Wall Street Fined $1.1b, FCA Questions WhatsApp Use, Mark Steward Steps Down From FCA & More | Latest Financial News Roundup

11th November 2022 by Brielle Hewitt

Back to

There’s been a lot of news this month across the financial industry across both the U.K. and the U.S. You’re busy, we get it, so here’s our short round-up of the latest regulatory news (and our unsolicited views 😉).

U.S. Regulatory News

1. The SEC Charges 16 Wall Street Firms a total of $1.1 billion for failure to maintain and preserve electronic communications

The firms fined cover all of the major players, who have agreed to pay penalties of $125 million each including Barclays, Citigroup, Bank of America, Credit Suisse, Deutsche Bank, Goldman Sachs, Morgan Stanley and UBS.

From January 2018 to September 2021 (yes, you read that right – three years, unchecked), employees from all of these firms used text messaging applications on their personal devices to talk about business matters, none of which was monitored or archived for risk and compliance. Employees “at multiple levels of authority, including supervisors and senior executives” took part in the action, and the SEC investigation covered personnel including senior and junior investment bankers, and debt and equity traders.

“Today’s actions – both in terms of the firms involved and the size of the penalties ordered – underscore the importance of record keeping requirements: they’re sacrosanct. If there are allegations of wrongdoing or misconduct, we must be able to examine a firm’s books and records to determine what happened,” said Gurbir S. Grewal, Director of the SEC’s Division of Enforcement.

“These actions deliver a straightforward message to registrants: You are expected to abide by the Commission’s record keeping rules,” said Sanjay Wadhwa, Deputy Director of Enforcement.

“The time is now to bolster your record retention processes and to fix issues that could result in similar future misconduct by firm personnel.”

Fingerprint’s take

Sometimes we feel like a broken record, but clearly, this is a subject matter we, and more importantly the SEC feels strongly about – financial firms need to ensure that every communication channel that their employees use to conduct business are recorded and monitored (or banned from use if they can’t be recorded and monitored) to mitigate risk, ensure regulatory compliance and mostly importantly, that if asked, you can present this data and the evidence of monitoring of this data to the regulator.

The industry as a whole has had three years to get their operations in order to accommodate remote working and new ways of conducting business. And, as the dates above show, regulated people have been conducting business via WhatsApp well before the pandemic. For reasons unknown, regulators globally are now coming down hard on firms for the use of non recorded communications channels, and are not afraid to make examples out of the big players. However, don’t think that being a small player (or a player of any size!) exempts you from their gaze either.

If your employees want to do business on WhatsApp, great! There are so many technology solutions out there now, that can allow WhatsApp to be a legitimate communication channel (ours included).

Investing in data retention/ archiving, supervision and compliance technology to allow your employees to do business as they and their clients wish, in a risk managed and compliant way is absolutely possible.

If, you are willing to invest in these technologies.

If not, then ban use of it as part of your compliance policy and hold those that these policies apply to accountable. It could potentially save your business a lot of money in fines, and save a whole lot of unnecessary scrutiny.


2. SEC scrutiny into Wall Street communications shifts to investment funds (according to sources)

According to sources, the SEC’s scrutiny into Wall Street and their monitoring of work-related communications on personal devices and apps has extended beyond broker-dealers and into investment funds and advisers.

The SEC’s investigation which lead to a total of $1.1 billion of fines handed out to all the major players (mentioned above) primarily targeted broker-dealers rather than asset managers. But according to sources, the SEC’s enforcement unit has now sent inquiries to several funds and advisers asking for information about their protocols for ‘off-channel’ business communications, and the regulator has asked them to produce documents on their policies related to the use of devices and platforms.

There is no news of a formal probe yet by the SEC specifically into funds and advisers, but sweeps like this may lead to formal probes. So stay tuned for Fingerprint’s future industry updates, because we may see a major round of fines being handed out once more…

Fingerprint’s take

So the SEC has gone through Wall Streets broker-dealers, and now investment funds are the next ones to be under the microscope. Not trying to foreshadow anything here, but it does seem like the SEC is on the war path, and will make its way down the street, exposing and fining all those firms that have not been doing the right thing by the regulator’s standards along the way. Only time will tell…

Did you know? We recently expanded into the U.S. and now have an office in New York. We’re here to help firms of all shapes and sizes do compliance oversight and risk management really well with our technology solutions. Speak to our man on the ground, Mark Princiotto to find out how we can help your firm.


3. Costs of financial crime compliance in the U.S. an estimated $56.7 billion

According to a new study, the cost of financial crime compliance in North America for 2022 is an estimated $56.7 billion, up 13.6% from 2021.

These compliance costs have continued to increase compared to pre-pandemic levels, but may soon be levelling off. In particular, the Anti-Money Laundering Act of 2020 has affected larger U.S. financial firms and their compliance costs.

U.S. financial institutions are increasingly exposed to crimes involving digital payments, proceeds of trafficking and trade-based money laundering schemes. Key compliance challenges include regulatory reporting, customer risk profiling and digital identity verification.

Fingerprint’s take

Doing compliance well costs – end of. But doing compliance poorly can cost even more. Big fines, damage to business and personal reputation, loss of business, or even being completely struck off from being able to conduct regulated business.

Many regulated firms are investing in ‘Regtech’ or compliance technologies to ensure they are doing compliance and risk management well.

We are biased, but technology, is the answer. Technology is always the answer!

Many compliance tasks are typically repetitive, time draining, and require the use of several employees to manage disjointed systems which require training to handle. Automating all of these processes and putting everything you need into a unified technology stack, that integrates across your specialist compliance software platform, will go a long way in cutting compliance costs, and ensures that compliance professionals are making the most of their skills, supported by the right tools.


