Symphony, the Wall Street backed secure messaging service is set to launch publicly next month. With 30,000 users and a list of 15 banks beta using the service, Symphony’s technology poses an interesting dilemma for financial compliance.
At the heart of Symphony’s service, is secure messaging both for inter-company correspondence as well as with the outside world. Beyond just providing encrypted messages that can only be opened by specific counterparties, Symphony is introducing deletion features. Popularized by SnapChat in the consumer world, Symphony allows for messages to be automatically deleted after a specific duration is reached. While this feature provides secrecy to users, the reality is that financial firms are required to save copies of their correspondence, client documents, and execution information for seven years.
Due to the potential conflict between the deletion features and compliance rules, Symphony has received a letter from the New York Department of Financial Services (NYDFS) for greater information about their product.
Addressed to Symphony’s CEO David Gurle from Anthony Albanese, Acting Superintendent of the NYDFS, the letter cited that market manipulation has been a problem over the last several years. Examples cited were the regaining of LIBOR rates and manipulation of FX fix prices. The manipulation itself was coordinated by traders of various banks connecting on private phone calls and using messaging chat rooms.
ACY Securities Supports ASIC’s Product Intervention OrderGo to article >>
As such, with that in mind, plus the requirement by banks to store correspondence records, the NYDFS wants to know how Symphony’s technology works and how firms using it will be abiding by current laws. In regards to the technology, Albanese stated, “Specific areas of interest for our Department include but are not limited to the data deletion, end-to-end-encryption, and open source 4 features of your products.”
In the letter, the NYDFS also stated that they will be contacting financial institutions that plan on using Symphony. In its correspondence with financial firms, the NYDFS will be looking to learn how they will be complying with retaining messaging data and who will be using the product.
While Symphony hasn’t provided a public response to the NYDFS’s letter, the product provides users the ability to customize it for their industry’s needs, including multi-year storage of messages. In their FAQ, Symphony states that the product “can be tailored to meet any local privacy and compliance laws and regulations.” In regards to the financial industry, this provides banks the ability to store all user correspondence for the seven year period. Nonetheless, the NYDFS and other regulators will probably look for ways to ensure that messages are in fact stored and whether there is a way to monitor for deleted information.