I read the below more as the company failing to enforce a policy of employees using business accounts/devices for business communication rather than the company failing to surveil private accounts. Basically, employees should be using "official" communication channels that can be audited for business communication and save WhatsApp for friends and family.
> As described in the SEC’s order, JPMS admitted that from at least January 2018 through November 2020, its employees often communicated about securities business matters on their personal devices, using text messages, WhatsApp, and personal email accounts. None of these records were preserved by the firm as required by the federal securities laws. JPMS further admitted that these failures were firm-wide and that practices were not hidden within the firm. Indeed, supervisors, including managing directors and other senior supervisors – the very people responsible for implementing and ensuring compliance with JPMS’s policies and procedures – used their personal devices to communicate about the firm’s securities business.
> its employees often communicated about securities business matters on their personal devices, using text messages, WhatsApp, and personal email accounts. None of these records were preserved by the firm as required by the federal securities laws. JPMS further admitted that these failures were firm-wide and that practices were not hidden within the firm. Indeed, supervisors, including managing directors and other senior supervisors – the very people responsible for implementing and ensuring compliance with JPMS’s policies and procedures – used their personal devices to communicate about the firm’s securities business.
They have to do this by las. Part is to “run the tapes” is there is a customer disagreement, and part is records keeping for compliance purposes. (Anti-Money Laundering, making sure transactions have economic substance, etc) In the aftershock of 2008 it came to light that much of the illegal behavior happened when people switched to personal devices.
> As described in the SEC’s order, JPMS admitted that from at least January 2018 through November 2020, its employees often communicated about securities business matters on their personal devices, using text messages, WhatsApp, and personal email accounts. None of these records were preserved by the firm as required by the federal securities laws. JPMS further admitted that these failures were firm-wide and that practices were not hidden within the firm. Indeed, supervisors, including managing directors and other senior supervisors – the very people responsible for implementing and ensuring compliance with JPMS’s policies and procedures – used their personal devices to communicate about the firm’s securities business.