Compliant messaging with SMS & WhatsApp for financial services

December 15, 2020

Before we answer how to have add compliant messaging with SMS and WhatsApp to the ways financial services communicate with clients, you may be wondering – why is it important?

Increase client interactions and build relationships with compliant messaging

Most people no longer go anywhere without their mobile phones. Often people read and reply to messages in situations when they couldn’t answer a call. Whether busy, bored, in a noisy environment, in a quiet environment, messages provide an easy, fast, and discrete communication method for both you and your clients. Messaging also improves your relationship with clients, especially when you can connect with them on their preferred platform.

#1 Quick response time makes clients feel like they’re your priority

The most common complaint that gets advisors fired is lack of communication and responsiveness

  • The more promptly you reply to your client’s inquiries, the greater their satisfaction with your service will be
  • It’s not only easier for clients to contact you with messages, it’s easier for you to reply and let them know you’ve received their message

# 2 Messaging provides a written history

Unlike emails and calls, it’s easy for both of you can at any time return to your message history

  • A client will be able to retrace the steps of making decisions or recall the advice that was given
  • An advisor can examine their client’s reaction to different ideas and topics and use this to improve their advice in the future

# 3 Messaging supplements other forms of communication

The in person meeting, zoom call, or call will always be critically important forms of client communication. However, messaging can supplement these other forms of communication

  • Some clients open up more when they can use messaging. After the call, they may use it to iron out any questions or concerns that pop up for them after the fact
  • Messaging can be used to remind clients of scheduled appointments and required activities
  • Easily share links, documents, and directions to appointment locations

For more on using messages to connect with clients, see 7 texting strategies smart advisors use to maintain client relationships from home

Now that we know why its important to message using SMS and WhatsApp, how can a firm institute compliant SMS and WhatsApp for their teams?

Key compliance and privacy regulations to consider

Global businesses must meet the compliance and privacy regulations of the areas they operate. Below are all key regulations that impact firms’ use of messaging applications.


The primary purpose of the TCPA is to prevent consumers from receiving unwanted text messages and is enforced by the FCC. Under the TCPA, people can file lawsuits against companies who are not compliant

Compliance guidelines include:

Obtain consent:

  • Businesses cannot call or send messages to consumers without their consent. Companies must obtain explicit written permission from consumers before calling or sending any messages

Provide disclosure:

  • Once consumers opt-in to receive messages, businesses must disclose the full scope of their SMS communications and also provide a way for consumers to opt-out


FINRA is concerned with protecting investors against unethical business practices and making sure that financial advisors work on their behalf. The SEC oversees FINRA.

Compliance guidelines include:

Keep records:
Firms must be able to prove they have completely preserved and supervised all business-related communications, particularly:

  • Recommendations and advice
  • Receipt and delivery of funds
  • Purchasing or selling securities
  • The performance of a managed account or securities recommendation

Prevent misuse:

Employees must not be able to:

  • Send messages anonymously
  • Use apps that destroy messages automatically
  • Block third-party supervision

Follow up:

  • Firms must prove they have conducted due diligence and follow up on potential violations of securities laws and FINRA rules


The GDPR includes regulations meant to protect consumer privacy

Compliance guidelines include:

Privacy by design

  • Only relevant and agreed upon data should be collected

Explicit consent

  • You must be informed about what data is collected in a policy statement
  • You must be able to opt-in or out of the policy
  • You must be notified of changes to the policy

Access rights

  • You must be able to retrieve the data collected on you if requested


The FCA is concerned with making sure that laws protecting investors. The FCA oversees MiFID II regulations

Compliance guidelines include:

Keep Records:

  • Any conversation- voice call, text, messaging, email- that results in a financial transaction
  • Must be retained for 5 years
  • Must be controlled to prevent tampering (alteration or deletion)
  • Properly surveil and do due diligence to ensure compliance with FCA COBS 11.8 rules

Singapore MAS (CN)

The Monetary Authority of Singapore (MAS) and the SGX oversee mobile phone recording requirements.

Compliance guidelines include:

Keep Records:

  • Any communication- voice call, text, messaging, email- about orders or trades, regardless if they result in a transaction
  • Must be retained for 5 years
  • Must be controlled to prevent tampering (alteration or deletion)
  • Must be kept confidential
  • All communication should be retained for at least 2 months

Explicit consent:

  • Clients must be informed that the communication is recorded

Client Identification rule:

  • Firms must provide the identities of ultimate beneficial owners (UBOs) to MAS or law enforcement if requested

Critical features to look for in a compliant messaging application for financial services

Privacy by Design

Meeting compliance requirements for data security, e-discovery, and industry standards for SMS and WhatsApp without endangering employee privacy becomes complicated in the mobile environment, especially with the preference for using personal devices for work purposes (BYOD).

