JP Morgan Accidentally Deletes Evidence in Multi-Million Record Retention Screwup

JP Morgan has been fined $4 million by the US Securities and Exchange Commission for deleting millions of email records dating from 2018 relating to its Chase Bank subsidiary. From a report: The Financial services outfit apparently deleted somewhere in the region of 47 million electronic communications records from about 8,700 electronic mailboxes covering the period January 1 through to April 23, 2018. Many of these, it turns out, were business records that were required to be retained under the Securities Exchange Act of 1934, the SEC said in a filing detailing its ruling.

Worse still, the stuffup meant that it couldn't produce evidence that that the SEC and others subpoenaed in their investigations. "In at least 12 civil securities-related regulatory investigations, eight of which were conducted by the Commission staff, JPMorgan received subpoenas and document requests for communications which could not be retrieved or produced because they had been deleted permanently," the SEC says. The trouble for JP Morgan can be traced to a project where the company aimed to delete from its systems any older communications and documents that were no longer required to be retained. According to the SEC's summary, the project experienced "glitches," with those documents identified for deletion failing to be deleted under the processes implemented by JPMorgan.

cost of doing business?

[i.r.id10t]

Wonder if the 4mil fine was less than potential damages based on any evidence that was deleted....

Re:cost of doing business?

[gosso920]

"Accidentally"

Re:

[Anonymous Coward]

"Like with a cloth?"

Re:

[CaptQuark]

Hanlon’s Razor -- never attribute to malice that which can be adequately explained by neglect, ignorance, or incompetence.

Just because the benefited from it doesn't mean it was done on purpose. But I'm sure they didn't lose much sleep when they discovered the problem and found they couldn't recover the emails.

Re:

[Forty Two Tenfold]

Wishy-washy. Malice is ubiquitous. Narcissists and psychopaths are cruel.

Re:

[DarkOx]

What bank were Hunter and Joe using?

Re:

[ihavesaxwithcollies]

The one that Saudi Arabia uses to pay off the Trump Jr.

Re:cost of doing business?

[UnknowingFool]

In other news, email admins for JP Morgan are driving Ferraris [youtube.com] into company parking lot

Re:

[GlobalEcho]

Examining the description posted by the SEC [sec.gov], it does look pretty accidental

7. In June 2019, a team at JPMorgan within the Corporate Compliance
Technology department (“the eComm Tech team”) was working on a project to delete old
electronic communications, including emails, instant messages and communications conveyed
over Bloomberg that were no longer required to be retained. Using policies and procedures
developed by JPMorgan and technicians at the vendor to facilitate the deletion of documents,
the eComm Tech team tried unsuccessfully to delete certain historical communications from
the 1970s and 1980s.
8. To troubleshoot the process, the eComm Tech team spread out deletion tasks
across multiple time periods and ran deletion tasks on emails from January 1 through April 23,
2018, erroneously believing, based on representations from the vendor, that the 2018 electronic
communications required to be maintained were protected from deletion by the vendor’s default
retention setting of thirty-six months. In fact, however, the vendor had failed to properly apply
the default thirty-six month retention setting to the “Chase” communications domain. As a result,
the troubleshooting exercise permanently deleted all of the emails in that domain from that
period which were not subject to legal holds.

JP Morgan paid about %175 million for a more malicious case of using WhatsApp a few years ago

Re:

[i.r.id10t]

So to answer my own question... Yes. By enough to make the fine look like a rounding error.

Re:

[postbigbang]

And all of their backups are rounding errors, too.

I call BS.

Re:

[flink]

Wonder if the 4mil fine was less than potential damages based on any evidence that was deleted....

Doesn't the court assume the records will corroborate what the prosecution alleges in cases like this? Or is that only if it was malicious and deliberate?

Re:cost of doing business?

[AleRunner]

Doesn't the court assume the records will corroborate what the prosecution alleges in cases like this? Or is that only if it was malicious and deliberate?

