Global Relay, the leading provider of electronic communication compliance and archiving solutions, released its second annual Industry Insights Report: Compliant Communication 2024, discovering that despite a decrease of 15% year-over-year (YoY), WhatsApp bans prevail as the most-commonly used solution (43%) to marshal internal business communications. The report also revealed that four out of five firms (79%) are increasingly using communication surveillance technology to identify misconduct and culture risk.

The global survey examines how compliance, surveillance, and risk leaders in financial services are responding to intensified regulatory scrutiny surrounding recordkeeping and compliant communications, charting attitudes to WhatsApp, social media risks, monitoring and surveillance, sentiment around AI, and what the future might hold for compliance. Despite many firms noting that they ban the use of WhatsApp at work to mitigate the risk of non-compliant off-channel communications, only 50% of respondents said they thought that channel bans would withstand regulatory scrutiny.

“Asset managers, broker-dealers, and investment banks are all grappling with the WhatsApp conundrum,” said Alex Viall, Chief Strategy Officer for Global Relay. “We engineered Global Relay’s unified platform to help institutions adapt to the fast-evolving business communications recordkeeping environment. It’s significant progress that compliance solutions are more road-worthy than during the initial panic when the US Securities and Exchange Commission and Commodity Futures Trading Commission started their rolling enforcements. Many firms know they ultimately will have to enable this type of communication to stay competitive. We have worked hard to understand firms’ communications compliance needs and craft technology that addresses them.”

Since the publication of last year’s global Industry Insights Report, U.S. regulators have continued to issue significant fines to firms that “did not maintain or preserve the substantial majority of these off-channel communications,” with three tranches of enforcements totalling nearly $450 million, most recently in February with the SEC’s $81 million in penalties against 16 firms.

Majority of firms encounter difficulty getting staff to comply with communication rules

Global Relay’s report also revealed that more firms – up 4% YoY – around the globe are facing difficulty getting staff to comply with rules around electronic communication channels, with nearly two-thirds (65%) citing this issue as part of their ongoing challenge around off-channel communications risk.  Financial services firms are making progress toward monitoring business communications with significantly fewer respondents having difficulty monitoring all communication channels, down to 24% from 54% last year.

“Financial institutions are reacting in response to the substantial regulatory penalties,” continued Viall. “They have got the message and are implementing strategic compliant solutions that ensure the capture, storage, and monitoring of all essential business communication channels. This is no easy task. Compliance and risk officers are more aware that banning social media channels and forbidding the use of personal mobile devices are impractical measures that are difficult to enforce. Many are still in the planning phase but all are tackling this and prepared to show stakeholders and regulators how they best plan to manage off-channel communications.”

Contrary to industry perception, the report revealed the number of financial institutions using Bring Your Own Device (BYOD) policies has ballooned from 36% in 2023 to 53% in 2024. Considering continued enforcement for personal device usage, 45% of respondents have looked to clarify their BYOD policies, with 17% moving away from BYOD altogether.

72% of global firms seek to introduce AI in the next year, but North American interest lags behind

Respondents reported general uncertainty about AI in financial compliance, including whether it is a risk (17%), reward (10%) or both (32%). Despite this caution, 42% of global respondents said they would be looking to introduce AI to compliance workflows in the next 12 months, with 57% saying that they would not be. Leaders at North America firms demonstrated reticence compared to their European and Global counterparts, with 65% of North American firms noting they do not have plans to introduce AI within the next year.

Industry Insights Report: Compliant Communication 2024 serves as a litmus test for market responsiveness to regulatory action for recordkeeping and communications compliance. Regulators have taken steps to clarify expectations, including guidance from the SEC on when it will enforce against Chief Compliance Officers directly and the factors it considers when imposing fines for recordkeeping violations.