Is Your Instant Messaging Technology Up to the Task?

Many IM vendors offer products that facilitate compliance with retention requirements for the financial services industry.

Regulated firms can install technology tools that capture, retain, and archive instant messages in a secure manner that allows both internal compliance officers and outside regulators to retrieve messages as needed.

Some of the leading IM gateway vendors—including IMlogic, FaceTime Communications, and Akonix—have partnered with e-mail and document archiving and security firms—including Clear-swift, Iron Mountain, Legato, KVS, and Zantaz—to provide businesses with a comprehensive IM and e-mail solution. ^[8]

The hope of IM technology vendors, of course, is that the financial services industry will invest in new technology to help manage IM use and abuse, rather than abandoning IM altogether to avoid risk.

In response to the heightened regulatory environment, the Financial Services Instant Messaging Association (FIMA) has been formed to encourage technology vendors to develop effective, accessible IM tools to meet the real-time communications needs of the broker-dealers and investment bankers who rely on IM for internal and external communications. Along with security, encryption, authentication, logging, and archiving, the desire for IM interoperability (enabling one IM product to communicate with another) is among FIMA’s top concerns. ^[9]

Whether considering an enterprise IM solution or a gateway product to help manage IM risk, it is essential that regulated firms select technology that automates the monitoring, retention, archiving, retrieval, and purging of instant messages in compliance with SEC, NASD, and NYSE guidelines.

Financial services firms should also install content filters to capture messages that use potentially problematic words like ‘‘ guarantee’’ or ‘‘rumor.’’ The organization’s compliance officer or lawyer can review those IM conversations to ensure that neither laws nor corporate policies were broken. ^[10]

The SEC fined five Wall Street brokerage firms $8.25 million in 2002 for failing to retain e-mail according to regulations. ^[11]

With new IM content, retention, and archiving rules in place, expect regulators to start taking an equally tough stance with IM records.

Don’t leave compliance to chance. Whether you use an enterprise IM system or install a gateway product to support employee use of personal IM tools, be sure your system allows for the monitoring, retention, filtering, purging, and archiving of IM in compliance with SEC, NASD, NYSE, and other applicable regulatory requirements.

^[8]Mark Berniker, ‘‘NASD: Yes, Securities Firms Need to Retain IM,’’ InstantMessagingPlanet.com (June 19, 2003), www .instantmessagingplanet.com/enterprise/print.php/2225031.

^[9]Christopher Saunders, ‘‘Pushing for IM Interop in the Finance World,’’ InstantMessagingPlanet.com (September 2, 2003), www.instantmessagingplanet.com/enterprise/article.php/3071501 .

^[10]Jane Black, ‘‘Why Offices Are Now Open Secrets,’’ Business-Week Online (September 16, 2003), www.businessweek.com/print/technology/content/sep2003/tc20030916_1563_tc129 .

^[11]Nicholas Varchaver, ‘‘The Perils of E-Mail,’’ Fortune ( February 17, 2003), 96.