The Financial Conduct Authority has warned advisers on using Whatsapp and other social media messaging services amid a surge in remote working.
In its latest market conduct newsletter, out this month (January), the regulator said it had acted against firms and individuals for misconduct which involved using the platforms to arrange deals and provide investment advice.
It warned of "heightened risks from misconduct" as a result of working from home, and reminded the industry that the use of unmonitored or encrypted communication apps to share sensitive work information presented "significant compliance risks".
The City watchdog said: "We view these actions as serious and have sought orders preventing such individuals from carrying out these activities in the future. We expect this to remain an area of focus.
"It is important for firms to proactively review their recording policies and procedures every time the context and environment they operate in changes."
The regulator said it expected firms to have a "rigorous monitoring regime" wherever "in-scope activities" might be conducted outside of a controlled office environment.
It also warned using channels such as Whatsapp would make it harder for firms to effectively monitor communications and said where these types of apps were used for activities on business devices they must be "recorded and auditable".
The FCA added: "Without effective recording and monitoring controls, there is a real risk of loss of monitoring and surveillance capability, and the absence of protection through loss of evidence to resolve disputes between a firm and its clients over transaction terms.
"It is also vital to help with supervisory work, help deter and detect market abuse and to facilitate enforcement.
"There is no specific restriction on the technologies or apps firms can use for communications. However, in all cases firms must understand the recording obligations and have effective policies, controls and oversight to ensure that these are met."
Under the FCA's rules the recording obligations apply to conversations and communications made with, sent from, or received on, equipment "provided or permitted to be used for business purposes".
Paul Grainger, chief executive of compliance consultants Complyport, said: "Firms should have made it clear to staff as to what apps they could use and effectively made arrangements to monitor those.
"If they were not recordable and auditable, it should not be used and anyone caught using non-compliant media should be subject to disciplinary actions."