Reducing the risks of remote and hybrid working

With the increase in remote and hybrid working arrangements, it’s important for all staff to understand their responsibilities when working remotely.

In December 2021, JPMorgan Securities agreed to pay $200 million in fines after admitting that it failed to keep records of work-related communications made by employees on personal devices using personal email accounts and messaging apps. The SEC also announced that, as a result of its findings, it has commenced additional investigations into practices at other financial firms.

Whilst much of the activity at JPMorgan predated the pandemic, the recent increase in remote and hybrid working arrangements clearly amplifies the potential risks. Therefore, it is important that all staff understand their responsibilities when working remotely.

Here are three best practices to remind your employees: (a PDF version is available to download here.)

• Policies & Procedures: All employees must follow your firm’s remote working procedures (e.g. regarding transaction execution and communication methods). These help the firm comply with the legal and regulatory requirements – e.g. recordkeeping, order/trade surveillance and data protection.
• Information Security: Remote and hybrid working increase information security risks. Employees must make sure that all information (electronic and physical) is accessed, stored, transported and disposed of securely. Information should not be accessed by unauthorised persons.
• Conduct & Culture: Employees should seek support from their manager or the Compliance team if they have a question or concern about a legal, regulatory or operational issue (such as an information security, financial crime or conduct risk).