By Pam Martens and Russ Martens: April 28, 2016
Remember the chat rooms dubbed “The Cartel” and “The Bandits Club” that contributed to felony counts against the mega Wall Street banks last May for rigging the foreign currency markets? How about that classic from the Barclays chat room trader: “if you aint cheating, you aint trying.”
Well, apparently, one or more banks are causing concerns in this area again.
Yesterday, the regulator of national banks, the Office of the Comptroller of the Currency, sent out a severe warning to its flock that there could be a five year jail sentence waiting in the wings for anyone attempting to use technology to block its mandated access to bank records. The letter was authored by Bethany Dugan, Deputy Comptroller for Operational Risk. The statement read in part:
“The OCC has become aware of communications technology recently made available to banks that could prevent or impede OCC access to bank records through certain data deletion or encryption features.” Another part of the memo honed in on the chat room issue, noting that “…OCC is aware that some chat and messaging platforms have touted an ability to ‘guarantee’ the deletion of transmitted messages. The permanent deletion of internal communications, especially if occurring within a relatively short time frame, conflicts with OCC expectations of sound governance, compliance, and risk management practices as well as safety and soundness principles.”
Curiously, a footnote called out the Board and bank management of unnamed banks, suggesting that there has been a concerted effort to block the OCC examiners from access to chat rooms and/or to speak directly to bank staff:
“Failure to provide timely access, or efforts by the board of directors or bank management to impede the bank staff’s ability to provide such access, may result in enforcement action. Furthermore, examination obstruction may subject individuals to criminal prosecution. Refer to 18 USC 1517, ‘Obstructing Examination of Financial Institution.’ ”
The statute referenced by the OCC, 18 USC 1517, is succinct and harsh: “Whoever corruptly obstructs or attempts to obstruct any examination of a financial institution by an agency of the United States with jurisdiction to conduct an examination of such financial institution shall be fined under this title, imprisoned not more than 5 years, or both.”
Wall Street watchers are speculating that this may be another dustup over the communications system called Symphony that was initiated by Goldman Sachs. Goldman provides a detailed explanation on its web site about how it built out this system and admits that it got a “consortium” of other mega banks and hedge funds to join its plan. It also explains how it hired an expert in “encryption” to head it up, writing:
“In an effort to further develop and evolve the platform, Goldman Sachs built a consortium of the world’s leading financial services firms and acquired Perzo, a Palo Alto startup led by David Gurle, an expert in encryption and security, to form Symphony Communication Services Holdings LLC.”
In a press release issued in 2014, Symphony said that its financial institution partners, in addition to Goldman, included: Bank of America Merrill Lynch, BNY Mellon, BlackRock, Citadel, Citigroup, Credit Suisse, Deutsche Bank, Jefferies, JPMorgan, Maverick, Morgan Stanley, Nomura and Wells Fargo.”
The New York State Department of Financial Services was sufficiently concerned about the encryption aspect of the Symphony platform that it reached an agreement with four of the banks that it regulates (Goldman Sachs, Deutsche Bank, Credit Suisse, and Bank of New York Mellon) in September of last year.
Anthony J. Albanese, Acting Superintendent of Financial Services, said at the time of the agreement: “We are pleased that these banks did the right thing by working cooperatively with us to help address our concerns about this new messaging platform. This is a critical issue since chats and other electronic records have provided key evidence in investigations of wrongdoing on Wall Street. It is vital that regulators act to ensure that these records do not fall into a digital black hole.”
Initially, Symphony was promoting its platform with a promise of “Guaranteed Data Deletion,” raising red flags among New York State regulators.
Under the agreement with the State of New York, the four banks agreed to retain a copy of all e-communications sent through the Symphony platform for seven years and store duplicate copies of the decryption keys for these communications with independent custodians not controlled by the banks. The other 10 financial firms partnering with Symphony were not, however, parties to the agreement.
The specific language in the agreement noted that the Symphony platform uses “end-to-end encryption” which “enables the transmission of encrypted messages – including chat and instant messages – where only the sender and recipient institutions can decrypt the message using a private decryption key, and Symphony does not have the ability to decrypt the message.”