One of the most rapidly growing types of software in corporate America is digital collaboration tools like Microsoft Teams and Slack, and financial services firms are among those adopting them.
More than 60% of financial firms now allow the use of these collaboration tools to communicate via instant text message, audio calls and video chat, as well as to share files and schedule meetings, according to a survey of 300 compliance professionals by technology firm Smarsh.
[Recommended Video: Jessica Liberi of eMoney: The essentials of adoption and integration]
But 20% of the firms that allow the use of these platforms don't have a written policy as they do for email, giving rise to new compliance risks. Of those that do have a policy, less than a quarter have archiving or supervision processes in place.
A third allow the use of meeting applications, which often now include chat and file-sharing features, without any restrictions or policies governing their use.
When the adoption of technology and compliance controls are not in sync, it creates what Robert Cruz, senior director of information governance at Smarsh, calls a "compliance gap."
Part of the problem is that adoption is often driven by staff before compliance and legal teams can assess the risk and put proper guardrails in place.
"In fact, [these tools] look like a place to socialize with 'chat buddies,' versus potentially carrying risks not only [involving] compliance, but also in introducing potential leaks of intellectual property and data that can escape with departing employees," Mr. Cruz said in an email. "In short, these items are hitting review workflows now and compliance teams are not comfortable in their ability to identify and remediate the risks."
Though it has been a year since the Securities and Exchange Commission's Office of Compliance Inspections and Examinations issued an alert regarding text messages, Smarsh's survey found a compliance gap persists. Forty percent of firms that allow texting don't have archiving or supervision in place, even as 77% of respondents identified texting as the greatest compliance risk.
They survey also found an ongoing compliance gap for social media. The biggest offender is Instagram: only half of the firms that allow the app have an archiving and supervision system in place.