  • Get an application that keeps the business and personal data completely separate
  • Employees don’t have to risk exposing or implicating their personal data when they opt-in to use the phone for work
  • Employees can easily distinguish between business and personal calls at the Caller ID screen
  • Employees can set up a separate voicemail for receiving business calls; letting them freely express themselves in their personal voicemail


It’s critical to capture and respect client consent for SMS and WhatsApp by sending an initial message letting the client know who wants to message them, the type of messages to expect, and how to stop messages if they’re not desired

  • Get an application that handles Opt-In and Opt-Out messages
  • Crafting a good Opt-In message is important for increasing Opt-In rates, craft your opt-in messages and adapt them to what’s working for your business
  • Capture and archive the results of Opt-In and Opt-Out in the management portal where administrators can easily search and retrieve them
  • Identify which users in your organization require Opt-In/Opt-Out and set it up for that group; it will be automatically taken care of whenever your employee messages a new contact and require no action on their part

Message capture and archive

You need a recording solution for SMS and WhatApp that is secure, cost-effective, easy to implement and scale, and easily integrates with your compliance archive

  • Get an application that securely and completely captures ALL messages, regardless of connection type
  • Identify which users in your organization require message capturing and archive and set it up for that group; it will be automatically taken care of whenever your employee messages with their contacts and requires no action on their part
  • Managing recording at the organizational level also prevents employees from selectively turning recording on and off, which could lead to a breach of compliance
  • Get an application that monitors access and can prove the data has been unaltered by employees, administrators, and third parties as they traverse the platform per FINRA and MIFID II
  • Messages should be securely and easily transferred to your compliance archive

Nice-to-have features to look for in a compliant messaging application for financial services

Lexicon alerts

It’s helpful to set up a dictionary of terms that will be redacted or blocked, such as profanity, abusive language, or sensitive information such as credit card numbers and social security numbers. Find an application that prevents breaches of your communication policy by identifying text and patterns of text for whether they arise from clients to employees or employees to clients.

Support for mobile and desktop

Look for a solution that grants the convenience of mobile messaging to clients, and the ergonomics of the desktop to your frontline, helping improve the user experience while increasing overall productivity.

CRM Integration

CRM systems, such as Salesforce or NextJ, provide a suite of tools that help track and store client information; being able to integrate your compliant messaging application means less manual entry and more productivity.

Quick Text Templates
Surprise and delight your users with a solution that can automate client outreach with automated texts that frequently used on a daily basis.

Example 1:

Message bubble with text "Hi Client Name, I'm Banker Name and I'm your banker at the ACME Bank branch on BRANCH ADDRESS. I wanted to say hello and let you know I'm here to help if you need anything or have questions about ACME Bank Private Client. Feel free to call or text me on this number." Example 2:

Message bubble with text "Hi Client Name, I'm looking forward to our meeting on DATE - I have you down for TIME at LOCATION. Does this time still work for you? Please, call, email, or text me if you need anything before then - my email is listed below. Email: Mariellbryant@abcbank.comEnterprise Mobility Management (EMM) Integration

EMM systems such as Microsoft Intune or BlackBerry UEM provide a suite of security and application management tools that protect business data across corporate applications, such as browsers, email, calendar, and office applications; being able to deploy your compliant messaging application the same way keeps things simple for IT.


How can financial services firms use compliant messaging across various teams

You might be surprised the opportunities messaging will afford your wealth managers, advisors, bankers, and traders.

Wealth Managers can use compliant SMS on their personal mobile to:

Compliant SMS and WhatsApp Image: Two cell phones with a message thread. Larry: Hi James, I've attached a link to your quarterly portfolio review. Let me know if you have time that you'd like to review this! James: Thanks Larry. I'm free tomorrow at 2:00 PM if that works! Larry: That works great! Talk to you then.

  • Continuously learn a client’s financial priorities and feelings towards their financial situation
  • Check-in on clients and encourage them to stick to the financial strategy
  • Share portfolio reports and schedule appointments
Personal Bankers can use compliant SMS within their CRM to:

Compliant Messaging from Salesforce Image: Message thread between Sydney on Salesforce and John on cellphone: Auto Message: Sydney Oliver is trying to reach you. Per company policy, you must provide your consent to continue messaging. To opt in, reply YES. To opt out, reply STOP. John: YES Auto Message: Opt in confirmed. To opt out at any time, reply stop. Sydney: Hi John, let me know when you are free to meet to discuss your portfolio. I can do anytime on Wednesday, if that works. John: Hi Sydney, Wednesday at 4:00 PM works great for me. Talk to you then!

  • Assist clients with their accounts
  • Advise clients on loans and investment products
  • Provide important documents
  • Schedule appointments
Traders can use WhatsApp compliantly on their personal laptop to:

Compliant Messaging from Desktop Image: Message thread between Browser and Cell Phone. Auto Message: Tara Panu is trying to reach you. Per company policy, you must provide your consent to continue messaging. To opt in, reply YES. To opt out, reply STOP. Andy: Yes Auto Message: Opt in confirmed. If you wish to stop at anytime, reply STOP. Tara: Hi Andy, touching base in light of market changes. Here's the latest from our chief economist [Link]. Let me know if you want to discuss. We're staying on top of it. Andy: That's great Tara, thanks. I'll take a look and come back to you

  • Share spreadsheets and market research with clients
  • Schedule presentations
Subscribe for the Latest Posts

Ready to Learn More?