(Bloomberg) — The U.S. Securities and Exchange Commission has blocked third-party messaging apps and text messages from employees’ work cellphones, bringing its own practices closer to the standards it is applying to the industry.
Bloomberg’s Most Read
The SEC’s decision to block disappearing messaging apps will help the agency improve its own record keeping and address security vulnerabilities after one of its social media accounts was compromised earlier this year. This follows about $3 billion in fines imposed on financial companies to resolve allegations that they failed to maintain adequate records of work-related communications on mobile devices and apps such as WhatsApp from Signal and Meta Platforms Inc.
The scrutiny has led Wall Street to revamp the way employees communicate about business matters via cellphones. Meanwhile, the SEC took a hard look at policies covering its own staff’s communications on agency-issued phones.
The agency has restricted access to third-party messaging apps, as well as SMS and iMessage texts “to reduce the risk of our systems being compromised and to improve record keeping,” a spokeswoman said. from the SEC in a statement sent by email. The process of blocking the apps began in September and continued over the past few months, she added.
Read more: SEC fines 16 companies in latest WhatsApp probe penalties
Financial companies are required to monitor and store communications involving their business to prevent inappropriate conduct. When they don’t, agencies say it is significantly more difficult to investigate wrongdoing. Regulatory scrutiny has been a boon for software and compliance vendors coming up with solutions to capture ephemeral communications.
The Commodity Futures Trading Commission is considering whether to follow suit, according to a person familiar with the matter. A CFTC spokesperson did not respond to a request for comment.
Read more: SEC says the FBI is investigating the agency’s X account compromise
The SEC’s cybersecurity practices have come under scrutiny in recent months. In January, the regulator’s X account was compromised via an employee’s agency-issued phone, which resulted in a false post claiming that the watchdog had approved plans for a long-awaited spot Bitcoin exchange-traded fund.
This inaccurate post fueled a brief spike in the price of the world’s largest cryptocurrency. The SEC quickly regained control of the account and deleted the post. The incident highlighted how even a regulator with an assertive stance on cybersecurity requirements is not immune.
(Updates with timeline of SEC efforts in fourth paragraph.)
Bloomberg Businessweek Most Read
©2024 Bloomberg LP
/cdn.vox-cdn.com/uploads/chorus_asset/file/22934831/bfarsace_211014_4802_0002.jpg?w=300&resize=300,300&ssl=1)
