The Compliance Implications of a Remote/Hybrid Workforce in Financial Services

The Compliance Implications of a Remote/Hybrid Workforce in Financial Services

As mutating variants have continued to wreak havoc globally, the evolution of digital communications tools and employee habits means that businesses are constantly playing catch-up with impending legislation. What JP Morgan's historic fine tells us is that despite its diminishing impact, the pandemic’s grace period is over, and ‘adapting to remote work’ will no longer be deemed a valid excuse for failures in regulatory compliance. 

Author: MirrorWeb –



On December 17th 2021, JP Morgan was fined a combined total of $200 million by regulators after admitting to ‘bookkeeping failures’. This centered around the use of employees’ personal devices, from which Whatsapp messages, text messages and emails were sent for business purposes. 

Prior to this, serious penalties for failing to maintain proper records had been rare; the last major SEC fine for such conduct was for $15 million, against Morgan Stanley in 2006. 

The regulator acted decisively, and revealed that this particular inquiry would prompt fresh investigations into other financial firms’ records. 


Not just ‘post-pandemic’

While it may have momentarily (and in fact intermittently) bulldozed offices worldwide, the increase in remote working habits can’t solely be attributed to the impact of COVID-19. In fact, PwC’s Remote Work Survey found that prior to March 2020, 29% of financial services companies had at least 60% of their workforce working from home at least once per week. The percentages will of course have surged dramatically since, but these preceding figures are not insignificant, and reflect a greater openness to the benefits of a remote/hybrid workforce, before companies’ survival was at stake.

For most businesses, however, these advantages have become apparent through necessity; silver linings in an otherwise unfavorable scenario. Aside from additional flexibility and the impact that has on employee satisfaction, the reduction/removal of geographical restrictions has enabled businesses to attract a far greater pool of talent. And while there are some obvious disadvantages to siloed employees, the temptation to rip up the office lease will surely have been too great for many businesses, and particularly those in survival mode.

By being forced to adapt overnight, financial services firms and employees proved that remote work could be implemented, and effectively in many cases. The same PwC survey reported, ‘FS executives told us that 95% or more of their office workers switched to working from home during the crisis and, by and large, they maintained or improved productivity’.

Having proven that they could be trusted to do their jobs outside of the supervised office environment, most employees next found themselves acquainted with the hybrid work model, of which they mostly approved. Over the course of 2021, the number of available permanent remote positions doubled from 9% to 18%, and is expected to increase to 25% by the end of 2022. For those companies embracing remote/hybrid workforces permanently, the impact on regulatory compliance will be significant.


New Tools and Habits

While it was likely to rest at the top of most executives’ agendas, productivity is not the only characteristic to have been affected by a change in working environment.

With cross-desk queries and water cooler conversations now off the agenda, communication tools have had to be harnessed as alternatives, particularly if that all-important employee productivity is to be maintained. Virtual meetings have replaced boardroom discussions, and social media has become a pivotal networking tool in the absence of conferences and live events.

Communication and collaboration tools such as Slack, Zoom and Microsoft Teams have become emblematic of the era, seeing widespread adoption globally. Microsoft Teams alone has risen from 32 million daily active users in March 2020 to 145 million as of October 2021. One by-product of this new generation of tools is that we have seen an escalation in the number of workers using personal phones or tablets for business, as the BYOD trend has taken hold. This certainly complicates the compliance landscape, as perfectly demonstrated by the JP Morgan case.

Data proliferation must also be taken into account, as typed and video communications have largely replaced verbal conversations. Companies need to think hard about where this information will be stored and whether the existing infrastructure can handle such exponential increase. If not, they need to consider their options, whether that means backing up/archiving existing data or investigating the viability of cloud-based solutions.

One undeniable reality is that people tend to be bolder at home, and are more comfortable behaving recklessly online than they would in the office, where they’d be monitored more closely. Bad habits can creep in, and this casual conduct increases the number of compliance risks businesses are forced to contend with. This has been exacerbated by the influx of new devices and communications channels, particularly given the informal ethos that instant messaging and ad hoc virtual meetings can cultivate. It’s therefore vital that any data archiving platform utilized by businesses can capture and store all the communication channels that an organization uses to conduct business.


What to Expect in 2022

With an ever-increasing backlog of ubiquitous tools still awaiting regulatory guidance, it’s no longer practical to wait for direction before determining their suitability for your business. Even within the tools themselves, new functionalities are being added more quickly than the rules can be updated. 

More firms will therefore need to pre-empt what will need to be recorded, and are best advised to err on the side of caution and capture everything, rather than potentially creating an unmanageable backlog. FINRA Rule 3110(b)(4), for example, loosely states that financial institutions must review internal communications and flag those that require review under FINRA regulations, through whatever platform that may be. 


Doing Your Homework

COVID-19 accelerated a transition that had already begun to build mild traction in the financial services industry. Businesses have been forced to realize that physical proximity is not necessarily a requirement for staff, particularly with the communications arsenal now at our disposal.

2020’s seismic and immediate global shift to remote working has exposed advantages that we perhaps wouldn’t have considered if we weren’t forced to experience them. Such serendipity has led to many businesses acknowledging these reciprocal benefits, and embracing a remote or hybrid work model permanently.

This trend is likely to continue. To implement it successfully, firms must incorporate technology that promotes compliant digital collaboration among employees and teams. And rather than waiting for guidance, they should do so in a proactive manner. After all, the adaptation period is over, and a $200 million fine is likely to extinguish even the hardiest of Christmas spirits.


How MirrorWeb can help

Having a deep understanding of regulations from the SEC, FINRA, and various European regulatory bodies, MirrorWeb is a leading provider of compliance solutions including email, SMS and website archiving. The platform is also capable of monitoring and capturing the instant messaging and social media platforms that have surged in popularity since 2020. In addition to helping your company comply with SEC regulations, our solutions and services can also provide insights and additional protections.

Make possibility reality

Become an IA FinTech Member
and see where it takes you.

Login to your account