between 2018 and 2020. They are fully co-operating with Ofgem’s investigation and will take steps to ensure the breaches do not happen again, including enhancing staff training and strengthening its internal systems and controls.

Fingerprint’s Take  

We were right about more fines being issued for unmonitored electronic messaging use, but this is an interesting turn of events. This is breaking news in that it is the first EVER fine being issued in Great Britain for firms who deal with wholesale energy products around their legal requirements to record and retain electronic communications. 

Morgan Stanley has been in the news a fair bit around their unmonitored messaging use (and the resulting fines). They were fined $200 mil in 2022 by the SEC for the misuse of personal devices to conduct business, and internally they fined their bankers more than $1mil for breaching compliance rules and using WhatsApp and other apps at work.

Now, to be fined in their wholesale energy division… one key lesson from this is that regulators ACROSS industries are taking note of electronic messaging use. It is not just the FCA and SEC that firms must be worried about. Any financial firm that also trades or invests in energy must look at their business and understand the communication compliance requirements they have from Ofgem, the FCA, the SEC, and any other regulator they trade under.

We understand that compliance and communications monitoring is complex, but as we mentioned, there is RegTech out there designed to make the complex simple

5. FCA Welcomes Consultation On A New Code Of Conduct for Environmental, Social and Governance Data and Ratings Providers 

The FCA recently welcomed a launch of a voluntary Code of Conduct for ESG (Environmental, Social and Governance) ratings and data product providers which is now open for consultation until 5 October 2023. The code will then be updated and finalised by the end of 2023. 

The Code of Conduct, which is the first of its kind, is launched by the ESG Data and Ratings Code of Conduct Working Group (DRWG) and supported by the International Capital Market Association (ICMA) and the International Regulatory Strategy Group (IRSG).   

The code aims to enhance consistency, transparency and accountability in the financial services industry to ensure that the market is able to have confidence in the integrity of ESG Ratings and Data products through enhanced systems, processes and controls.  

The Code of Conduct sets out key best practice principles for:  

  1. Good governance – ESG ratings and data products providers ensure appropriate governance arrangements are in place including transparency and conflict management. 
  2. Systems and controls – implementing written policies and procedures to ensure a high quality of products, consistency and effective engagement practices. 
  3. Conflicts of interest – ESG ratings and data products providers manage activities that may compromise the independence and objectivity of ratings and operations. 
  4. Transparency – establishing adequate levels of public disclosure and transparency as a priority for ESG ratings and data products, including methodologies and processes.  

Fingerprint’s Take  

We wondered if the FCA was going to publish official guidance for firms to better manage non-financial misconduct and governance. Support for an official Code of Conduct for ESG ratings and data providers may be the first step towards putting internal governance as a point of focus for firms across the industry.  

However, it is one thing to support a Code of Conduct for ESG ratings and data providers, and another thing to publish official guidance that applies to regulated firms across the industry, then make examples out of those who don’t follow it.  

Still, we have hope that this FCA will make this an official point of focus, and we’ll be keeping our ears open as the year progresses… 


So there you have it! We hope you enjoyed our latest financial industry regulatory news roundup. 

As always, keep an eye on our blog for more industry updates and opinion pieces. And, if you’d like to find out how we can support your firm to do compliance and communications oversight really well, then get in touch. 


Related posts