Morgan Stanley Bankers Left Over a Banned Chat App. But WhatsApp Violations Are Hardly Rare.

According to Symphony Communication founder David Gurle, Morgan Stanley isn’t the only bank dealing with this problem.

(Roy Liu/Bloomberg)

(Roy Liu/Bloomberg)

Nancy King spent her 34-year-long career at Morgan Stanley, rising through the ranks to become a managing director, overseeing global commodities trading.

Jay Rubenstein, too, spent his entire 13-year career at the firm, eventually joining King in commodities trading oversight. But their tenures at the firm were cut short this week after the two failed to supervise unauthorized communications via WhatsApp, a source familiar with the matter said. Bloomberg reported earlier this week that Rubenstein and King were leaving Morgan Stanley after compliance breaches linked to the communication tool.

According to one expert, though, this type of communication isn’t unusual in the industry.

“This happens all the time,” said David Gurle, chief executive officer and founder at Symphony Communication Services. “This is constant for us.” His company offers encrypted chat services used by major banks such as JPMorgan Chase & Co. and Morgan Stanley.

In April, Bloomberg reported that JPMorgan punished more than a dozen traders for using WhatsApp at work: one was fired, while others had their bonuses cut. And in 2017, a former Jefferies Financial Group banker faced a £37,198 fine (about $48,449) from the U.K.’s Financial Conduct Authority after sharing confidential information over WhatsApp.

In Gurle’s view, it is clear that other companies have experienced the same situation — it just hasn’t been made public.

Regulators in many countries require banks to closely monitor employees’ communications. In the U.S., the Securities and Exchange Commission requires broker-dealers to keep original copies of their electronic communications related to the business for at least three years.

And banks are keen to comply.

Citigroup, for instance, disallows any use of personal email, blogs, websites, or unapproved social media accounts to conduct business, according to a source familiar with the matter. Business use of social media is also subject to approval. Citi is one of Symphony’s clients.

“You can’t use nonapproved communication tools to do business, period,” Gurle said. “This is really taken very seriously by the companies.” He added that companies may step in and discipline employees before a regulator ever gets involved.

Although Gurle said he didn’t know the specifics of how the communications between Morgan Stanley traders were caught, he did provide an example of how something like this could happen.

A series of conversations usually take place leading up to a deal or acquisition. If someone makes a mistake during a transaction process, an operations team would go back and look at the chat logs to reconcile what happened, Gurle said. If they find a gap in the conversation thread, they would then investigate employees’ other communications.

[II Deep Dive: Your Home Office Is a Hacker’s Paradise. Here’s Why.]

Since the Morgan Stanley incident, Symphony has seen an uptick in inquiries from potential clients.

“We tend to get a lot of attention where there’s an event like this,” Gurle said. “People realize this is serious.”

A spokesperson for Morgan Stanley declined to comment. King and Rubenstein did not return LinkedIn messages seeking comment.

Related