The U.S. Securities and Exchange Commission (SEC) fined JPMorgan Chase $4 million.
This measure of economic impact was applied by the regulator in fact the involvement of a financial institution in the deletion of 47 million emails. The bank’s action was unintentional and is the result of an error. Among the emails that were deleted, there are materials of interest to the regulator as part of numerous inspections.
The contents of some of the emails that were deleted beyond recovery were requested in subpoenas for more than ten civil investigations. These proceedings were related to securities. The relevant information is contained in the administrative order of the regulator, which was published last Thursday, June 22.
These emails were sent between January and April 2018. The files were deleted in 2019 from 8,700 mailboxes owned by 7,500 employees of the retail banking division of the largest US financial institution.
The error that caused the deletion of emails is the result of a failure in coordination between the bank’s corporate technology department and an external supplier tasked with archiving and deleting messages dated to the 70s and 80s of the last century. In the course of this work, the letters of 2018 were deleted. This is the explanation of what happened provided by the financial institution. SEC rules impose an obligation on the bank to keep emails for 36 months.
JPMorgan reported the removals to the regulator in 2020. The financial institution did this immediately after the discovery of the error, which caused significant damage.
The SEC order states that due to the impossibility of restoring the content of mistakenly deleted emails, it is impossible to conclude the impact of these materials on the course of investigations carried out by regulators. The commission also stated that the representative of the financial institution recognized the fact that the deleted data was used or could be used in certain proceedings, and also had value in the context of legal issues and requests from authorities.
The financial institution reported that it is currently taking measures aimed at preventing the risk of similar situations in the future. Veronica Navarro, head of Corporate Communications at JPMorgan, said that the bank takes seriously its obligations to improve operational activities, consisting of its processes and procedures.
The financial institution recognized the legality and validity of the measures taken by the regulator in the case of the deletion of emails. The SEC called on the bank to stop and refrain from actions that violate the rule on mandatory storage by broker-dealers of all messages for three years.
The financial institution announced the creation of its own 36-month storage code, which prevents the risk of erroneous deletion of materials. As part of the new algorithm, a bank employee who plans to perform a deletion task must receive approval from a senior-level information officer. Only then he will be able to perform the action.
As we have reported earlier, JPMorgan Starts Euro Blockchain Payments for Corporate Clients.