Wednesday, December 20, 2006

Email Storage and Retrieval Lessons from Morgan Stanley

Email storage and retrieval is a big deal. A very big deal. Whether you are a two man shop or a national wirehouse you must do real-time storage of emails coming into and out of your firm. You must store them correctly and you must be able to retrieve them in a reasonable time period.

Morgan Stanley has become the poster-boy of email retrieval problems. Most will recall that Morgan Stanley lost a case against Ron Pearlman based in large part on its inability to retrieve emails, and was then fined $15 million dollars for email storage issues by the SEC. On the heels of that followed a class action against Morgan Stanley on behalf of arbitration claimants, who are suing because Morgan could not produce emails during their hearings.

At that point in time, last year, email storage and retrieval had cost Morgan Stanley a $1.45 billion jury verdict in favor of Ron Pearlman, a $15 million SEC fine and a class action complaint. Not to mention the impact that the email fiasco had on its ongoing litigation and arbitration matters. I can hear the claimants' attorneys screaming over missing emails and "intentional destruction of evidence" even as I type this.

This is all pretty significant stuff. Email is important, and Morgan has had some significant problems and costs over the issue.

But there is still more. Today we find the announcement "NASD Charges Morgan Stanley DW with Repeatedly Failing to Provide Emails to Arbitration Claimants and Regulators."

The NASD alleges that Morgan falsely represented that its emails had been destroyed in the September 11 Attack - it made that representation, and then found that the emails did in fact exist, on backup tapes and on individual computers. The NASD also alleges that Morgan Stanley later destroyed many of the emails it did possess, by overwriting backup tapes that had been used to restore the emails to the firm’s system and by allowing users of the firm’s email system to permanently delete the emails over an extended period of time. As a result, the complaint alleges, that between September 2001 and March 2005, millions of the emails were destroyed.

NASD’s complaint also alleges that Morgan Stanley violated NASD rules by failing to produce email in its possession in numerous customer arbitration proceedings over the three-and-a-half year period, and by making misrepresentations that it did not have such email in numerous proceedings. The complaint also charges Morgan Stanley with violating NASD rules by failing to produce the email to a number of regulators, including NASD, and by falsely representing that the email had been destroyed.

While we have no direct knowledge of the events, and posted this to demonstrate the perils of not paying attention to email storage and retrieval, it certainly seems that this is overkill. While the Pearlman litigation has no impact on the regulatory concerns, an SEC investigation and a 15 million dollar fine is not an insignificant event.

Now the NASD is coming back again, for the same underlying conduct? I will admit, the false representation allegation causes me some concern, over and above the email issue, but I have seen regulatory agencies label statements that were thought to be true when made, as false representations, and this might just be another instance of an exaggerated pleading.

But another regulatory action over the same conduct? When does it stop? Does the State of Connecticut now commence an action? Then NY, and Utah, followed by Alabama?

Morgan Stanley certainly screwed up email storage and retrieval. They paid the litigation price, and paid a significant fine. Keeping in mind the lost and missing emails are from a time when most firms did not have a clue as to what they were supposed to be doing, if anything, with email correspondence, the timing should be a mitigating factor, and there is no benefit to forcing it to defend itself once again.

The overlapping regulators is a significant concern, one which will be lessened in the future with the NASD/NYSE merger. But the underlying point is - store your emails, in WORM format, when they are sent or received, away from the sender's computer, and make sure you can retrieve them, by author, sender, and keywords.
Post a Comment