T
he crackdown on off-channel communications at financial firms isn’t over—it has simply taken a quieter, more targeted turn.
While the U.S. Securities and Exchange Commission drew headlines over the past several years with multibillion-dollar penalties for financial firms where employees communicated with undocumented texts and messages, recent developments suggest that FINRA is continuing to pursue the issue with steady intensity.
In the past several days, compliance observers and industry reporting have pointed to ongoing FINRA enforcement activity tied to unapproved communication channels. Rather than large, broad settlements, the regulator’s current approach appears more embedded in routine examinations and disciplinary actions. That shift makes the risk less visible—but no less real.
At the center of the issue is a familiar problem: employees using personal devices and apps such as text messaging or encrypted platforms to conduct business conversations. When those communications are not captured and retained, firms can fall short of recordkeeping requirements, a longstanding pillar of securities regulation.
What has changed is the expectation around control. Regulators are no longer satisfied with written policies that prohibit off-channel communications. Instead, they are looking for evidence that firms are actively detecting, preventing, and addressing violations in practice.
Recent enforcement patterns also suggest a growing focus on individual accountability. In addition to firm-level penalties, disciplinary actions increasingly include suspensions and fines for registered representatives and supervisors. For compliance leaders, that raises the stakes internally, particularly when it comes to training, supervision, and escalation.
The continued attention from FINRA is significant for another reason: it challenges a perception that the issue had cooled following the SEC’s earlier enforcement wave. In reality, the underlying expectations have not changed, and examination programs continue to test firms’ controls in this area.
For chief compliance officers, the takeaway is straightforward. Off-channel communications remain an active enforcement priority, even if they are no longer dominating headlines. Firms that scaled back monitoring efforts or treated the issue as largely resolved may find themselves exposed during routine exams.
More broadly, the trend reflects a shift in how regulators evaluate compliance programs. The question is no longer just whether a firm has a policy in place, but whether that policy is working in day-to-day behavior. In that sense, off-channel communications have become a clear test case for a wider regulatory approach—one that places increasing weight on evidence, supervision, and real-world outcomes. 
Joseph McCafferty is editor and publisher of Compliance Chief 360°.
.