With a changing of the regulatory guard, what are the implications for U.S. off-channel communications?
Susannah Hammond explores what recent changes at the SEC might mean for U.S off-channel communications and recordkeeping enforcements.
Written by a human
The second Trump presidency has already brought sweeping changes. In financial services the heads of the U.S. regulators and the strategic direction of oversight are in flux. For the Securities and Exchange Commission (SEC), former chair Gary Gensler has departed and, as reported by Reuters, Mark Uyeda will be acting chair of the agency. Going forward, Trump has said he will nominate former SEC Commissioner Paul Atkins to run the SEC on a permanent basis.
In a statement published in September 2024, Uyeda and fellow Commissioner Hester Pierce gave a clear indication of the likely future direction of regulatory travel in terms of recordkeeping in general and off-channel communications in particular. The statement used the example of enforcement action taken against Qatalyst Partners LP in which concerns were expressed such that “it does not appear that firms have an achievable path to compliance.” In other words, full compliance with the current recordkeeping expectations for off-channel communications is simply not, in practice, realistic.
Recordkeeping remains important
The statement makes clear that nothing in the concerns expressed diminishes the need for robust recordkeeping by firms. “The Commission needs to be able to enforce its rules. To do that, it needs access to records about firms’ activities.” Equally, the firm itself will need access to its own records in order to be able to manage the business and have line of sight to emerging risks.
The federal securities laws impose recordkeeping requirements on broker-dealers to ensure that they responsibly discharge their crucial market role. As was reiterated in the 2021 off-channel communications enforcement imposed on J.P. Morgan, compliance with recordkeeping requirements is essential to investor protection and the SEC’s efforts to further its mandate of protecting investors, maintaining fair, orderly, and efficient markets, and facilitating capital formation.
There has been scope creep in terms of the enforcement action taken which has now reached almost all parts of the U.S. financial services industry. Initially there was a deemed “widespread failure to implement” recordkeeping policies that “was firm-wide and involved employees at all levels of authority.” The standard in the Qatalyst case had shifted to the firm “failed to implement sufficient monitoring to ensure that its recordkeeping and communications policies and procedures were always being followed” – ‘always’ being the critical word.
Perfection is not an option
Perfection is not possible. The concept that any firm can implement sufficient monitoring to ensure that policies and procedures (for recordkeeping, communications, or anything else) are always followed is unreasonable, if not downright impossible. As the statement put it “we cannot enforce to perfection, but there is a way to achieve better compliance.”
A pragmatic way forward
The proposal is that the SEC should commence work with the industry and other interested members of the public to “develop a pragmatic and privacy-respecting approach” that enables firms and the SEC to have sufficient books and records for compliance, examination, and enforcement at a reasonable cost in both financial and privacy terms.
A key challenge is that the existing recordkeeping rules are a product of simpler, less technologically enabled times. There has been a rapid change from paper documents to e-mail, text messages, and now app-based communications. From the SEC perspective, there are two pertinent questions:
- How can we modernize the recordkeeping rules to deal with the recordkeeping challenges of the new technology and accompanying shifts in the communication habits of people?
- How do we identify and take advantage of aspects of these changes that facilitate recordkeeping?
There has also been a shift to more written communication. What previously would have been oral conversations are being replaced with texts – a shift which intensified during the pandemic when colleagues that used to sit next to one another now work remotely. From the SEC’s perspective, this raises the question:
- Should we revisit the recordkeeping rules so that they do not capture the modern-day equivalent of oral chatter?
Clients have also moved to modern forms of communication and expect their financial services firms to have done the same. From the SEC’s perspective, the questions are:
- How can we help firms as they think about seamless ways to accommodate client communication preferences and still meet recordkeeping obligations?
- Issuing corporate mobile devices is an expensive option. What are best practices for firms that do not have the budget to issue phones, or whose employees prefer not to have a work phone?
Regulatory certainty is a work in progress – certain messages are clearly covered by the rules, but others are not so clear. The SEC is working to ascertain:
- What can the Commission do to provide clarity on the requirements under the existing rules?
- Is the scope of the current rules appropriate?
- Once we settle on the scope, how can firms effectively train their employees about what needs to be preserved for recordkeeping purposes?
A firm can write excellent policies and procedures that prohibit the use of off-channel communications but ensuring that everybody complies with them is difficult. That said, any firm surveillance system has to be able to achieve record retention without subjecting employees’ personal communications to constant surveillance. The regulator, and firms, must establish:
- What are the best practices for training employees and ensuring compliance with off-channel communications policies and procedures?
- What are best practices for monitoring compliance with off-channel communication prohibitions?
- How do the securities recordkeeping rules interact with other laws, such as employment or privacy laws?
Input from compliance personnel is essential to be able to develop workable, effective policies. The SEC has specifically suggested the creation of a Chief Compliance Officer Advisory committee to bring much needed real-world experience into the debate.
The need to engage
The SEC statement and the questions posed are a blueprint for how the rules, requirements, expectations, and enforcement around off-channel communications are likely to develop. Firms would be very well advised to begin to engage with the SEC sooner rather than later to not only contribute to the considerations, but also to seek to ensure that any new requirements are practical, fit-for-purpose, and do not require perfection.
