[polygamous_bat]

AFAIK you are allowed to use any channel as long as you preserve records of the conversation. However, meeting the standards for preservation is quite difficult, which is why employees of financial institutions are generally told not to communicate outside person-to-person, or channels vetted by their company (and lawyers thereof).

[dundarious]

Also, compliance teams want live or near-live access, and do run dynamic filters on that live content. I can’t imagine a non-criminal* compliance team accepting a solution that is T+1 or that depends on manual action from the employee.

* I’m barely using hyperbole

[veave]

It's a bit weird that even though they can communicate person-to-person, where records won't be kept, they are supposed to keep records of electronic communication.

[polygamous_bat]

Well, it's incredibly hard to scale fraud only through person-to-person communications. It's not impossible, but think about the scale that online communication would allow.

[misja111]

This has nothing to do with scaling. How do you picture that, some employee would broadcast sensitive information to a WhatsApp group, in order to reach as many others as possible at once?

The offense here is that no effort was done to keep records of the communication. It would have been ok to use WhatsApp if they somehow would have archived all communications. Records of communications have to be kept so that auditors can verify that no inside trading secrets were communicated to others, for instance.

[bonestamp2]

Now I understand why some of the banks wanted people back in the office as soon as possible. Trying to support their commercial real estate bags is likely another.

[loeg]

The weird step for me is the expansion of regulatory authority from published memos, to all written communication like texts and chats. I get it and don't really object to the end result, but it seems like the law should be updated to match what society desires to be regulated, rather than just relying on a generous interpretation by regulators.

[TimTheTinker]

I wonder if handwritten notes, post-its, or marks on whiteboards are also subject to regulatory authority.

[misja111]

Yes they are, if you haven't taken care of keeping them out of sight of unauthorised other persons.

[JohnFen]

> it seems like the law should be updated to match what society desires to be regulated

This absolutely happens. Usually, however, the regulators are interpreting the law in a way that the legislators agree with. In those cases, there is no need for new legislation.

[pasc1878]

The law does not need extending. It is that for bank traders ALL communications must be kept.

[JumpCrisscross]

> for bank traders ALL communications must be kept

One, not every securities professional trades at a bank. Two, this is not true for any of them. Broadly speaking, work-related written communications must be logged. But there is nuance and exception to that.

[joosters]

Not really. How on earth could that ever be implemented?

[loeg]

In person conversations could be required to be recorded with a portable voice recording device (like a tape deck or phone). Same for phone calls. The regulatory authorities exempt those communications for now, but it isn't clear that there is any kind of consistent standard / reasoning.

[slt2021]

banks have CCTV cameras in office buildings that record (video) of customer-banker interactions.

any change to any banking system is then done via a banking order (payment order, deposit order, etc) and is documented and signed.

so there is plenty of trail evidence for each transaction with each customer

[SilasX]

So ... you aren't obligated to preserve records of the conversation if the channel is "in person", then.

[TimTheTinker]

Right - or if it's over the phone.

[freetanga]

I um unsure about current status in the States, but in Europe all conversations with a client over the phone where you might discuss commercial terms need to be recorded. Banks just cover their backs, and for customer facing positions all phone calls, no matter if through landlines (or IP telephony) or cell are recorded, either by the PBX software or by the carrier.

Employees are reminded not to use these lines for personal reasons (imagine an employee using the phone line to discuss their health with their doctor, and the employer just recorded extremely sensitive information from an employee), but the alternative means a strong fine from the regulators (usually the local AML authority).

[xhkkffbf]

What if I dictate into my phone and What's App sends it as text? Purely to save bandwidth of course.

[pasc1878]

That is one of the things that the banks are being fined for.

[freetanga]

Mostly not. But many interactions such as a Risk and Audit Committee are required to have minutes and signed by all participants. This is usually for all sessions which shape and oversee key policies such as Risk, AML, Audit, etc…

[pipo234]

Thanks! That makes a lot of sense.

[Sunspark]

Such a waste of time trying intently to regulate and control communication.

People will just get a second private device that is not managed by the organization, and if there is a mutually beneficial advantage to doing so, the other party will do the same as well.

This has been going on forever, I remember when they kicked up a huge fuss when they found out that people were doing direct pin-to-pin messages on the blackberry (was not logged for boss to read at the time).

[wpietri]

> Such a waste of time trying intently to regulate and control communication.

It's not an overall waste of time, because the goal is to reduce the enormous wastes caused by fraud, crime, and other malfeasance.

I know somebody who worked at a bank. The bank had a mandatory vacation policy: you had to be 100% gone for at least two solid weeks every year. When outsiders heard about this, they were often indignant. Who is the company to tell me how I spend my vacation? I know best when I need to rest. Why are they trying to regulate and control so much?

But the policy was about preventing crime. There are kinds of fraud where one person can keep it going a long time if they're around to fiddle things manually. But a couple of weeks of absence, plus the cross-training that goes with it, can keep those kinds of frauds from ever happening. And when they do happen, they stay much smaller.

As an example of why fighting fraud is vital to a bank, you could look at the failure of Barings Bank. One guy was able to fiddle the accounts to hide his losses, gaining a reputation as a trading genius. He started with a little deception, and it spiraled out of control over the years, eventually destroying a bank that had survived more than two centuries.

When compared with the destruction of the bank, making sure that supervisors can see what an employee is getting up to is a pretty small waste in comparison.

[ativzzz]

Is this one of those cases where it ends up causing death by regulation?

