Sign in / up

back to article NatWest blocks bevy of apps in clampdown on unmonitorable comms

The full list of messaging apps officially blocked by Brit banking and insurance giant NatWest Group is more extensive than WhatsApp, Meta's Messenger, and Skype – as first reported. BBC broke the news of the banking group formally banning the three apps on November 12, but The Register now understands the list also includes: …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Kjm35

    About time

    I seem to recall some court case where traders had fixed rates between themselves thus inflating the cost of borrowing. I believe they were using unauthorised apps.

    Good to see NatWest finally realising that you must keep audit trails ready for the next PPI, DCA or whatever the FCA uncover re dodgy business practices.

    14 0 Reply
    1. b0llchit Silver badge
      Reply Icon
      Meh

      Re: About time

      That'll teach 'm! Well, yeah, it teaches us to use private devices for all our illegal communication.

      9 0 Reply
      1. Korev Silver badge
        Reply Icon

        Re: About time

        > , it teaches us to use private devices for all our illegal communication.

        And only agreeing to stuff verbally.

        These kind of changes just mean it'll be harder for the company to catch the stupid naughty people.

        4 2 Reply
  2. Ali Dodd

    Good start Natwest

    Now it should be enforced across all banking by the regulators, no disappearing evidence please.

    BUT more importantly use of disappearing messages should be banned in any Government role including ALL MPs with the crime of TREASON attached to breaching this. It is unbelievable that the criminal just threw away shedloads of evidence with no repercussion

    21 1 Reply
    1. pig
      Reply Icon

      Re: Good start Natwest

      Especially as MPs only started to use it as they thought it was not auditable.....

      (Though, maybe fire them as MPs as opposed to full on charge of Treason )

      5 0 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Good start Natwest

      > Now it should be enforced across all banking by the regulators, no disappearing evidence please.

      Until I read this article, I thought it was. This stuff wasn't an issue when I was in the banking sector 20 years ago, but colleagues who are still there tell me it's a regulatory requirement.

      On the flipside, I know for a fact that Binance disallow these too, and email, but for slightly different reasons: they only use an internal comms system that always deletes messages after a few weeks. I was told it's a workflow nightmare if you're used to managing things by email.

      3 0 Reply
      1. Missing Semicolon Silver badge
        Reply Icon

        Re: Good start Natwest

        oooo dodgy. Records are subject to a "defined retention policy". Looks like Binance have a policy that ensures that there is no paper trail. This would be specifically illegal in most jurisdictions, and so they have few regulatory approvals.

        8 0 Reply
        1. Cliffwilliams44 Silver badge
          Reply Icon

          Re: Good start Natwest

          No, that's not how it works. I am sure they have retention on proper business communications. Such as "All internal business communications must be CC's to this mailbox and all customer communications must be CC's to this mailbox."

          A former employer of mine put in a 2 week retention period on email because of a laws suit regarding employees sexting each other in email (back in the early 2000's). A female employee got angry when she found out her alleged boy friend was sexting another female employee. It was a real embarrassment for the company!

          Yeah, total pain in the ass! Plus you can get into real trouble for not following the process. They believed it was worth it!

          1 1 Reply
      2. andy the pessimist
        Reply Icon

        Re: Good start Natwest

        The standard Samsung email setup deleted all attachments after a few weeks. Best to save the attachments elsewhere. We kept outlook which was easier.

        0 1 Reply
  3. ITMA Silver badge
    Devil

    A good many less regulated businesses should take note.

    It is very easy for these "unofficial" channels to become engrained in working practises because they get started by employees with no governance. Often without even talking to IT.

    Apart from the other issues, it means almost requiring employees to give out their personal mobile numbers to other staff members without proper informed consent. A GDPR issue.

    I've seen it used as a way of scheduling and organising work amongst teams, again started by individuals without proper thought for the implications - simply because it is "easy".

    8 0 Reply
    1. Cliffwilliams44 Silver badge
      Reply Icon

      What we tell our people is, "If we are involved in litigation, and it is found out that related information was communicated from/to a personal device, then opposing council can request that all personal devices from involved custodians can be sopeanead for discovery! Would you really want your personal device to be search be some law firm?!

