Downstream WhatsApp Regulatory Woes for Wealth Managers

Sander Ressler, Expert Columnist, Compliance & Regulatory Affairs, WSR

Smarsh’s Robert Cruz: US Wealth Management Firms Should Be Paying More Attention to Instant Messaging Regulatory Fines for Global Financial Institutions

Instant messaging apps continue to rise in use across the world, and that’s causing agita for compliance professionals at major global financial institutions, and the regulators who oversee them – At least in the U.S.

Why?  Many instant messaging apps – including the leading platform in this segment, WhatsApp – aren’t being supervised appropriately, and the content isn’t being captured and archived as regulators expect and demand.

And the regulators are coming down hard on offending parties.  In July, Morgan Stanley reported that it will likely need to pay as much as $200 million in fines for not monitoring employee use of unauthorized instant messaging apps. 

It’s a fine day!

They’re not alone, either.  Goldman Sachs, Citigroup and Bank of America apparently are preparing for regulatory fines of their own related to unauthorized instant messaging apps, according to recent coverage from Digital Wealth News

Relevance for U.S.-Based Wealth Managers?

But just how applicable is this issue to a domestic U.S. wealth management audience?  At first glance, the answer might be, “Not much.”

Currently, WhatsApp and other instant messaging tools are more popular outside of the U.S.  After all, in many overseas markets, telephone systems are far less reliable than platforms such as WhatsApp that work quite well utilizing satellite internet services.

But that might not be the correct answer.  For starters, I have frequently encountered the unauthorized use of WhatsApp in the U.S., primarily between financial advisors and their clients who live in another country.  

Robert Cruz, Vice President of Information Governance, Smarsh

Moreover, just given the robust growth of WhatsApp and other instant messaging platforms worldwide, especially among younger generations, it would be safe to assume that these solutions will become more widely used by domestic audiences of U.S.-based wealth management firms in the months and years to come.

To address this issue head-on, I recently connected with Robert Cruz, Vice President of Information Governance at Smarsh, the global regtech firm.

Cruz is in a relatively unique position to opine on this topic, given how Smarsh delivers digital content archiving, capture and e-discovery, combined with AI and cybersecurity solutions, to two segments of the financial services sector:  Global financial institutions and U.S.-based independent wealth management firms across the IBD and RIA spaces.

WSR:  In terms of relevance for the U.S.-based and U.S.-focused independent wealth management space, is this a potentially significant compliance issue because of SEC and FINRA regulatory risks?

Cruz:  This isn’t just about potentially violating supervisory oversight requirements under the SEC and FINRA.  The underlying issue is about firms conducting business on communications tools that are not approved for business use and therefore, not captured. That unapproved use can happen anywhere in the firm.

Is this message approved?

You could be looking at a more basic violation of a firm’s books-and-records obligations by ensuring that all business-related communications are captured and stored. 

This can happen due to an employee’s being unaware of policies, downloading unapproved versions of these tools onto personal devices, and so forth.  And it can happen on a plethora of communications tools like Telegram, TikTok, Signal, Discord, Instagram…or anything that hasn’t been allowed for use for business purposes.

WSR: Is the rising use of WhatsApp and other instant messaging solutions among financial advisors primarily a function of communicating with overseas clients and contacts?

Cruz:  Of course, it’s true that WhatsApp may be the only tool that works in a remote geographic location.  But more often, use of instant messaging tools creeps into the workplace because it is demanded by a younger demographic of employee. 

Firms are looking for reliable means to capture these technologies because that is where their market want to engage. That’s why compliance teams are increasingly saying yes to more tools, if there is comfort that they can manage the risk.  This is a reflection of the changing face of their businesses.

WSR:  Right now, many wealth management industry insiders see the recent regulatory furor over unauthorized messaging apps like WhatsApp to be more of a concern for global financial institutions, versus U.S.-based and U.S.-focused wealth management firms.  Do you agree or disagree with this perspective?

Reduced visibility

Cruz:  I disagree, because much of this issue comes down to how clients choose to engage with firms and financial advisors.  For example, the most popular tool to reach retail investors is Instagram.  The tool of choice for firms wanting to participate in the cryptocurrency market is Telegram.  And the world’s most downloaded mobile application is TikTok, where user engagement is approximately three times that of other leading social platforms.

What these examples are indicators of are the fundamental changes that firms are experiencing in how they communicate and collaborate.  Some of this is a function of the pandemic and the fact that remote working individuals have much easier access to a variety of communications tools that can bleed over from their personal lives.  And as part of this trend, compliance teams have less visibility into employee behaviors. 

However, this move toward digital transformation was already happening prior to the pandemic due to demographic shifts and an increase in participation in the workplace from ‘digital native’ Gen Z individuals. What the pandemic did was accelerate each organization’s digital transformation journey, catapulting them down a path that should have taken two years into something that happened in two months. 

These forces are global and impact all regulated industries – including wealth management!

Sander Ressler, WSR’s Expert Columnist, Compliance & Regulatory Affairs, can be reached via

Related Posts

Sign Up for Our Newsletters

Sign Up for Our Newsletters