Theta Lake Blog

Susannah Hammond

Susannah Hammond
Susannah Hammond is senior regulatory intelligence expert for Thomson Reuters with more than 25 years of wide-ranging compliance, regulatory and risk experience in international and UK financial services. She is co-author of "Conduct and Accountability in Financial Services: A Practical Guide" published by Bloomsbury Professional.
Find me on:

Recent Posts

Individual Accountability - Enforcement Gets Personal

Posted by Susannah Hammond on Jun 8, 2023 7:01:51 AM

What do the chief executive of a US online store, the chief information officer at a UK bank and multiple senior employees at a US bank all have in common? They have all faced individual enforcement action for failing to comply with compliance expectations around the use (or indeed abuse) of technology. 

Read More

More Firms Are Fined for the ‘Widespread and Longstanding’ Use of Unmonitored Communications Channels

Posted by Susannah Hammond on May 15, 2023 8:57:18 AM

The U.S. Securities and Exchange Commission (SEC) and the Commodities Futures Trading Commission (CFTC) have fined three firms, two in the same group for ‘widespread and longstanding’ failures by the firms and their employees to maintain and preserve electronic communications. To settle the SEC charges, both firms acknowledged that their conduct violated recordkeeping provisions and agreed to pay penalties of $15 million and $7.5m, respectively. In related actions, the CFTC brought cases against two firms in the same group for failing to maintain, preserve, or produce records, and failing to diligently supervise matters related to their businesses. The firms were fined $15 million. The CFTC also fined a firm $30 million regarding recordkeeping and supervision failures for the widespread use of unapproved communication methods.

Read More

The Crypto Winter Is Spotlighting The Use Of Chat

Posted by Susannah Hammond on May 8, 2023 9:27:38 AM

The demise of multiple crypto firms has prompted regulators around the world to undertake in depth investigations into the governance, risk management and compliance arrangements in place at firms such as Binance

Read More

UK PRA joins other global regulators fining firm £8M for failure to capture messaging content

Posted by Susannah Hammond on Apr 18, 2023 9:07:03 AM

The UK Prudential Regulation Authority has censured a bank for wide-ranging significant regulatory failings between December 2016 and May 2020, which spanned breaches relating to large exposure limits, capital reporting, governance and risk controls and PRA Own Initiative Requirements (OIREQs) and, for the first time, failure to capture and retain WhatsApp messages. The seriousness of the breaches justified a fine of £8,515,000, however, since the bank is in wind-down the PRA imposed a public censure as a warning shot to the industry more broadly.

Read More

When Posting an Emoji is a Securities Violation

Posted by Susannah Hammond on Apr 11, 2023 8:32:45 AM

When is a rocket ship not a rocket ship? When it is cited in a legal casealleging a firm and its control person violated U.S. securities laws by offering for sale to the public certain non-fungible tokens (“NFTs”) without filing the required registration statement with the Securities and Exchange Commission (the “SEC”).

The use of emojis was specifically called out as meaning there was an expectation of profit for the NFT issuance, which was then deemed to be an investment contract (*known as the Howey Test).  Although the literal word “profit” was not used in any of the organization's Tweets, the “rocket ship” emoji, “stock chart” emoji, and “money bags” emoji were included and, objectively, mean one thing: a financial return on investment.

Read More

When It Comes To Modern Communications, Data Protection Is Now More Important Than Ever

Posted by Susannah Hammond on Jan 23, 2023 1:17:53 PM

Data protectionis now more important than ever. Given the new ways of working and communicating there are increasing amounts of personally identifiable information (PII) and personal health information (PHI) data shared across communication platforms and firms are expected to be able to capture and retain safely as well as retrieve and delete personal data. Critical issues that should take center stage in data privacy week.

Read More

Regulatory Perspectives by Theta Lake: FINRA’s continuing focus on communications compliance

Posted by Susannah Hammond on Jan 19, 2023 7:32:09 AM

The last quarter of 2022 saw FINRA continue its focus on communications compliance. Four brokers and a compliance officer faced disciplinary action for a range of breaches of their approach to supervision and an inability to retrieve phone records.

For the key lessons to be learnt together with more detail of the enforcement please click here. 

At a high level the disciplinary actions resulted in censures, a 40 day prohibition, fines totalling over $2m, restitution of nearly $50,000 and wide ranging remedial actions.

Read More

Regulatory Perspectives From Theta Lake: UK market abuse £5m fine, lessons for communications compliance

Posted by Susannah Hammond on Dec 15, 2022 7:56:49 AM

UK regulator fines a trio of brokers almost £5m for failing to have appropriate communications compliance processes in place to fulfil market abuse obligations

Read More


Posted by Susannah Hammond on Nov 29, 2022 8:00:00 AM
Theta Lake has taken a look in its crystal ball to consider what is likely to be a priority for firms in 2023. What is crystal clear is that now, more than ever, organizations need a modern approach to compliance and security across their modern unified communications (UC) like Zoom , Microsoft Teams , Webex by Cisco , RingCentral and Slack to not only tackle today’s challenges but also thrive into the future.
Read More

Regulatory Perspectives From Theta Lake: Analysis on the U.S. DOJ's new Compliance Guidance for Prosecutors

Posted by Susannah Hammond on Oct 18, 2022 9:33:00 AM

Digesting and implementing the U.S. DOJ’s new compliance guidance for prosecutors on the use of personal devices and third party apps

At a glance

The DOJ has expanded its Evaluation of Corporate Compliance Programs and identified several additional hallmarks of an effective compliance program including:

  • Effective policies and procedures governing the use of personal devices and third-party messaging platforms to ensure that business-related electronic data and communications are preserved 
  • ‘Clear training’ provided to all employees about such policies (the 2020 guidance also stipulates that organizations should measure the effectiveness of training), and
  • Policies enforced when violations are identified

Read More
Comment Here

Theta Lake provides security and compliance for modern collaboration platforms using frictionless partner integrations with Cisco Webex, Microsoft Teams, RingCentral, Slack, Zoom, and more. Using patented machine learning and NLP, Theta Lake detects risks in: video, voice, chat, and document content across what is shared, shown, spoken, and typed. Those risks are surfaced in an AI-assisted, patent-pending review workspace that adds consistency, efficiency, and scale for security and compliance teams. All of this enables organizations to safely realize the full ROI of a collaboration-first workplace while reducing the cost of security and compliance.

Subscribe here to stay up to date!