Morgan Stanley has agreed to pay $200m to US regulators SEC and CFTC to resolve investigations into its record-keeping practices, according to Reuters.
The bank will pay the US SEC $125m as well as the Commodity Futures Trading Commission $75m to resolve probes into employee communications on messaging platforms that had not been approved by the company.
Reuters highlighted that Morgan Stanley has already set aside $200m in its second quarter earnings to prepare for the penalty. In a separate development, Bank of America earmarked about $200m for unauthorised electronic messaging by its employees, while Barclays and Citigroup also put aside cash to cover similar expected fines.
The SEC has also been looking into whether Wall Street banks have been adequately logging employees’ text messages and emails as bankers moved to remote working during the pandemic.
Regulators require banks to keep records of their staff communications, and typically ban the use of personal email, texts and messaging applications for work purposes.
Earlier this year, SEC allocated 20 new positions to the unit focused on protecting investors in crypto markets and from cyber-related threats.
The newly renamed Crypto Assets and Cyber Unit will now officially grow to 50 full-time positions.
Back in March, SEC proposed rule amendments to enhance and standardise disclosure regard cyber risk management, strategy, governance and incident reporting by public firms.
According to the SEC, the proposed amendments would require current reporting about material cybersecurity incidents and periodic reporting to provide updates about previously reported cybersecurity incidents.
Copyright © 2022 RegTech Analyst
Copyright © 2018 RegTech Analyst