Reported by Katherine Doty Hanniford, Paul Monnin, and Albert Stieglitz, Jr.

On September 29, 2023, the U.S. Securities and Exchange Commission (SEC) announced enforcement actions against five broker-dealers, three dually registered broker-dealers and investment advisers, and two affiliated investment advisers for what the SEC described as “widespread and longstanding failures to maintain and preserve electronic communications.” The enforcement actions, settled by each respondent, included fines ranging between $2.5 million to $35 million, as well as remedial actions like retention of an independent compliance consultant, mandatory reporting of any disciplinary actions, and review of employee communications as a regular internal audit item.

These settlements are the latest in the SEC’s sprawling investigation of its registrants’ use of off-network communications, which has included enforcement actions against 30 other firms over the past 24 months, and has been the subject of previous client updates here and here.

Key Takeaways

Continued scrutiny of investment advisers

The SEC’s ongoing aggressive enforcement of recordkeeping violations continues to focus on investment advisers, despite their trade associations’ contention in correspondence to the SEC that agency jurisdiction to police custody of business-related communications is confined to broker-dealers. Recent investment adviser settlements show that advisory entities have been willing to waive this defense, however, given the prospect of increased penalties following a litigated proceeding.

Content is a focus

While the SEC will continue to penalize registrants that fail to control use of off-network communications, the agency has apparently entered a new phase of its enforcement initiative. Reports indicate that the SEC has directed large advisory entities to share messaging data from senior management and other key employees’ devices – collected as part of their internal investigations – in response to the SEC’s off-network communications sweep.

Although the disclosed data, specifically WhatsApp and other messaging application information, is reportedly limited to business-related communications, the exchange of material, nonpublic information or other evidence of suspected fraud and abuse is plainly fair game. Similar to the insider trading push that emanated from the capture of trader texts and other out-of-band communications following the market turmoil caused by the Great Recession, the SEC clearly intends to data-mine the WhatsApp and other messaging information it has received to pursue more than just compliance violations.

Read full report: https://www.jdsupra.com/legalnews/the-latest-in-the-sec-s-off-network-1017726/