Insider trading, a Russian banker and WhatsApp – the case for Audit

Nothing grabs the headlines like a story of a Russian banker that avoided being prosecuted for insider trading, with links to the polonium poisoning case in 2006 for good measure.  The banker in question deleted WhatsApp software from his phone before he handed it over to the investigators for the Financial Conduct Authority (FCA).  He said he deleted it to hide his friendship with a Russian politician, which would cause embarrassment if it were widely known.

Enterprise Apps for Business Communications

It got us thinking, this is a stark reminder not to mix business and personal communications – better to have an entirely different app for each.  Financial services business communications should be conducted using a suitable, commercial platform, that provides audit capabilities as standard. When all calls/messages/videos are audited, there can be no question over who said what to whom and when.  Even if the app is deleted from the phone, the audit log is still held centrally.

Home working increases the risks

With many more people now working from home, keeping sensitive commercial information secure is more important than ever. www.finextra.com recently ran a story explaining why the increasing numbers of people working remotely could lead to an increase in the instance of insider trading.

https://www.finextra.com/blogposting/19184/why-monitoring-news-to-detect-insider-trading-is-now-essential

“As a result of Covid-19, both the FCA and FICC Markets Standards Board (FMSB) have said they expect the combination of financial service employees working from non-office locations, alongside high levels of crisis-driven corporate fundraising, to create a perfect storm of conditions for potential insider trading. At the height of the lockdown, the majority of traders were working remotely – one survey showed that almost 60% of FX traders were working from home. Both the FCA and FMSB have raised concerns about the possibility that in such circumstances material non-public information (MNPI) could be overheard or inadvertently disclosed in other ways.”

In the same publication, Jonathan Pagett, acting CISO at the Bank of England observes that while the central bank already had strong remote access solutions in place including softphones on laptops, the challenge has been a shift in reliance on those core systems. He notes that there is the potential for an erosion of a strong security culture, and that there is a risk of people using unsanctioned shadow IT. https://www.finextra.com/newsarticle/36709/sibos-2020-is-ransomware-as-a-service-a-symptom-of-innovation/crime

Don’t Mix Business and Personal

There are many reasons to ensure that employees use the appropriate software during business communications with colleagues. While there may always be rotten apples, providing suitable mobile communication solutions to employees helps the rest to stay vigilant, and is a reminder to stick to company security best practice.

And on a slightly different note, if you don’t feel you need some of the advanced features of Armour Mobile but still want to keep complete control over your communications, your meta-data, and your contact lists, SigNet by Armour is just the job!! 

With or without audit, Armour Comms can help.

Contact us