Regulatory scrutiny of WhatsApp use for business communications

  • Use data loss prevention alerts and internal controls to avoid dissemination of internal, confidential and material non-public information to external parties
  • Employees working from home or office should only use devices provided by their firms and should not take pictures and screenshots of information on personal devices. Firms should implement systems to block screenshots and not allow printing of documents that contain MNPI
  • If firms are allowing employees to use text messaging applications such as WhatsApp for business purposes, they should adhere to all the record-keeping requirements listed by regulators
  • Firms should use a mix of lexicon and random searches as part of their ongoing surveillance of employees’ communications, and these should include targeted keywords and phrases
  • Firms should also conduct targeted searches for any high-risk individuals and scrutinise suspicious behaviour of employees
  • Any business communication conducted through a platform meant for personal use should be notified to the compliance officer at the earliest and should not be deleted



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Acuity Knowledge Partners

Acuity Knowledge Partners

We write about financial industry trends, the impact of regulatory changes and opinions on industry inflection points.