U.K. Financial News

1. Mark Steward to step down from the FCA

After seven years of working under the FCA, Mark Steward has announced that he’ll be stepping down as the FCA’s executive of Enforcement and Market Oversight in Spring 2023.

Mark has led the delivery of some of the most complex and high-profile enforcement cases in his seven years with the regulator, and was a significant part of developing the FCA’s data-led approach to market oversight.

Nikhil Rathi, Chief Executive of the FCA, said:

“Mark has brought his formidable experience as a regulator and as a litigator to the FCA delivering significant enforcement cases across a broad spectrum, as well as the FCA’s data-led approach to market oversight.

That enormous contribution is a result of Mark’s abiding belief in fairness, that markets must be clean if the economy is to thrive and in doing the right thing on behalf of consumers. He has shown that the FCA is willing to take on challenging cases, will use the full extent of its powers and will deliver results that have a real impact for the markets we oversee and for those who rely on them.”

Mark Steward added:

“It has been a privilege to serve the FCA throughout many challenges over the last seven years and, as I move on, to leave behind such a strong team for the future.”

Fingerprint’s take

A VERY significant piece of news for the industry, and a changing of the guard as Steward moves on. Mark was pivotal in moving the organisation towards a data-led approach to market oversight which has seen the regulator reap the rewards, giving it a better and more precise understanding of the markets (and who within it isn’t following the FCA’s proper guidance) leading investigations to where they need to be, and helping keep the markets clean.

Still, nothing is black and white, and it’s interesting to see how Steward’s tenure has increased the number of FCA cases, but has also increased the time the FCA takes to complete them. Figures have shown that for the year ending 31 March 2015, the FCA had 226 open enforcement cases, and it took on average 18.5 months to complete an average case length. Compare that to the end of the 2021/22 financial year, where there were 603 open enforcement cases, and it took on average 33 months to complete a regulatory investigation.

That aside, the global search for Steward’s successor will start shortly, and we’re left wondering who will throw their hat in the ring…


2. FCA questions banks over WhatsApp use

Deutsche Bank, Citigroup, JP Morgan and Nomura are among the firms that have been hit with information requests by the FCA over the frequency and content of WhatsApp use by their staff.

This has come off the back of the SEC’s actions in the U.S. (as mentioned above), fining 16 banks a total of $1.1 billion, after staff were found to be using private apps which were not monitored to discuss deals.

“We are actively discussing personal device use with a range of UK authorised firms, not limited to those who may have been subjected to other regulatory enquiries,” a spokesperson from the FCA said.

It is understood that the FCA’s actions are ‘supervisory’ at this stage, and they are still deciding whether to launch a full probe into the firms.

Fingerprint’s take

Well, this is becoming a familiar theme! We’re sure there are a few major players out there who are scrambling off the back of the SEC’s actions in the U.S.

It will be interesting to see if this leads to a full probe by the FCA, but by the looks of it, we wouldn’t be surprised to see even more firms getting fined into the millions (or even billions) in 2023.


3. FCA fines Sigma Broking Limited £530,000 and bans and fines its former directors following market abuse reporting failures

Sigma Broking Ltd has been fined £531,000 for failing to make reports which were crucial in fighting potential market abuse, and their three directors have been fined over £200,000.

Between December 2014 and August 2016, Sigma did not report or failed to accurately report an astonishing 56,000 contracts for difference (CFD) to the FCA, and also failed to identify 97 suspicious transactions or orders to the FCA.

Many of Sigma’s failures to make reports and detect market abuse risk came from their board of directors, which led to the FCA issuing prohibitions against two of Sigma’s directors – Simon Tyson and Stephen Tomlin. This prevents them from holding significant management functions in firms regulated by the FCA in the future.

Mark Steward, Executive Director of Enforcement and Market Oversight, said:

“Accurate transaction reporting and effective surveillance are crucial tools in identifying dodgy dealing that undermines clean markets. These bans and the scale of the fines we have imposed demonstrate our determination to ensure firms – and those who lead them – meet the reporting standards we expect.”

We recommend reading the final notice issued to Sigma Broking by the FCA for a full rundown of the Sigma Broking ruling. Here are some of the key points:

  • There was no formal written procedure or policy in place regarding the escalation or consideration of STRs/STORs from the CFD desk.
  • During the Relevant Period, Sigma did not monitor any telephone conversations, contrary to its own compliance policy.
  • There were no formal written policies in place prohibiting the use of unrecorded devices to take instructions from Sigma’s customers.
  • As a result, on occasion, brokers on the CFD desk were using encrypted chat apps on their personal mobile devices to communicate with, and take orders from clients without the knowledge of, or approval from SIGMA’s compliance department.
  • During the Relevant Period, there was confusion about who was responsible for post-trade surveillance to identify potentially suspicious trading activity including market abuse. In practice, nobody was performing this role.
  • Sigma’s reliance on manual oversight of its CFD trading, without the benefit of proper analysis or case management tools, hindered its ability to capture types of suspicious activity and to identify patterns effectively.

Fingerprint’s take

*Sigh* – Have the right policies in place, hold the people accountable that these policies relate to, have the right systems and controls in place to manage your risk and compliance.

Do all of the above, and you’re pretty set for staying on the right side of the regulator.

We don’t mean to oversimplify things, but this stuff can be so easily preventable. There are an abundant amount of solutions out there to help your business do compliance and risk management really well. Yes, you have to spend a bit of money on it – but surely it’s better being the success story, rather than the one being published in the news for fines, misconduct and financial crime.


So there you have it! We hope you enjoyed our latest financial industry regulatory news roundup.

As always, keep an eye on our blog for more industry updates and opinion pieces. And, if you’d like to find out how we can support your firm to do compliance and communications oversight (really) well, get in touch.


Related posts