JPMorgan Chase has been fined $4 million by the Securities and Exchange Commission for mistakenly deleting 47 million emails, some of which the watchdog was trying to access.
Many of the permanently deleted emails were sought by subpoenas in at least a dozen regulatory investigations, says the SEC.
Says an administrative order: “Because the deleted records are unrecoverable, it is unknown - and unknowable - how the lost records may have affected the regulatory investigations.”
The emails, from about 8,700 staff mailboxes were accidentally deleted in 2019 as staff worked to troubleshoot an issue with a project to delete older communications that were no longer required to be retained.
Employees deleted communications from the first quarter of 2018, erroneously believing - based on written representations from the bank’s archiving vendor - that all the documents were coded in a way to prevent permanent deletion of records that were required to be kept for three years.
But the vendor did not apply the default retention settings in a particular email domain and those communications were permanently lost.
JPMorgan discovered the issue in late 2019 and informed the SEC in January 2020.
This fine comes after JPMorgan was hit, in 2021, with $125 million in penalties for failing to preserve text messages and other communications sent between 2018 and 2020.