The High Cost of Digital Missteps: Messaging App Fines Continue to Mount

In the modern workplace, digital communication tools like WhatsApp, Signal, and Slack have become integral to collaboration and efficiency. However, the very tools that streamline operations can also expose companies to significant regulatory risks if not properly monitored and managed. This issue was thrust into the spotlight when multiple financial institutions faced fines totalling over $1 billion due to failures in overseeing employee use of these apps. And recent developments underscore that regulators maintain a keen focus on compliance. The Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) continue to levy hefty fines on firms failing to preserve records of business-related communications conducted via unapproved channels.

A Recap of the Billion-Dollar Fallout

Of the 11 prominent Wall Street firms fined for “off-channel” communications using personal devices, some companies had to pay as much as $200 million individually. With substantial penalties coming from the SEC and CFTC, the violations weren’t isolated to low-level employees. Senior executives and supervisors were also implicated, further exacerbating the penalties levied against their firms. This high-profile case served as a harbinger of intensified regulatory action, spurring investigations across other leading financial institutions. Deutsche Bank and UBS followed in 2022, facing fines exceeding $75 million each for similar violations, which included top executives’ involvement in unauthorised communication practices.

Lessons Not Being Learned – Yet More High-Profile Cases

More recently, in February 2024, the SEC imposed $81 million in fines on 16 financial firms, including major players like Northwestern Mutual, Guggenheim Securities, and Oppenheimer. These firms were penalised for failing to retain records of communications conducted via personal messaging apps. Some firms were shown leniency for self-reporting violations, such as The Huntington Investment Company, which received a lower penalty of $1.25 million​. The SEC investigation revealed systemic and prolonged use of unapproved communication channels by employees, ranging from junior staff to senior executives. These practices violated federal recordkeeping requirements intended to ensure regulatory oversight and transparency. As part of their settlements, all 16 firms agreed to hire independent compliance consultants to review and enhance their policies on electronic communications and address employee non-compliance more rigorously​.

These examples illustrate how the lack of proper oversight can lead to significant financial and reputational damage.
They also highlight the SEC’s steadfast commitment to addressing off-channel communication violations, reinforcing the importance for firms to adopt robust compliance measures to avoid similar penalties. The SEC and CFTC are actively encouraging companies to self-report deficiencies and improve their compliance frameworks. Firms that fail to adapt to these expectations risk facing not only fines but also potential criminal investigations​.

Beyond Financial Services: A Growing Compliance Challenge

While financial institutions have received the bulk of regulatory attention regarding off-channel communications, sectors such as healthcare, technology, and retail are increasingly under scrutiny. With the rise of remote work and the proliferation of personal device usage, regulatory authorities demand stricter adherence to recordkeeping and data governance protocols. Non-compliance exposes organisations to substantial risks, including fines and reputational damage.

In healthcare, for instance, the use of unmonitored communication apps poses risks not only to compliance but also to patient privacy under regulations such as HIPAA in the U.S. Similarly, tech firms grapple with challenges in balancing innovation with regulatory demands, particularly regarding privacy and data retention. Retail organisations, reliant on distributed teams and contractors, face risks due to unstandardised communication practices.

These challenges further underscore the importance of adopting comprehensive compliance strategies. A report from FTI Consulting highlights how firms across industries must proactively monitor emerging data sources like chat apps and collaboration platforms to mitigate risks. This includes implementing policies to restrict unapproved tools, ensuring proper data archiving, and leveraging technology to detect non-compliance in real time​.

What Else Should Companies Do?

To mitigate these risks, businesses must adopt a proactive approach:

1. Policy Overhaul: Establish clear guidelines for the use of personal devices and messaging apps for work-related communications. Policies should be regularly updated to reflect evolving technologies.
2. Training and Awareness: Employees, including senior leadership, should be educated about compliance requirements and the importance of adhering to approved communication channels.
3. Technology Solutions: Implement software tools to monitor, archive, and manage communications across all platforms, ensuring adherence to regulatory standards.
4. Voluntary Audits: Conduct periodic internal reviews to identify potential gaps in compliance and self-report violations where necessary.

Conclusion: A Persistent Risk in the Digital Age

As the digital landscape evolves, so too do the regulatory challenges companies face. The financial sector serves as a cautionary tale of the severe consequences of non-compliance. However, these lessons are universally applicable. Businesses that prioritise compliance not only avoid fines but also foster trust and integrity within their organisations. The recent wave of fines reinforces the importance of vigilance in maintaining records of all business-related communications. As regulators continue to crack down, companies must view compliance as a strategic priority rather than a mere administrative burden. By doing so, they can ensure their digital transformation efforts are sustainable, secure, and successful.

The Human Side of Digital Transformation: Building a Culture of Digital Success

In today’s rapidly evolving digital landscape, businesses are under pressure to adapt and innovate to stay competitive. The COVID-19 pandemic accelerated the adoption of digital technologies across industries, but while many organisations successfully implemented new tools, others struggled to see meaningful results. Why? Because digital transformation isn’t just about technology – it’s about people.

The human side of digital transformation is often overlooked in favour of technical solutions. Yet, it’s the culture within an organisation – the values, behaviours, and mindset of its people – that determines whether transformation efforts succeed or fail. Without the right culture, even the most advanced tools can fall short of delivering their potential value.

