Stay in the know. Subscribe to Currents

Recordkeeping Revamps and Regulatory Rigor

4 Mins read

The typical narrative is that as time passes, digital regulation becomes more stringent. Accountability becomes a greater requirement as technology continues to advance and occupy a more meaningful proportion of our professional lives. There’s nothing new here, and yet recent regulatory activity has been even more intense than expected across a variety of global organizations.

Stateside, the Securities Exchange Commission (SEC) and Financial Regulation Authority (FINRA) are continuing to demonstrate characteristic aggression while expanding the demands placed on firms under their jurisdiction. Meanwhile, in the UK, the Financial Conduct Authority (FCA) appears to have woken up from a period of relative indifference.


FINRA’s 2024 Regulatory Oversight Report provided new steps for firms to implement in their quest for compliance. Companies are now asked what they are doing to capture business correspondence through off-channel avenues, and whether they are actively monitoring for new communications platforms that may be available to advisers.

FINRA directly recommends that firms surveil if approved channels are underutilized, signifying that alternatives are being used. They’re also asked to look out for ‘indicia of communications occurring off-channel’, i.e. references to other conversations on unsanctioned domains.

These updates are significant because of what they represent. Trusting employees to follow protocol is no longer enough – the surveillance element is now more pronounced, and compliance teams are expected to do the detective work to understand the regulatory landscape and make sure employee conduct is appropriate. This places a greater burden of responsibility across every organization, and makes it very difficult for leaders to look the other way and then plead ignorance.


Applying standards across the industry

We’re all aware of the industry’s ongoing probe into “off channel” communications, i.e. the WhatsApp fines, which have dominated headlines for a couple of years now. On April 3, 2024, the SEC announced its first enforcement action against a registered investment adviser (RIA) with no ties to a broker-dealer.

This action is a statement of intent – it exemplifies Enforcement Director Gurbir Grewal’s desire to apply fundamental standards across the industry, and not just to the eye-catching JP Morgans of this world. This is not a box-ticking exercise, but a shift to the ‘culture of proactive compliance’ that he strives for.


Following criticism around arbitrary enforcement, the SEC has denied that it is ‘picking numbers at random’ when determining fines around off-channel communications. Rather than the size of a firm or scope of their misconduct, the most impactful factor is in fact whether a company has self-reported their violations.

By providing an opportunity for companies to self-report on past lapses and establish the correct compliance procedures proactively in exchange for leniency, the SEC is clearly trying to expedite the process of cultural upheaval.

Marketing Rule

The marketing rule signaled a regulatory evolution when it landed in late 2022. Consumer protection was top of the agenda, but it has taken some time for the regulator to bare its teeth on enforcement. We are now seeing some progress, with companies being held accountable for passing outlandish speculation as legitimate advice.

In April the SEC imposed $200,000 in fines over marketing rule violations. Five RIAs were charged, with all five accepting that they misled consumers by advertising model performance which they could not substantiate. GeaSphere LLC was hit with the heaviest penalty of $100,000.

Another Risk Alert was issued around this time, with the regulator addressing common marketing rule pitfalls like those mentioned above.

“The findings point to numerous instances of noncompliance, ranging from unsubstantiated claims to misleading advertising tactics, raising concerns about the transparency and accuracy of information available to investors.”


Historically, the FCA has developed a reputation for weak enforcement, particularly in comparison to its US counterparts. This report from the National Audit Office (NAO) in December 2023 acknowledged that in order to match the UK government’s ambitions for the sector, they would need to improve on past ‘regulatory failures’. In recent months, they have obliged.

In November 2023, they issued a call-to-action highlighting lapses around Consumer Duty compliance, including the promotion of high-risk or complex products, opacity on fees, and insufficient consideration of consumer understanding. The regulator also began to directly engage with noncompliant firms, conducting onsite visits and issuing Section 165 information requests.

In March 2024, following a review into retirement income advice, the FCA wrote to the CEOs of financial firms and told them to review their processes. They also warned that ‘the honeymoon period is over’ around Consumer Duty enforcement, and revealed plans to publicly share details of any businesses under investigation.

The ‘name and shame’ policy was met with widespread backlash across the industry, including British Chancellor of the Exchequer, Jeremy Hunt. While unpopular, it signifies how unprecedented and potentially impactful the FCA’s change of strategy can be.

How can firms keep up?

As we can see from the three organizations highlighted above, it has been a particularly busy start to 2024 across regulatory compliance. It’s easy to wonder when it all ends – if regulations are in a constant state of flux, is there really any point shooting at a perennially moving target?

The answer is a resounding ‘yes’. Regulatory enforcement is on the rise across compliance, so there could be very real and expensive consequences for those that don’t comply. Crucially, transparency is also on the rise. Regulators across global finance are being extremely candid and detailed about their expectations, and while those demands may be new and frustrating for many, at least firms know exactly where they stand.

There’s no ambiguity here. It would be foolish to ignore such precise instructions, and if that is what transpires, companies will only have themselves to blame.

Harriet Christie, Chief Operating Officer – Harriet graduated from the University of Sheffield in 2010. She entered the Tourism space at, earning the title of Global Accounts Manager within 3 years. In 2018 she began working as a Key Account Manager with MirrorWeb, a communications surveillance solution based in Manchester. Harriet was appointed Chief Operating Officer in 2020, and has overseen the business’ impressive growth.

Regulatory rigor stock image by rafapress/Shutterstock

Related posts

Methods to Check Database Corruption in SQL Server

6 Mins read
Database corruption in SQL Server, a Relational Database Management System, can pose a major threat to organizations’ functioning due to data loss…

The Generative Generation: AI, Chatbots and Financial Compliance

5 Mins read
In March 2023, SEC Chairman Gary Gensler described AI (Artificial Intelligence) as “the most transformative technology of our time, on par with…

Want Higher Profits and Morale in Your Business? Keep Your Employees

3 Mins read
Despite the existing data, many employers remain oblivious to the silent profit killer lurking within their companies: employee turnover. While attracting top…