On Nov. 8, three private equity firms—Apollo Global Management, the Carlyle Group, and KKR—disclosed in regulatory filings they’re facing SEC investigations over their employees’ alleged unauthorized use of electronic messaging apps, like WhatsApp and WeChat, for business-related communications. The firms’ record retention practices related to the work-related communications are also being investigated.
Apollo said in its quarterly filing that it received a request for information and documents “in connection with an investigation concerning compliance with record retention requirements relating to business communications sent or received via electronic messaging channels.”
The Carlyle Group similarly disclosed in a quarterly filing the same day that the SEC has requested information “related to the preservation of certain types of electronic business communications (e.g., text messages and messages on WhatsApp, WeChat, and similar applications).” It said it “intends to cooperate fully with the SEC’s inquiry.”
KKR is also currently facing an SEC investigation “related to business-related electronic communications,” the firm disclosed in its quarterly filing, noting that it is cooperating with the investigation.
The investigations are part of a continued enforcement sweep into banks and investment advisory firms regarding the widespread use of unauthorized electronic communication channels for business communications purposes.
In September, the SEC issued a total of $1.1 billion in fines against 15 broker-dealers and an affiliated investment advisor “for widespread and longstanding failures by the firms and their employees to maintain and preserve electronic communications.” Separately, the Commodity Futures Trading Commission (CFTC) issued $711 million in penalties against 11 banks and investment firms for “widespread and longstanding failures” in monitoring, maintaining, and preserving electronic communications by employees. Among the banks caught in the sweep included Bank of America, Barclays Bank, Citibank, Credit Suisse, Deutsche Bank, Goldman Sachs, Morgan Stanley, and UBS.
DoJ Probe
The Department of Justice has signaled it has its sights on the use of personal devices and third-party messaging apps as well. In remarks made at Global Investigations Review on Sept. 20, Principal Associate Deputy Attorney General Marshall Miller stated, “[h]owever a company chooses to address the use of personal devices or messaging platforms for business communications, the end result must be the same: Companies need to prevent circumvention of compliance protocols through off-system activity, preserve all key data and communications, and have the capability to promptly produce that information for government investigations.” 
Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.