Shifting Focus: From Technology to People

Digital transformation is inherently disruptive. It demands that organisations rethink their processes, their priorities, and their way of working. But while technology is a critical enabler, the ultimate driver of success lies in the willingness of people to embrace change.

Research consistently shows that the failure of digital initiatives is often rooted in resistance to change, lack of employee buy-in, or insufficient leadership commitment. Building a culture that supports digital transformation starts with fostering trust, collaboration, and a growth mindset across the organisation.

Catherine Parry, CEO of DeepView, has long championed this perspective. She emphasises the importance of aligning technology adoption with human-centric strategies. “Technology should work for people, not the other way around,” she says. “The organisations that succeed in digital transformation are the ones that prioritise their people and create an environment where innovation thrives.”

The Role of Leadership in Digital Transformation

Strong leadership is essential in driving the cultural changes needed for digital success. Leaders set the tone for the organisation, modelling behaviours that encourage experimentation and resilience in the face of challenges.

Catherine’s leadership at DeepView exemplifies this approach. Her vision is rooted in empowering individuals to take ownership of digital tools and processes. By fostering an open dialogue between teams and creating a shared understanding of the benefits of transformation, leaders can build trust and alleviate fears about change.

This leadership extends beyond internal operations. As DeepView partners with businesses to secure their digital communication platforms, it ensures that technological solutions are accessible, intuitive, and aligned with the needs of the end-users.

Breaking Down Silos

One of the key barriers to successful digital transformation is the existence of silos within organisations. Teams working in isolation often struggle to adopt cross-functional tools, and valuable insights can get lost in translation between departments.

To build a culture of digital success, organisations must break down these silos and encourage collaboration. This means not only implementing technologies that facilitate communication but also fostering relationships that make collaboration seamless and effective.

At DeepView, this collaborative ethos is embedded in our approach to secure communication. By enabling clear and safe lines of dialogue, we help organisations create an environment where knowledge flows freely and decision-making is more agile.

Embracing Continuous Learning

Digital tools and processes are constantly evolving, and the pace of change is only accelerating. For organisations to remain competitive, they must adopt a mindset of continuous learning. This involves upskilling employees, encouraging curiosity, and rewarding those who take the initiative to learn and grow.

Catherine Parry highlights this need for lifelong learning as a cornerstone of digital success. “The journey doesn’t stop with implementation,” she explains. “It’s about building the capability to adapt to future changes. Continuous learning ensures that organisations remain resilient in the face of disruption.”

Building Resilience Through Trust

At the heart of every successful transformation is trust – trust between leadership and employees, trust among teams, and trust in the tools being implemented. Without trust, even the most well-designed initiatives can falter.

DeepView’s work in securing digital communications is a direct response to this need for trust. In an age where data breaches and cyberattacks threaten the integrity of business operations, ensuring that communication channels are safe is essential. But security alone isn’t enough; these solutions must also be user-friendly, enabling employees to adopt them seamlessly into their workflows.

Measuring Success Beyond Metrics

How do you measure the success of digital transformation? While metrics such as efficiency gains or cost savings are important, true success is reflected in the behaviours and attitudes of the people within the organisation. Are employees engaging with the new tools? Are they collaborating more effectively? Do they feel empowered to innovate?

By focusing on the human side of transformation, organisations can achieve long-lasting results that go beyond the numbers.

Conclusion

Digital transformation is more than a technological upgrade; it’s a cultural shift that requires organisations to rethink how they operate. By prioritising people, fostering collaboration, and embracing continuous learning, businesses can unlock the full potential of digital tools and create a future-ready workforce.

At DeepView, we’re proud to be part of this journey. We remain committed to helping organisations navigate the complexities of digital transformation while keeping their most valuable asset – people – at the centre.

Discover more about building a culture of digital success…

Take a look at the webinar hosted by The Pollen Street Hub, where Catherine Parry and other expert panellists dig into the importance of the human side of digital transformation.

11 Must-Know Cybersecurity Tips to Protect Your Small Business

Small businesses are often the target of cyberattacks, yet many are unprepared to deal with them. This article from SmartCompany offers eleven essential tips for small business owners to improve their cybersecurity, including using secure passwords, updating software regularly, and training employees in security best practices. These tips help small companies strengthen their defences against cyber threats.

Read the full article here.

X (formerly known as Twitter) Says Spear-phishing Attack On Employees Led To Breach

Following the high-profile Twitter (now X) hack, The Guardian reported that a spear-phishing attack on employees was the cause. This article explains how cybercriminals tricked staff into revealing credentials, which were then used to access internal systems and compromise accounts. The incident underscores the ever-growing risk of targeted phishing attacks on employees at large corporations.

Read the full article here.

X (formerly known as Twitter) Breach A Reminder Of Need To Protect Corporate Social Media Usage

The breach of Twitter (now X) in 2020 served as a stark reminder of the importance of protecting corporate social media accounts. This article from Dark Reading highlights how hackers used social engineering tactics to gain access to high-profile accounts, and the potential damage such breaches can cause to businesses. It stresses the need for stronger security measures, such as multi-factor authentication, for corporate social media platforms.

Read the full article here.