Introduction
NatWest Group has implemented a policy prohibiting the use of unapproved messaging platforms for business communications on corporate devices. This decision is part of a broader effort to ensure compliance with regulatory standards and maintain accountability within financial institutions.
Description
NatWest Group has prohibited the use of unapproved messaging platforms, including WhatsApp [1] [2] [3] [6] [7] [13], Facebook Messenger [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [12] [13], and Skype [1] [4] [5] [7] [8] [9] [10] [12], for business communications on corporate devices [8], effective 6 November. This decision aims to ensure that employees utilize only “approved channels” for work-related conversations [8], as non-approved platforms pose challenges in retrieving messages and may allow for messages to disappear [8], complicating investigations into potential misconduct [8]. This policy aligns with the bank’s existing framework to restrict communication to sanctioned channels that guarantee retrievable records for business matters. A spokesperson for NatWest emphasized the importance of using approved communication methods to maintain oversight and accountability [3], addressing concerns over off-channel communications that complicate compliance with document retention regulations [1].
The ban responds to increasing scrutiny over communication practices within financial institutions [11], particularly following significant fines imposed on firms for failing to adhere to record-keeping rules. In recent years [1], US banks [1] [13], including JPMorgan Chase [7] [11], Wells Fargo [7], Bank of America [7], and Citigroup [7], have collectively faced over $2.8 billion in penalties due to breaches involving unapproved communication tools. Notably, Morgan Stanley was fined £5.41 million by Ofgem for not retaining electronic trading communications made via WhatsApp on personal devices [1] [7], underscoring the risks associated with unofficial communication methods [6].
Although NatWest has not yet faced penalties [11], this policy shift aligns with the Financial Conduct Authority’s (FCA) ongoing evaluation of UK financial firms’ communication practices [11]. Employees are instructed to utilize approved channels, such as email and text, which provide retrievable records for scrutiny and potential investigations [4]. This decision marks a significant enforcement of existing policies that have advised against the use of unapproved apps for business discussions for several years, aiming to enhance internal communication practices and ensure that business-related communications occur through platforms that maintain a retrievable record of messages [13].
The FCA is reportedly focusing on preventing market abuse and misconduct, having surveyed banks about their employees’ use of encrypted messaging services and the associated risks [9]. While the FCA has not yet enforced penalties against banks for using unapproved communication methods [10], experts suggest it is only a matter of time before they follow the SEC’s lead [10]. Concerns regarding the retrievability of messages sent through unapproved platforms have prompted this change [9], as encrypted messages can be deleted, complicating record-keeping [11] [12].
Issues with off-channel communications have also emerged in the public sector [12], notably during the UK Covid inquiry [12], which revealed that government officials [7], including former Prime Minister Boris Johnson [7] [12], used WhatsApp for official communications and deleted related messages during the pandemic [7]. This trend has prompted organizations like NatWest to enhance their compliance measures and secure communication practices to ensure transparency and adherence to regulatory standards. Despite the implementation of such restrictions [13], a 2023 report indicated that only a small percentage of organizations found these bans effective in meeting regulatory standards [13], further highlighting the need for stricter communication policies within the banking sector.
Conclusion
The prohibition of unapproved messaging platforms by NatWest Group underscores the importance of regulatory compliance and accountability in financial communications. By enforcing the use of approved channels, NatWest aims to mitigate risks associated with message retrievability and potential misconduct. As regulatory bodies like the FCA continue to scrutinize communication practices, financial institutions may face increased pressure to adopt stricter policies. This shift not only addresses current compliance challenges but also sets a precedent for future communication standards within the industry.
References
[1] https://nationaltechnology.co.uk/Natwestgroupblocksstafffromusingwhatsappfacebookmessengerskype.php
[2] https://www.techradar.com/pro/security/natwest-has-blocked-staff-from-using-facebook-messenger-and-whatsapp
[3] https://www.inkl.com/news/natwest-blocks-employees-from-using-whatsapp-and-facebook-messenger
[4] https://www.irishnews.com/news/uk/natwest-blocks-apps-including-whatsapp-from-work-devices-Z5GJ7LW4IFJG7C4OUOVAWSPKCU/
[5] https://www.cybersecurityintelligence.com/blog/bank-blocks-staff-from-using-whatsapp-and-facebook-messenger-8057.html
[6] https://www.finextra.com/newsarticle/45049/natwest-blocks-whatsapp
[7] https://www.fstech.co.uk/fst/Natwestbansstafffromusingfacebookmessengerand_whatsapp.php
[8] https://www.digit.fyi/natwest-bans-workers-from-using-whatsapp-and-facebook-messenger/
[9] https://www.personneltoday.com/hr/natwest-work-communications/
[10] https://www.mirror.co.uk/news/business/natwest-blocks-staff-using-whatsapp-34098403
[11] https://www.scottishfinancialnews.com/articles/rbs-owner-natwest-bans-whatsapp-for-employees-amid-regulatory-crackdown
[12] https://www.bbc.co.uk/news/articles/cvgl72lrd50o
[13] https://www.itpro.com/security/data-protection/natwest-just-banned-staff-from-using-whatsapp-at-work-heres-why
