On November 11, 2010 the Financial Services Authority, “FSA,” produced final rules regarding the use of mobile phones for business. Consultation Paper, CP 10/7, Taping: Removing the Mobile Phone Exemption, explicitly states that company used mobile phones must be recorded and stored. After a number of financial scandals that have rocked the financial services industry, the FSA has finally taken action. This new change will apply to banks; stockbrokers; investment managers, including hedge fund managers; financial and commodity derivatives firms.
The FSA did take the objections by financial firms under consideration, and as a result, firms will have a year to comply with the new standards and to develop policies and procedures reasonably designed to prohibit the use of non-company issued mobile phones for business purposes. In addition, the FSA recognizes that firms will need to store huge amounts of data and as a result they limited the record retention time frame of the communications to 6 months. It is important to note that financial firms will need to determine if their business models require them to be subject to the FSA’s mobile taping rule requirements.
Firms are going to need to conduct a risk assessment and determine who uses company issued mobile devices. The next issue will be how can companies develop reasonable policies and procedures designed to prevent the use of non-company mobile phones for business purposes? One way to accomplish this is by having all personnel sign a statement of understanding acknowledging that they have read the new policies and procedures, understand them, and attest that they will not use non-company assets for business purposes. Within the procedures, firms must explain where these attestations will be maintained and how the policies and procedures will be tested. If firms use an outside vendor for mobile compliance, the firms should get a statement from the vendor that the data is stored in a write once read many type format and that the vendor has policies and procedures reasonably designed to protect the integrity and security of the data.
Mary Schapiro, the Chairman of the Securities and Exchange Commission, “SEC,” and Lord Turner, the Chairman of the FSA held meetings on November 15th to discuss cross border regulatory co-ordination. As more scandals are uncovered and the individuals prosecuted, regulators will push to gain access to more information. Since the technology exists and the need for such regulation exists, it is only a matter of time before the SEC and State Securities regulators are pushing for similar rules and regulations regarding the use of mobile phones for business purposes.