09.05.2025

Avoidable Errors Led to the Loss of Gensler’s Texts

09.05.2025
Avoidable Errors Led to the Loss of Gensler’s Texts

The Office of Inspector General issued a final report detailing the results of our special review of the loss of the former U.S. Securities and Exchange Commission (SEC) Chair Gary Gensler’s text messages. The report contains five recommendations that should further strengthen the SEC’s management of mobile devices and federal records.

WHY WE DID THIS REVIEW

Records are the foundation of open government, and electronic recordkeeping (including recordkeeping of text messages) helps ensure transparency, efficiency, and accountability. On January 17, 2024, the U.S. Securities and Exchange Commission (SEC or agency) Office of Information Technology (OIT) reported to us that, about four months earlier, the agency erased nearly a year’s worth of text messages sent and received by the then SEC Chair, Gary Gensler. We undertook this review to determine what happened and why, how the agency responded, and any implications for federal records management.

WHAT WE FOUND AND RECOMMENDED

OIT’s decisions and actions resulted in the inadvertent loss of text messages sent and received by Gensler between October 18, 2022, and September 6, 2023. Specifically, in August 2023 OIT implemented a poorly understood and automated policy that caused an enterprise wipe of Gensler’s government-issued mobile device. The device was erroneously thought to be inactive and no longer in use, and OIT had not backed up the device for nearly a year. In an effort to recover from the enterprise wipe, OIT hastily performed a factory reset, which deleted text messages stored on the device and the device’s operating system logs.

OIT’s response to this incident culminated in a contractor-produced after action report at an estimated cost of about $53,000. However, inadequacies in the report impacted its reliability and usefulness.

Furthermore, because OIT did not collect or maintain necessary log data, neither OIT, its contractor, nor we could determine why Gensler’s device stopped communicating with the SEC’s mobile device management system, which caused the device to appear inactive and led to the enterprise wipe. A series of additional OIT actions, deficiencies, and missed opportunities, including a lack of backups and procedures that failed to consider record retention requirements for Capstone officials (such as Gensler) exacerbated the situation and hindered the SEC’s response.

Although the SEC took steps to recover or recreate the deleted text messages, the agency was unable to collect or determine the entire universe, including some federal records. Since notifying our office, the SEC has disabled text messaging agencywide (with some exceptions), notified the National Archives and Records Administration in June 2025 of the lost records, and taken additional steps to back up Capstone officials’ records and data, among other actions. However, the loss of Gensler’s text messages may impact the SEC’s response to certain Freedom of Information Act requests.

While some matters we identified did not warrant recommendations, we are recommending specific actions to further strengthen the SEC’s management of mobile devices and federal records. These actions include updating or developing plans, policies, and procedures related to change management, Capstone officials’ devices, and the system used to manage mobile devices, among other topics.

Source: SEC

Technology costs in asset management have grown disproportionately, but McKinsey research finds the increased spending hasn’t consistently translated into higher productivity.
#AI #Fiance

We're in the FINAL WEEK for the European Women in Finance Awards nominations – don't miss your chance to spotlight the incredible women driving change in finance!
#WomenInFinance #FinanceAwards #FinanceCommunity #EuropeanFinance @WomeninFinanceM

ICYMI: @marketsmedia sat down with EDXM CEO Tony Acuña-Rohter to discuss the launch of EDXM International’s perpetual futures platform in Singapore and what it means for institutional crypto trading.
Read the full interview: https://bit.ly/45xRUWh

Load More

Related articles

  1. Cyber-Criminals Target Wall Street

    The regulator's emails and email attachments were subject to unauthorized access.

  2. Cyber-Criminals Target Wall Street

    PQC aims to strengthen communication and data security as quantum computing advances.

  3. Wall Street Confronts Cyber Threats

    The DORA compliance deadline is just three months away.

  4. Quantum computing poses a major cybersecurity concern as it can break cryptography & encryption algorithms.

  5. Cyber Threats Mount

    The interruption of the dissemination of indices and market data has been solved.

We're Enhancing Your Experience with Smart Technology

We've updated our Terms & Conditions and Privacy Policy to introduce AI tools that will personalize your content, improve our market analysis, and deliver more relevant insights.These changes take effect on Aug 25, 2025.
Your data remains protected—we're simply using smart technology to serve you better. [Review Full Terms] | [Review Privacy Policy] By continuing to use our services after Aug 25, 2025, you agree to these updates.

Close the CTA