Bank of America has set aside $200 million in anticipation of an enforcement action related to unauthorized use of personal devices.

Chief Financial Officer Alastair Borthwick said Monday during the bank’s second-quarter earnings call that the matter is related to “the use of unapproved personal devices, and that has not yet been fully resolved.”

U.S. regulators, namely the Securities and Exchange Commission (SEC), have placed increased scrutiny on bankers’ electronic communications—via emails, text message, messaging apps, and more—during the pandemic, when many employees have worked from home. Banks are supposed to monitor all work-related electronic communications by their employees; collect and store those communications; and make them available for review by their compliance team and, if necessary, regulators.

Regulators have acted against banks for failing to monitor all types of electronic communications by employees.

In December, the SEC and Commodity Futures Trading Commission fined JPMorgan Chase a total of $200 million for failure to maintain records of communications on securities, commodities, and swaps business matters made on bank employees’ personal devices. The regulators concluded the practice occurred over several years and was widespread among all levels of employees, including at the senior level.

Amid the increased scrutiny, banks are being more proactive in this area to avoid becoming the target of an enforcement action.

Deutsche Bank has begun installing an application on bankers’ phones to track all their communications with clients, according to a report on investor news website PublicWire. The app, called Movius, allows compliance staff to monitor calls, texts, and WhatsApp chats, the story said. Banks and financial institutions including JPMorgan Chase, UBS, Julius Baer, Jefferies, and Cantor Fitzgerald have all made use of the app, according to PublicWire.

Credit Suisse this year fired a senior investment banker for sending messages to clients using unauthorized forms of communication, according to a report from the Financial Times. Credit Suisse made the move despite the fact the banker reportedly had not shared anything inappropriate in those unauthorized messages.

During the Bank of America earnings call, Borthwick also referred to the $225 million in fines against the bank announced last week by the Office of the Comptroller of the Currency and the Consumer Financial Protection Bureau regarding its hypervigilant fraud prevention program that allegedly froze prepaid unemployment benefit cards in 12 states during the pandemic when there was no evidence of fraud.

Aaron Nicodemus covers regulatory policy and compliance trends for Compliance Week. He previously worked as a reporter for Bloomberg Law and as business editor at the Telegram & Gazette in Worcester, Mass.

Topics