Skip to main content

Banks fined $549M for using personal iMessage, WhatsApp, and Signal accounts

Enforcement action by the Securities and Exchange Commission (SEC) has seen Wells Fargo and several other banks fined a total of $549M for using personal end-to-end encrypted messaging accounts to discuss company business.

The SEC said senior bank officials used personal iMessage, WhatsApp, and Signal accounts when making business decisions …

Banks fined $549M

The law requires publicly traded companies and banks to maintain auditable records of all business decisions and discussions, with enforcement falling to the SEC.

Additionally, the Commodity Futures Trading Commission (CFTC) also imposes record-keeping rules on trading decisions.

Both say that Wells Fargo and other banks broke these rules when senior bank officials conducted business-related discussions on their personal phones, as that meant that no records were kept of these text exchanges. The Verge reports that two laws were broken.

Not keeping records of those conversations violates the 1934 Securities Exchange Act’s recordkeeping rules, as well as similar rules from the Investment Advisers Act of 1940, according to the SEC. The CFTC maintains its own recordkeeping requirements, which it says were violated.

Since all three apps mentioned use end-to-end encryption, the contents of the messages would only be readable by accessing the personal accounts of the executives concerned. Additionally, messages can in some cases be lost when someone changes device – a particular issue with WhatsApp.

The following banks were fined by the SEC:

  • Wells Fargo Securities, LLC, together with Wells Fargo Clearing Services, LLC and Wells Fargo Advisors Financial Network, LLC, agreed to pay a $125 million penalty;
  • BNP Paribas Securities Corp. and SG Americas Securities, LLC have each agreed to pay penalties of $35 million;
  • BMO Capital Markets Corp. and Mizuho Securities USA LLC have each agreed to pay penalties of $25 million;
  • Houlihan Lokey Capital, Inc. has agreed to pay a $15 million penalty;
  • Moelis & Company LLC and Wedbush Securities Inc. have each agreed to pay penalties of $10 million; and
  • SMBC Nikko Securities America Inc. has agreed to pay a $9 million penalty.

And these by the CFTC:

  • BNP Paribas (BNP Paribas S.A. and BNP Paribas Securities Corp.): $75 million
  • Société Générale (Société Générale SA and SG Americas Securities, LLC): $75 million
  • Wells Fargo (Wells Fargo Bank NA and Wells Fargo Securities LLC): $75 million
  • Bank of Montreal (Bank of Montreal): $35 million

Best practice is to use only work devices and work accounts, with systems in place to ensure that all communication contents are permanently recorded and backed up within the company’s IT systems.

Photo: João Vincient Lewis/Unsplash

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications