Using unapproved tools for work can lead to hefty fines. This is the lesson recently learned by the likes of Bank of America and JP Morgan Chase & Company, who are being served over $1 billion in fines by the US Securities and Exchange Commission (SEC.)

The reason: company-wide use of messaging tools that have not been approved under SEC regulations for corporate record keeping.

Last year, the SEC began an investigation of record-keeping practices among major players in the American banking industry, particularly concerning using personal devices to send and receive work-related messages via email or applications like WhatsApp. Based on several bank disclosures, the Commodity Futures Trading Commission (CFTC) is investigating the same issue.

A Price to Pay

Last year, the SEC and CFTC fined JP Morgan’s broker-dealer subsidiary $200 million for failing to save relevant communiques recorded on employees’ mobile devices either as email or messages sent within apps. Company executives acknowledged the said violation. The JP Morgan penalty was the first to be enacted under the leadership of current SEC chairman Gary Gensler.

Meanwhile, Bank of America set aside $200 million in the second quarter of this year to settle litigation regarding unauthorized electronic messaging by some of its employees. Back in July, the company stated that it was working on a settlement with both the SEC and the CFTC.

Another bank that has been drawn into hot water by the issue is Citigroup which is currently under investigation for several communiques sent through unauthorized channels by its employees. The company disclosed the issue in a regulatory filing back in February. According to Citigroup chief financial officer Mark Mason, the company already has a contingency fund to settle any litigation but did not disclose how much was set aside for this particular issue. However, he did say it was aligned with similar disclosures made by other banks.

Goldman Sachs, on the other hand, declared in its Q2 disclosure that it was discussing the resolution of the probes with relevant officials in the SEC and CFTC.

Not the Only Ones

But American banks are not the only ones being probed over the use of unauthorized communication channels and devices among their employees. Foreign banks operating in the United States have also been the subject of similar investigations.

Among those currently under investigation or in the process of settlement are Swiss bank UBS, Deutsche Bank, Barclay’s of London, and the Credit Suisse Group.