Take the pharmaceutical industry in the US. One reason it's so expensive for them to operate is the massive amount of rules and regulations that surround their work and cause them to hire tons more highly skilled personnel in order to meet those regulations just to get work done.

Now all those rules exist because someone did something bad and the rules prevent those bad things from happening again, which is a good thing. However, it increases the cost of doing business, and over time, as these rules and regulations pile up, everything gets more and more expensive and complex.

It's unfortunate that we as a society now have to pay for the actions of a bad actor in perpetuity. I don't know of a good alternative, because again these rules exist for a reason. Fraud is obviously bad, and people will constantly take advantage of the system until we regulate it more and more, but then normal rule followers pay the price.

[wpietri]

Is your contention that the pharmaceutical industry is dying? Or that it has insufficient lobbying power to push back against regulations that don't improve safety in proportion to their costs?

But to answer your direct question, I think the answer is a pretty clear no. Financial companies invest a ton in communications. If there's a buck to be made from improving their tools so that their employees can communicate faster, they'll get around to it eventually. They'll just do it with tools that provide the sort of proper records that they've been obliged to keep since forever.

[ativzzz]

Not that it's dying at all - it just makes it more expensive for them to do literally anything. That cost ultimately trickles down to the consumer. The entire US healthcare industry contributes to this. It's extremely regulated, usually for good reason, but the consequences are that there are tons of middle men, bureaucracy, and inefficiency that makes the end product more expensive

And the safety is probably correct. It's a problem that I'm not sure how to address

[wpietri]

So one, if it's not pharma who's dying, who are you asserting is dying from regulation?

Two, you're ignoring the externalities here. Most regulations exist to account for negative externalities. If I sell big cookies on the street for $5 each and 1 person in 10 dies from eating my cookies, then my $50 in revenue has to be compared against the cost of the death. Food safety regulations have costs to be sure, but we have to measure them against the harm averted.

If a product is more expensive because its makers have to be more careful, then that's not inefficient. It's people having to pay the true costs of the product, which is more efficient overall.

It's also true that regulation can be inefficient, of course. But the solution for that is primarily for producers to be responsible members of society, and secondarily for them to work closely with regulators to find effective regulation at minimal cost.

But if effective regulation that properly places costs kills a company or an industry, I'd argue that industry should not exist in the first place. Something we're seeing rediscovered in real time with people like Sam Bankman-Fried.

[developer93]

I'm always cynical when I hear arguments like this, I feel like it's the profit motive which is more to blame. They need to justify those prices somehow, and reducing payouts to shareholders or C-levels would be unthinkable.

[ativzzz]

I don't disagree with you - I'm just pointing out that when profit margins decrease, prices increase and the customer ends up paying for it

in "free market" conditions, there should be players who can compete by not increasing prices, but due to the increasing number of regulations, it becomes impossible for smaller players to enter the market or exist in the market, so nobody can come in and take advantage of lowering prices, so prices just go up and up

Again these regulations usually exist for good reason, it just makes the market less efficient and drives prices up over time

[polygamous_bat]

> in "free market" conditions, there should be players who can compete by not increasing prices

In a free market without regulation, the "rational" thing to do is to flood the market with fake "life saving drugs" and reap the (almost) infinite ROI.

In a less hyperbolic sense, the nature of "market" dictates we cut corners wherever possible. When it's a matter of life and death, the public chose to legislate which corners cannot be cut.

[b2337c8ad7bd]

> When compared with the destruction of the bank, making sure that supervisors can see what an employee is getting up to is a pretty small waste in comparison.

But they can't see this according to the comment to which you're responding; that's the problem.

[wpietri]

They will do it a lot less when it turns out that it's illegal or will get them fired. Which is what the article we're discussing is about.

[JohnFen]

> When outsiders heard about this, they were often indignant. Who is the company to tell me how I spend my vacation?

They're the employer and get to set reasonable conditions for employment, that's who they are.

[edmundsauto]

It’s actually a bit of a trap - if you are caught using secondary devices, it speaks to intent. Similarly, when you deposit money at a bank and they ask you to certify these are not proceeds of a crime: they aren’t expecting to catch people at that step. But if they catch you later, boom you defrauded a bank by lying and have additional charges.

[Sunspark]

It's not illegal to own a personal device, it's also not illegal to be friends with your coworkers if you trust them.

There is no "intent" here. What you are describing is an organized criminal conspiracy which is illegal no matter what device or system you're using. What I am talking about here is whether the employer should get to listen in to all your calls and read all your emails and text messages. Why do you think they like BYOD so much? Because they can get a window into your personal life, what apps you have installed, etc.

[edmundsauto]

I think they like byod because they don’t have to buy a device or service it, but can still get at employees at all hours.

It is not illegal to have friends, but if you are in a job that has certain regulations it is illegal to communicate in a non approved way with business partners. This isn’t a wide scope - it’s people who have jobs that are covered by these regulations.

[ghostpepper]

How is this different from having laws on the books that ensure all citizens are breaking the law at any given time? Doesn't feel like how laws are meant to be used

[edmundsauto]

Because it applies to certain regulated industries and people who work in those industries. It’s not wide ranging.

[fidotron]

Isn't this an argument that doing anything that is illegal but beneficial to the conspirators should be left alone?

If it were totally allowed and widespread how would there be any pretence of fairness in the markets? Of course you could say that at least then people would be appreciating the reality of the situation . . .

[everybodyknows]

> Such a waste of time trying intently to regulate and control communication.

Then attempting to enforce antitrust laws is likewise a waste of time.

[michaelnik]

It is actually prohibited to use private devices (on the trading floor).