In Market Watch 66, the FCA reminded firms of its requirements for firms in relation to recording telephone conversations and electronic communications. The current rules relating to recording came into effect with MiFIDII on 3 January 2018.
The telephone conversations and electronic communications referred to are those that are intended to result in the performance of the activities listed in SYSC 10A, even if those conversations or communications do not in fact result in the performance of such activities. Depending on the circumstances, this may also include internal conversations concerning in-scope activities. The activities are:
- arranging (bringing about) deals in investments;
- dealing in investments as agent;
- dealing in investments as principal;
- managing investments;
- managing a UK UCITS to the extent that this comprises the function of investment management referred to in Annex II of the UCITS Directive;
- managing an AIF to the extent that this comprises the function of portfolio management referred to in Annex I of the AIFMD;
- establishing, operating or winding up a collective investment scheme to the extent that this comprises scheme management activity.
The rules require that all Apps used for in-scope activities on business devices are recorded and auditable. Further, firms must take all reasonable steps to prevent an employee or contractor from making, sending, or receiving relevant telephone conversations and electronic communications on privately-owned equipment which the firm is unable to record or copy.
The reminder was published because the FCA has found issues in firms where alternative working arrangements have been put in place, including, for example, increased homeworking or the use of new/different technology resulting from the pandemic. The FCA has acted against individuals and firms for misconduct which involved the use of WhatsApp and other social media platforms to arrange deals and provide investment advice. The FCA stated, “We view these actions as serious and have sought orders preventing such individuals from carrying out these activities in the future. We expect this to remain an area of focus.”
MiFID optional exemption firms
The rules provide an alternative to actual recording for adviser firms that are MiFID optional exemption firms, providing services solely or mainly to retail clients. Where the recording rule would otherwise apply, such firms may instead record the content of telephone calls using a written minute or note. The minute or note must include all relevant, and at least the following, information:
- date and time of the conversation;
- identity of the individual participants in the conversation;
- initiator of the conversation; and
- relevant information about the client order, including the price, volume, type of order and when it will be transmitted or executed.
As is required for actual recordings, these file notes or minutes must be:
- stored in a durable medium which allows them to be replayed or copied; and
- retained in a format that does not allow the original record to be altered or deleted.
Other risks to consider
- Staff working from home using business devices/apps
This should be business as usual, but the employee’s broadband connection may not be secured to the same standard as the usual business connection.
- Staff working from home using personal devices/apps
In addition to the potential connection security issue, use of personal devices or the installation of non-approved apps on personal or business devices might further compromise data security. Would you know if either situation applies? Is there a policy on this? How do you ensure recordings or file notes are created, tamper-proof and auditable?
- Data protection
Client personal data, whether hard copy or electronic needs to be as secure if the employee is homeworking as would apply in the office.
Do homeworking employees have an adequate workstation at home or are they perched precariously on a small corner of the dining table?