Yes, but if you were doing something much worse than the worst thing the Prosecution can imagine it's still worth it. That seems to be the reason
Trump's Secret Service deleted a bunch of phones related to Trump from the insurrection. You might pay the maximum fine, but at least you don't go to prison for the thing that nobody yet knows about.

Re:

[radarskiy]

In the US, adverse inference is only allowable in civil cases, and even then only when specifically instructed.

Re:

[Shaitan]

Even then, what is inferred may not be nearly as bad as what was actually contained in the data.

"The jury should assume the data which would have been contained in discovery is supportive of the plaintiff's case."

Actual email content (just one typical thread in the *lost* data):

Branch Manager: "I feel really bad, these bogus charges we've applied are going to cause this person's child to miss out a lifesaving leukemia transplant and also to lose their home."
CEO: "Do we hold the mortgage?"
Branch Manager: "Ye

Re:

[RemindMeLater]

$4M for JPM is like throwing pennies on the ground.

Re:cost of doing business?

[sconeu]

SEC: Preserve your emails
JPM: OK
Also JPM: [deletes emails]
SEC: Pay $4MM fine
JPM: [digs into petty cash and pays fine. Business as usual]

Re:

[alvinrod]

If there's a court case involving those, the jury will be instructed that it's fair for them to assume that the deleted emails are as damning as the plaintiff alleges them to be. There will probably be another large settlement or jury award down the road, but it still doesn't necessarily make the misconduct unprofitable. What really needs to happen to stop this is for the plaintiffs to not take a settlement offer and for juries to to award punitive damages for deleting evidence. When misconduct becomes expe

Re:

[micheas]

Considering that the plaintiff frequently has no clue as to the extent of the collusion in the industry (much of it unspoken) this could prevent the discovery of unknown crimes

Re:

[Shaitan]

Hey stop trying to minimize the pain on JP Morgan's part here. There were *dozens* of middle managers who had to cancel team building exercises at the bowling hut because of this! I mean, not forever, I'm not saying the sky fell.

But seriously they had to push them out at least a month so the company can recover the cash flow... err nvm, they just stalled a few months on paying the fine and let some accumulated interest from the ill-gotten gains cover it. But they came REALLY CLOSE to having to delay team bu

Re:

[jenningsthecat]

Wonder if the 4mil fine was less than potential damages based on any evidence that was deleted....

It's likely that the actual fine is much lower than the one they explicitly budgeted for when they made the decision to "accidentally" delete the evidence. So yes, it's safe to say that the fine is a minuscule portion of what the damages would have been. Gotta love it when a slap on the wrist for a "the dog ate my homework" ploy plays out in the banking sector.

Re:

[i.r.id10t]

Not just banking sector... Think about the bean counters deciding on a recall if the cost of the few calls/complaints/lawsuits is cheaper than recall cost. Or proper disposal of nasty waste, controlling oil leaks, etc - if the fine is 10k/day, but it costs 20k/day to do it legit... the 10k is just the cost of doing business...

Re:

[Bladefire]

Should be $4million per e-mail.

Re:

[Shaitan]

Ooops so sorry. I *lost* all the evidence we screwed people out of billions of dollars... so sorry I bad, spank me with another million, yes spank me again, again, again oooo I so bad.

Re:

[Shaitan]

They've paid millions for speaking engagements to provide D politicians golden parachutes and hosted the DNC multiple times. Remind me who is running the SEC these days?

Of course it is just the cost of doing business, it wouldn't fair to everyone else grifting the public and paying protection money, fair and square, if they didn't see any return on that investment.

Re:

[micheas]

What would have been the fine if they had turned over evidence of wrongdoing and been fined for whatever that was?

$4M is chump change to JP Morgan. That's a super cheap "get out of jail free" card

Probably additional discovery that would have cost them more $4 million.

The lead programmer on that may well have gotten a bonus for that bug.

"accidently"

[Archangel Michael]

Uh Huh.

