RealTime IT News

Merrill Bans Third-Party E-mail Use

Financial services firm Merrill Lynch has confirmed a company-wide ban on the use of third-party e-mail by its 50,000 employees, citing security and regulatory requirements.

A spokesperson for the New York-based brokerage house told internetnews.com the company would block e-mail access to all third-party ISP providers. The move effectively bans employees from using AOL, Yahoo, Hotmail for personal mail.

"E-mail usage is limited to accounts issued by the company. We are prohibiting the use of mail by all third-party providers," the spokesperson said, arguing that the move was necessary to "maintaining the integrity of our network" and to comply with regulatory requirements.

"We're operating in a highly regulatory environment. This helps ensure electronic communications are subject to proper monitoring and surveillance," the Merrill spokesperson explained, pointing to new SEC rules that require that all e-mail and instant messaging communication be accurately archived.

Last August, the SEC levied fines against a slew of brokerage houses -- including Merrill Lynch -- for violations relating to the proper archiving of e-mails.

The SEC regulations require financial services firms to keep all business records, including e-mails, for three years. However, Wall Street and the SEC have sparred over what exactly is required in e-mail retention policies.

Merrill has also put a clamp on the use of instant messaging (IM) at its corporate offices, following a recent requirement from the National Association of Securities Dealers (NASD) that financial services firms save and store IM conversations.

The Merrill spokesperson said text-based IM chatting was allowed but strict rules were in place to monitor and log all messages. "Our employees need to be registered with us to use instant messaging software," she added. A third-party software firm provides the technology to manage and archive Merrill's IM conversations.

Merrill's moves comes on the heels of a major deal to outsource network security to Verisign .