      This usually drives home the reason for this requirement!

      Unfortunately, I work in a very litigious industry!

      1 1 Reply
      1. ITMA Silver badge
        Reply Icon
        Devil

        "Unfortunately, I work in a very litigious industry!"

        You're a lawyer aren't you! LOL

        0 0 Reply
  4. Detective Emil

    Vaguely surprised …

    … that Apple's Messages isn't on the list. Maybe its shortest auto-delete of 30 days is considered acceptable. Or maybe NatWest uses MDM to remove the app from managed devices (something Apple doesn't allow mortals to do) — although that would crock SMSs as well.

    2 0 Reply
    1. Spazturtle Silver badge
      Reply Icon

      Re: Vaguely surprised …

      You can use MDM to capture and retain iMessages and RCS messages.

      3 1 Reply
  5. Headley_Grange Silver badge

    The UK government shoud do this for all its comms.

    8 0 Reply
  6. Anonymous Coward
    Anonymous Coward

    Only now?

    I did at a stint in a New York bank and the first morning was spent having "thou shalt only use authorised messaging apps on pain of pain" rammed down your throat by someone from Sopranos central casting... and that was over 10 years ago. Can't believe it's taken this long for other banks to catch up

    6 1 Reply
  7. Anonymous Coward
    Anonymous Coward

    Been a couple of years since I left NatWest but I seem to recall all social media and messaging apps were banned and blocked via the desktop proxies unless you had a very, very, strong business requirement. Can't quite remember how mobiles were protected but there was MDM and controls enforced so company apps and non company apps couldn't share information (to the extent you had to use a company app to take photos if you wanted to use them in another company app.) So not quite sure what's changed since then other than re-enforcing the bans.

    3 0 Reply
  8. Anonymous Coward
    Anonymous Coward

    I'm amazed

    We get audited on a regular basis by most of the high street banks as we supply stuff to them. The amount of time they spend on DLP, I'm amazed they allow free reign up until now.

    4 0 Reply
    1. F. Frederick Skitty Silver badge
      Reply Icon

      Re: I'm amazed

      Do as I say, not as I do.

      1 0 Reply
  9. Tron Silver badge

    Being banned from doing something...

    ..doesn't actually stop anyone from doing it.

    Those vanishing messages at the Covid inquiry could have been reconstructed from the devices of the other parties, but no attempt was made. It was just a way of getting away with stuff as some of the messages would have been politically awkward if they were in the public domain. UK media coverage is easy enough to rig with a D Notice. For inquiries, you need to lose your phone or autodelete.

    2 1 Reply
    1. Cliffwilliams44 Silver badge
      Reply Icon

      Re: Being banned from doing something...

      No, but now you can fire the offending employee without worry of them suing you!

      For us, this is a "first offence terminating event"! Or at least that's how it is communicated to the rank-n-file! No one really gets fired for a 1st offense. But you gotta put the 'fear of god' into them of it doesn't work!

      1 0 Reply
  10. Anonymous Coward
    Anonymous Coward

    Curiouser and Curiouser...

    At work my employer does network based backups of my employer issued laptop.

    At work, I do regular backups of my employer issued laptop too.

    And my employer is doing regular system-wide backups which are sent to Iron Mountain.

    So...here's my question: Who says that messages created by the listed apps "can never be retrieved after X days"????

    Sounds very unlikely to me.....

    2 0 Reply
    1. Cliffwilliams44 Silver badge
      Reply Icon

      Re: Curiouser and Curiouser...

      Let me 'splain it to you Lucy!

      Cell Phones!

      Unless you are capturing those message sent/received by cell phones they are lost!

      0 0 Reply
  11. Roj Blake Silver badge

    Golf Courses

    Will they also be banning off-the-record business chats on the golf course?

    0 0 Reply
    1. Cliffwilliams44 Silver badge
      Reply Icon

      Re: Golf Courses

      Verbal communications, for the most part, are not legal agreements.

      For instance, a verbal agreement for a change order is not binding! This is written into our contracts.

      2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like