Morgan Stanley fines some employees $1M for WhatsApp, iMessage use

Morgan Stanley fines some employees $1M for WhatsApp, iMessage use

After being fined more than $200 million last year for similar violations, Morgan Stanley has begun penalising employees for using personal messaging apps for company business. But at least one expert said banning the tools won't work long term.

Credit: Dreamstime

Investment banking firm Morgan Stanley has punished some of its employees with fines that topped more than $1 million for breaching compliance rules by using WhatsApp and iMessage for business communications.

The fines were levied by docking previous bonuses or future pay, according to a report in the Financial Times.

While the fines might seem steep, Morgan Stanley itself has had to pay millions of dollars in fines for previous SEC violations related to the use of consumer messaging apps for business purposes.

Last September, the US Securities and Exchange Commission (SEC) fined big-name banks and brokerages a collective $1.8 billion over workers’ use of private texting apps to discuss work and for not always saving those messages. The fines include $1.1 billion assessed by the SEC and a $710 million fine from the Commodity Futures Trading Commission (CFTC).

Morgan Stanley was among the more than a dozen financial services firms fined and had to pay more than $200 million. In 2020, Morgan Stanley suffered a major security breach related to two senior employees in the bank’s commodities division who were using personal messaging apps. The employees were fired.

In the most recent violation of company policy against using unauthorised and unmonitored communications channels, the bank hit employees with fines that ranged from few thousand dollars to more than $1 million per person.

The penalties were based on a points system that takes into account factors including the number of messages sent, the banker’s seniority, and whether they received prior warnings, said people briefed on the matter, according to reports.

Morgan Stanley, which has required its workers to return to the office five days a week did not immediately respond to a request for comment by Computerworld.

Shiran Weitzman, CEO of mobile risk intelligence platform provider Shield, said imposing bans on popular communications applications such as WhatsApp and iMessage is a temporary solution. Employees are eventually going to use what’s most popular and convenient.

Last year’s spate of financial services fines by regulators over improper use of messaging platforms was a shot across the bow — a statement that the industry needed to clean up its act, and “put some order in the house,” Weitzman said.

The problem, however, is the banking industry and other businesses with high-touch business services often see employees simply adopt the most convenient communications platforms.

“The requirements for WhatsApp or iMessage are similar as for any communication channel a bank is using — email, Slack, Microsoft Teams, Zoom, whatever. Anyone communicating on behalf of the bank…needs to be monitored,” Weitzman said. “With today’s technologies, it’s doable. Why they haven’t done it, that’s a different question. I have my guesses.

“It’s not a technology play,” he continued. “It’s very hard for them to [change]. They’re large organisations and every time they need to apply some new technology or requirement, they need to do it on a global level.”

During the pandemic, bankers forced to work remotely became comfortable using popular consumer messaging platforms because their clients were also using them. They were simply more convenient and at the time financial services companies relaxed their oversight of mobile communications services.

Weitzman said banks need to focus on enabling the best tools with security and monitoring software, which uses APIs to track communications and flag suspicious communications while still keeping conversations private. Though possible, banning  employees from using the latest communications technologies is not conducive to good business.

“WhatsApp and iMessage, that’s forward thinking,” Weitzman said. “You need to be able to capture the message. And, the employee needs to fully acknowledge this is happening and give their consent. But I believe it will take time for this message to come down to [financial services firms], and I’m afraid there will be additional fines before it does.”

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags WhatsApp


EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.


ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Show Comments