JPMorgan hit with $200 million in fines for letting employees use WhatsApp to evade regulators’ reach
Scott Mlyn | CNBC
JPMorgan Chase is paying $200 million in fines to two U.S. banking regulators to settle charges that its Wall Street division allowed employees to use WhatsApp and other platforms to circumvent federal record-keeping laws.
The Securities and Exchange Commission said Friday that JPMorgan Securities agreed to pay $125 million after admitting to “widespread” record-keeping failures in recent years. The Commodity Futures Trading Commission also said Friday that it had fined the bank $75 million for allowing unapproved communications since at least 2015.
SEC officials who spoke to reporters Thursday evening said JPMorgan’s failure to preserve those offline conversations violated federal securities law and left the regulator blind to exchanges between the bank and its clients.
Federal law requires financial firms to keep meticulous records of electronic messages between brokers and clients so regulators can make sure those firms aren’t skirting anti-fraud or antitrust laws.
The move is the latest sign of an ongoing battle between regulators, banks and employees over the use of personal devices. Policing the use of unofficial channels became even more pressing when most of Wall Street went remote during the coronavirus pandemic. Regulators in New York and London have ratcheted up enforcement of record-keeping rules recently as traders migrated to encrypted messaging platforms including WhatsApp, Signal or Telegram.
While phone conversations and messages on official company devices and software platforms are preserved, it’s much harder for bank compliance departments to surveil communications on third-party apps.
That workaround picked up in popularity after two of the industry’s biggest trading scandals of the past decade, involving manipulation of Libor and foreign exchange markets, hinged on incriminating messages preserved in chatrooms, resulting in multibillion-dollar fines for banks.
At JPMorgan, the practice of going offline to communicate was firm-wide, and even the managers and senior personnel responsible for compliance used their personal devices to communicate sensitive business matters, the SEC said.
The investigation at JPMorgan is ongoing, and the SEC has launched similar probes at firms across the financial universe. JPMorgan ordered its traders, bankers and financial advisors to preserve work-related messages on personal devices earlier this year, Bloomberg reported in June. Messages included content on a wide range of discussions, including investment strategies, client meetings and market observations, the SEC officials said.
JPMorgan declined to comment beyond a regulatory disclosure that acknowledged settlements with the two agencies.
On top of the fine, JPMorgan agreed to hire a compliance consultant to review the bank’s policies and training, the SEC said. The bank had already begun upgrades to employees’ software to improve compliance, the SEC said.
“As technology changes, it’s even more important that registrants ensure that their communications are appropriately recorded and are not conducted outside of official channels in order to avoid market oversight,” SEC Chair Gary Gensler said in a press release.
In stressing the importance of diligent record-keeping, Gensler recalled the 2013 foreign exchange scandal, when traders at several leading banks used private chat rooms with names including “The Cartel” to conspire to fix currency rates to maximize profits.
Five of the world’s largest banks, including JPMorgan, ultimately agreed to pay more than $5 billion in combined penalties and plead guilty to resolve the investigation.
“Books-and-records obligations help the SEC conduct its important examinations and enforcement work,” Gensler added. “They build trust in our system.”
While SEC officials said the $125 million penalty is its largest record-keeping fine to date, the bigger threat to JPMorgan may be reputational. By going after JPMorgan, the world’s biggest Wall Street firm by total revenue, the SEC has put the industry on notice.
The announcement caps a banner week for Gensler, who on Wednesday issued a raft of proposals aimed at securing money market funds and limiting executives’ ability to trade their own companies’ equity.
Taken together, the proposals and enforcement action suggest the Biden appointee is sprinting to draft and enact one of the most ambitious policy agendas in decades.
Many investors see him as the leader the SEC needs to develop expansive cryptocurrency regulation, safeguards around special purpose acquisition companies, or SPACs, standardized climate disclosures for public firms, and rules governing online brokerage marketing and the “gamification” of securities trading.
The enforcement action also marks a major milestone for SEC Enforcement Director Gurbir Grewal, who has for months warned that tougher enforcement was on the horizon.
Restoring the public’s trust in Wall Street will require “robust enforcement of laws and rules concerning required disclosures, misuse of nonpublic information, violation of record-keeping obligations, and obfuscation of evidence from the SEC or other government agencies,” he said in October.
In addition to his focus on Wall Street’s bookkeeping, Grewal is also working on ways the SEC can prevent misconduct from happening in the first place, what he refers to as “prophylactic” measures.
Specifically, Grewal has said he plans to be aggressive about requiring guilty firms — JPMorgan, in this case — to confess their infractions publicly.
“Recordkeeping requirements are core to the Commission’s enforcement and examination programs and when firms fail to comply with them, as JPMorgan did, they directly undermine our ability to protect investors and preserve market integrity,” Grewal said in a statement Friday.