Welcome to the bankers’ panopticon

Craig Coben is a former senior investment banker at Bank of America, where he served most recently as Co-Head Global Capital Markets, Asia-Pacific region. Howard Fischer, an attorney at law firm Moses & Singer, is a former Senior Trial Counsel at the US Securities & Exchange Commission.

A spectre is haunting the financial world. Bankers are huddling with lawyers, some careers have been left in tatters, and a flurry of subpoenas have reportedly been issued by the SEC, which might lead to substantial penalties.

But this scandal doesn’t involve mis-selling, malfeasance or misappropriation. It arises from mundane messaging. The SEC believes that bankers are conducting business with unauthorized communication tools, such as iMessage or WhatsApp, from personal devices. And that’s a no-no.

This might seem trifling. Over the last decade messaging apps have replaced email (and arguably phone calls) as preferred means of daily communication. What’s the difference if a banker messages clients or colleagues or calls them or sees them in person?

For regulators it makes all the difference in the world, and for bankers caught using the apps, it may mean the difference between keeping and losing your job.

Why the crackdown? Three reasons. First, regulators and enforcement agencies see using non-official means of communication as a red flag meant to evade internal compliance as well as regulatory supervision.

Second, regulators fear any constraint on their ability to monitor internal operations. Obtaining internal communications from one entity is far easier than seeking it from multiple parties. Regulators don’t want to miss the next Madoff or be exposed as failing to supervise for market integrity and related systemic stability issues.

Finally, the crackdown on unauthorized communication offers easier targets for regulators. Investigating intent-based violations, like insider trading or market manipulation, is fraught with evidentiary and interpretive issues. But unless the banker remembered to turn on the auto-delete function available on some messaging apps, it is fairly straightforward to prove breaches of the rules against using unapproved communication tools. The SEC can even pursue a broad, industry-wide settlement and impose fines, bolstering reported enforcement results.

All that said, this is not necessarily a case of “everyone has been doing it” or “the rules have been honored in the breach”. The vast majority of bankers try to follow the rules because they have a lot financially (and socially) at stake. Nobody wants to be caught in a compliance investigation.

But work-from-home has changed how watchdogs view unofficial communication. Watchdogs believe that WFH — and the lower level of technical integration and formal supervision otherwise associated with working from the office — means reduced oversight and greater potential for unauthorized communication.

Regulators may also have found that office email is no longer the evidence trove it used to be. Ever since investigators unearthed emails two decades ago by equity research analysts privately disparaging companies they were publicly recommending, bankers have known that emails are subject to monitoring. Best to avoid speaking one’s mind too openly on email and then having to explain it later to a regulator or a supervisor. Office emails at banks are unlikely to have the free-flowing candor as, say, the spirited Slack messages exchanged between media organisation colleagues. Correctly or not, regulators think the messaging apps have the juicy stuff.

This approach throws up several problems and inconsistencies.

First, bankers don’t work in isolation, but are part of an interconnected ecosystem of corporate clients, fund managers, lawyers, auditors, PR firms and other constituencies around a deal. Many of these actors are not subject to the rules around communication tools, and many are also used to communicating via WhatsApp or iMessage.

Incorporating those less formal means of communication into office email can be awkward and prone to slip-ups. Are financial workers supposed to remonstrate with a company CEO or private equity partner who sends a message via an unapproved means of communication? Or direct them to use official email instead?

This might not be very practical in a relationship-oriented business, especially given time constraints. Many people — especially senior executives — don’t check their emails often or have an assistant screening them.

While some institutions adopt message apps such as Movius that they can oversee, those apps will have to be downloaded and used by others to work. It is not easy to tell important clients — who are more accustomed to giving orders to their bankers — to download an app so that their communications can be monitored by the bank’s compliance department.

Second, it highlights the different way in which bankers are treated versus other key professions. A banker who uses WhatsApp can be fired with Cause (capital letter intended); a politician who uses Telegram (and so frustrates freedom of information rules) is barely punished, if at all. Sure, bankers have big responsibility but shouldn’t Representatives or MPs be held at least to the same standards? (This is but one example of a broader pattern exemplified by Congressional resistance to accepting restrictions that apply to front-office staff at most global investment banks, such as prohibitions on investing in single-name stocks or bonds.)

Third, as alluded to before, the regulators are treating substantively similar conduct in very different ways. The same communication delivered by phone or email can, if sent via iMessage, be a legal breach subject to internal and regulatory sanction.

And this underlines the central conundrum: there is no logical endpoint to the policy. It is only practical limitations that explain the demand for every written communication (no matter how informal or slapdash) but not oral ones. If regulators want an audit trail for every communication, then they need a panopticon to record every interaction and conversation, including meetings and telephone calls. In George Orwell’s 1984 the Ministry of Truth installed telescreens in every home to record domestic conversations. Should we be installing chips and microphones on every investment banker?

It probably won’t end up there. Most likely, the outcome will be some token firings pour encourager les autres, some warning letters and substantial industry fines, and promises to install more expansive monitoring.

At one level, it is difficult to see how this crackdown will better protect investors or safeguard market integrity. To the extent there are bad actors, they will use the auto-delete functions on one of the encrypted platforms, or meet in person. Indeed, some early settlements have not turned up any substantive misconduct that was hidden through use of alternate communication platforms.

At another level, financiers have no excuse for not following the rules. They’ve been told for several years to use only approved communication tools and to avoid messaging apps for anything business-related. Internal and external compliance staff have hammered this message repeatedly.

Effectively, then, the watchdogs are enacting their own version of the “broken windows” theory of enforcement, whereby minor violations risk fomenting more serious misbehavior if they are not immediately punished. At the very least, the regulators are able to remind financiers that they are under constant surveillance and should mind their p’s and q’s at all times and that if they try to circumvent monitoring (even — especially — out of mere convenience or laziness), they — and/or their employers — will be presumed guilty of . . . something.