The rise of mobile messaging apps such as WhatsApp has been creating headaches for compliance officers for several years. The onset of the pandemic and widespread shift to remote working has made surveillance and monitoring even more acute. Homeworking means employers cannot “watch over” their employees. Behavioural clues for misconduct are difficult to detect remotely. There are many increased opportunities to use unauthorised communications channels raising risk across the financial services industry, especially as new forms of communication continue to emerge.
Home working also means those quick chats across the desk are no longer possible, encouraging employees to turn to instant messaging apps to stay in touch, which further increases the risk they will use unauthorised platforms WhatsApp, Telegram and now Clubhouse.
- We’ve been here before
Ever since the Libor manipulation scandal, instant messaging channels have been under increased scrutiny from regulators. The FCA and the SEC warned about the use of electronic communication channels as far back as 2017 and 2018. Lessons have not been learned—a number of bankers and traders have been fined, suspended or even lost their jobs in recent years for using WhatsApp and other unauthorised channels to communicate with colleagues on work-related matters. This perpetual misconduct heightens the need for risk managers to strengthen their electronic communications surveillance efforts to control the use of unauthorised channels and reduce the risk of damaging reputation and incurring financial losses.
- Risk factors increasing
Covid-19 changed the way organisations operate overnight, as offices closed, and employees began working from home. Against that backdrop, the use of electronic communications platforms has proliferated as employees attempt to remain connected with colleagues and clients. The FICC Markets Standards Board (FMSB) published a list of nine key risks that financial institutions must be vigilant of during extended periods of remote working. Risk managers should review whether they have the necessary controls in place to prevent a personal instant messaging platform from morphing into an emerging risk theme.
Are new unauthorised messaging platforms the next emerging risk?
- Fixing the gaps
Inappropriate communication channels fall under the FMSB’s nine key risks that financial institutions need to be vigilant of during extended periods of remote working. Because the use of unauthorised communications channels exposes financial institutions to employee misconduct that is difficult to audit, risk managers need to identify the gaps and inefficiencies in their controls to reduce those risks. Remediation ranges from simply ensuring all employees are aware of approved communications channels and the penalties for non-compliance, to increasing surveillance of communications platforms to monitor usage patterns.
- Mitigating the risks
Are the steps you’ve taken enough to reduce the risks of employees using unauthorised communications channels? Is there a control you have missed? Using peer-to-peer data insights to measure, manage and mitigate risks involving the use of WhatsApp and other emerging communication channels, you can refine your risk controls and protect your organisation from reputational damage.
Read Risk Intelligence
Looking to take your non-financial risk management to the next level and enhance your organisation’s operational resilience? Email firstname.lastname@example.org or call us on 020 3728 8585 to learn how to manage your next emerging risk.