SEC Charges Underscore Importance of Digital Communication Management

J.P. Morgan Securities has agreed to pay $125 million to resolve what the SEC calls ‘longstanding failures by the firm and its employees’ to maintain and preserve certain digital communications.

Earlier this month, the Securities and Exchange Commission (SEC) announced charges against J.P. Morgan Securities LLC (JPMS), a broker/dealer subsidiary of JPMorgan Chase & Co., alleging “widespread and longstanding failures by the firm and its employees to maintain and preserve written communications.”

According to a statement from the SEC, JPMS admitted the facts set forth in the SEC’s order and acknowledged that its conduct violated federal securities laws. In turn, the company has agreed to pay a $125 million penalty and implement robust improvements to its compliance policies and procedures to settle the matter.

Commenting on the charges, SEC Chair Gary Gensler notes that recordkeeping and books-and-records obligations have been an essential part of market integrity and a foundational component of the SEC’s ability to be “an effective cop on the beat.”

“As technology changes, it’s even more important that registrants ensure that their communications are appropriately recorded and are not conducted outside of official channels in order to avoid market oversight,” Gensler says. “Unfortunately, in the past, we’ve seen violations in the financial markets that were committed using unofficial communications channels, such as the foreign exchange scandal of 2013. Books-and-records obligations help the SEC conduct its important examinations and enforcement work. They build trust in our system.”

As described in the SEC’s order, JPMS admitted that from at least January 2018 through November 2020, its employees often communicated about securities business matters on their personal devices, using text messages, WhatsApp, and personal email accounts. According to the SEC, none of these records were preserved by the firm as required by the federal securities laws. JPMS further admitted that supervisors, including managing directors and other senior supervisors responsible for implementing and ensuring compliance with JPMS’s stated policies and procedures, also used their personal devices to communicate about the firm’s securities business.

The charges and penalty settlement come some three years after a Risk Alert publication issued by the SEC’s Office of Compliance Inspections and Examinations (OCIE) encouraged advisers to “review their risks, practices, policies and procedures regarding electronic messaging.” That guidance, in turn, followed on the heels of various advisory firms, broker/dealers and other financial services providers rolling out new text-based communication solutions to their reps. In the Risk Alert, regulators reminded financial professionals of their duties under the Advisers Act Rule 204-2, known as the “Books and Records Rule.” The alert further encouraged firms to proactively consider “improvements to their compliance programs that would help them comply with applicable regulatory requirements.”

According to the Risk Alert, OCIE examiners had noticed an increasing use of various types of electronic messaging by adviser personnel for business-related communications. Many of the solutions had been reviewed and approved by FINRA, but the SEC noted that its own Books and Records Rule is distinct from any FINRA regulations and applies to digital as well as print communications. 

In the JPMS matter, the SEC says it sent both subpoenas for documents and voluntary requests across a variety of investigations that its staff undertook during the time period mentioned above. However, in responding to these subpoenas and requests, JPMS frequently did not search for relevant records contained on the personal devices of its employees, the SEC’s order states.

Commenting on the findings and penalty, Gurbir Grewal, director of the SEC’s Division of Enforcement, says recordkeeping requirements are core to the SEC’s enforcement and examination programs—and when firms fail to comply with them, they directly undermine the regulator’s ability to protect investors and preserve market integrity.

“We encourage registrants to not only scrutinize their document preservation processes and self-report failures such as those outlined in today’s action before we identify them, but to also consider the types of policies and procedures [JPMS] implemented to redress its failures in this case,” Grewal adds.

Specifically, JPMS agreed to the entry of an order in which it admitted to the SEC’s factual findings and its conclusion that JPMS’s conduct violated Section 17(a) of the Securities Exchange Act of 1934 and Rules 17a-4(b)(4) and 17a-4(j) thereunder, and that the firm failed to reasonably supervise its employees with a view to preventing or detecting certain of its employees’ aiding and abetting violations. JPMS was ordered to cease and desist from future violations of those provisions, was censured and was ordered to pay the $125 million penalty.

Firms that believe that their record preservation practices do not comply with the securities laws are encouraged to contact the SEC at