Peanuts

[Retired Chemist]

That is not even a slap on the wrist, it more like a waved finger or something. Apparently, no one keeps hard backups off site anymore or if they did, they were deleted too. That sounds more like an intentional decision, than a mistake. Fine them $400, 000, 000 and they will not do it again.

Re:

[sursurrus]

Destroying evidence is a lucrative cottage industry for the biggest banks and their pet accountants. It bears an astounding resemblance to the Horsemeat scandal that British chain Tesco experienced in their ground beef a few years ago.
 

Tonight!!

[neilo_1701D]

... a project where the company aimed to delete from its systems any older communications and documents that were no longer required to be retained. ... the project experienced "glitches," with those documents identified for deletion failing to be deleted under the processes implemented by JPMorgan.

In other words:

"Tonight, we test in PROD!"

"Accidentally"

[WereCatf]

Ain't it strange how these accidents always, without fail, only happen after such communications have been requested by some government entity and/or in relation to a suit? Before such a situation, you could have an all-out nuclear apocalypse, but all those communications would be safe and secure in a billion backups!

Re:"Accidentally"

[gosso920]

"got cloth?" - Hillary Clinton

Re:

[radarskiy]

"only happen after such communications have been requested"

If they hadn't been requested there'd be no reason to look for them and discover that they were missing.

The world is much less competent than you think.

the dog ate my homework

[Walt Dismal]

total ... complete ... accident. And the dog ... ate my homework ...

The squid... $4M fine?

[Schoenlepel]

It should at least have been a thousandfold to even be noticed.

This is just the cost of doing business. Perhaps it's a footnote in their report to the shareholders: "Oh yeah, we were fined $4 million for deleting data. Nothing to worry about, we can easily take this."

The fine for evasion should be 10x more

[greytree]

... than the original punishment.

And the C-suite should be in jail.

Otherwise the bastards got away with it. Again.

Backups?

[bobby]

"deleted permanently"? Wouldn't they have backup media, tapes, something, somewhere? Maybe a 3rd-party backup management / storage provider?

Re:

[cebu2018]

Likely not, at least not intentionally - the objective of these records retention projects is to ensure that older records that are no longer required are completely destroyed, no just to save space/maintenance/etc. but to specifically ensure that they can't be requested as part of a legal fishing expedition. That's not an effort to avoid the law, it's more of a cost/risk avoidance measure (you have to remember the cost of discovery and producing evidence can be HUGE, you want to be able to establish you h

Curruption still pays

[doc1623]

For most of us, a speeding ticket will be a bigger burden than that fine to J.P. Morgan. I also wonder how accidental, as some of their clients under investigation, probably, have accounts that dwarf that fine. One law for the rich, and then the rest of us pay the real cost. I don't know if it was an "accident" or not, but it very well might have been the most profitable thing for the bank, so you have to wonder, when it's more profitable to pay the fine than to comply with the law.

Meanwhile

[ArchieBunker]

If you flush an ounce of weed during a drug raid you’ll be in jail for destruction of evidence and whatever else they can find.

I’ll believe corporations are people when Texas executes one.

what about the rest?

[argStyopa]

JP Morgan "happens to accidentally delete" 47 *million* emails right after it settles a $300 MILLION suit in regards Epstein's sex trafficking? Summary doesn't even mention that?

"Did they wipe the server with a dustcloth?" as was famously asked, just as disingenuously?

https://www.bloomberg.com/news... [bloomberg.com]

I mean we all know there might be a token penalty, but that's all it's going to be.

It should be FUCKING MASSIVE, company-crippling - after all VW paid about $20bn in fines and another what, $15bn to settle related suits when they were deliberately evading the law.

Re:

[quantaman]

JP Morgan "happens to accidentally delete" 47 *million* emails right after it settles a $300 MILLION suit in regards Epstein's sex trafficking? Summary doesn't even mention that?

I'm not suspicious.

As long as they remembered to question the admins who were involved under oath (with appropriate assurances of immunity).

Could a manager strong arm me into "accidentally" deleting evidence? Maybe, if I was weak willed enough.

Would that same weak willed me hold up under questioning? Hell no, if anything, I'd be kinda hoping to be asked.

