The UK’s Financial Conduct Authority (FCA) is currently investigating allegations that former Credit Suisse employees used the WhatsApp messaging platform to share confidential information, according to documents reviewed by Reuters. The probe is focused on a group of staff within Credit Suisse’s London research unit, comprising approximately 100 employees, spanning the period from mid-2022 to early 2023.
The FCA began reviewing these allegations in late February 2023, shortly before the Swiss government facilitated Credit Suisse’s acquisition by UBS. According to documents dated June 2024, the FCA is still collecting evidence, with regulators indicating potential action could be taken once sufficient information is gathered.
The allegations point to the use of personal devices by Credit Suisse employees to communicate about sensitive business matters, including price-sensitive information about companies they were analyzing. The FCA has expressed concern about the misuse of WhatsApp, especially regarding the transmission of confidential data and the use of “disappearing messages” – a feature that erases messages after a set period. Reports suggest that some employees enabled this function in early 2023, possibly undermining the ability to track and record such communications.
Furthermore, the investigation also examines instances in the summer of 2022, where analysts recorded conversations with senior executives from four listed companies without consent. These recorded discussions were allegedly shared within a WhatsApp group, which is against regulations regarding selective disclosure, particularly when discussing market-sensitive information like profitability and capital planning.
The FCA is assessing whether these actions breached its regulatory standards, which require firms to prevent employees from conducting business communication on private devices that cannot be monitored or recorded. Under FCA rules, financial firms must ensure that business communications are traceable and stored appropriately for regulatory oversight.
Credit Suisse’s failure to comply with these regulations isn’t unprecedented. In 2022, U.S. authorities fined the bank $200 million for failing to monitor employee communications on unauthorized messaging platforms, including WhatsApp. UBS, which took over Credit Suisse, was also penalized for similar infractions.
The investigation could result in significant consequences, including fines, industry bans for individuals involved, or even criminal charges if the allegations are substantiated. If the FCA determines there is enough evidence, the case could be taken further, though such regulatory inquiries are often conducted privately with no fixed timeline.
UBS, which rescued Credit Suisse last year, has denied any knowledge of the FCA’s investigation. A UBS spokesperson confirmed that the company maintains strict internal policies regarding the appropriate use of communication platforms and provides analysts with work phones to ensure compliance.
The ongoing investigation highlights the growing scrutiny of how financial institutions manage electronic communications and the risks posed by informal platforms like WhatsApp, which can circumvent corporate oversight and lead to potential regulatory violations.