Re:

[quantaman]

As long as they remembered to question the admins who were involved under oath

Going off-topic, but I've never understood the concept of oath-swearing in a legal context. When you've already got some person who does not believe in a deity and consequently does not adjust his/her doings to the moral requirements of such deity (i.e. most often a criminal in the incumbent legal system), either out of respect/love for the deity or out of fear of consequences meted out by the deity - what difference is an oath going to make???

(Disclaimer: convinced christian here that has previously declined the taking of oaths because of Matthew 5:34-37 [biblegateway.com]. Did work for the tax authorities of a explicitly secular (and in practice often anti-christian) state that required a security clearance that included this - how ironic that they required an oath. The alternative was a "solemn declaration" which in practice was just a different checkbox on the form with the signed statement.)

Most people find lying to be difficult. Swearing an oath that the statement is truthful generally makes that more difficult, more so if you believe you'll be making your deity unhappy.

More significantly, while lying to law enforcement gets you in trouble doing so while under oath gets you in a lot more trouble [shouselaw.com].

90's sitcom version of banking

[OrangeTide]

Steve Urkel: Did I do that?

Opposite Day apparently

[Petersko]

Never ascribe to incompetence what can be adequately described as malfeasance.

oops

[Growlley]

accident - yeah right - just cheaper to pay this fine.

Future crimes

[themightythor]

The company was ordered to cease and desist from committing or causing any future violations, and to pay a penalty of $4 million to the SEC.

Wasn't the law that was in place since 1934 an implicit order to not commit or cause violations? Aside from the token fine of $4m USD, what's changed?

Simple response

[whitroth]

Convict and jail chief execs for ordering that deletion.

Deliberate

[RossCWilliams]

Lets be clear, they deliberately destroyed the records. It may have been a mistake, but it was not an accident. Its the difference between shooting the wrong person and accidentally shooting someone. There is really no legitimate reason for them to permanently destroy records other than to prevent them from being produced.

Re:

[DarkOx]

of course there is a reason to destroy records?

Do you keep all your tax forms going back to when your first filed or do you get rid of them after 3-4 years when the IRS says you can?

I bet you don't keep them, and I bet when you get rid of them you shred them or burn them or similar right? Yeah because it would be huge burden to keep everything forever and not destroying it would pose a privacy and security risk. '

Ask CapitalOne how keeping a bunch of old forms around on a server worked out for them..

There i

Hahahah, "accidentally", hahahahaha....

[gweihir]

And look, they do not even get more than a pathetic token fine...

They probably get to write it off their taxes too.

[Eunomion]

"But hey, we're all friends here. Good people deserve some consideration. Your grandson Wellington III is frat brothers with my nephew Armitage Jr., and I've oft seen them tearing up the squash courts at the Hart & Whitley Club, ah-ha-ha-ha! BTW, Gibbons, how's that criminal conspiracy case going against that black 8-year-old who stole a candy bar from my golf bag? Is he dead from the prison conditions yet? What's taking so long?"

Yea right

[JustNiz]

Accidentally. Sure.

Those emails...

[devloop]

Those emails did not delete themselves.

Re:

[kiore]

They knew they were signing their own death warrant the moment they agreed to testify against the bank.

We'll never see any real penalties without

[PJ6]

bringing the international flow of capital back under control, and reversing the over-finalizatization of the economy.

You can't have effectively unrestricted freedom to move around these astronomical amounts of money, and expect democracy to work.

It basically allows private wealth to tell you, do as we say, or we'll starve you (remove all the capital from a country for laws and regs they don't like).

It is the root of the race-to-the-bottom effect.

$4 Million Is Such a Big Fine! *sarcasm*

[HannethCom]

It is estimated that the Royal Bank of Canada makes about $1 billion in illegal fees every day, or about 700k a second. That's just in illegal fees. I doubt it takes JP Morgan even a second to make that $4 million back. This isn't even a slap on the wrist. This is more like a tap on the shoulder.