Text messages are too hot to handle for many financial companies, according to the "Electronic Communications Compliance Survey Report" by communication archiving provider Smarsh.

Indeed, 77 percent of the 300 information technology and compliance leaders and practitioners in North America that Smarsh contacted for the survey said text messaging was their greatest compliance risk.

The heightened risk stems from leveraging review platforms that weren't designed for text messages, said Smarsh information governance senior director Robert Cruz. He added, "Now you have communications sprinkled with more emojis and nontext characters. They can be significant and convey sentiment."

Related: The great employee time-sucker: Mobile devices

While 54 percent prohibit text messaging for business communications, 40 percent said their company allows text messaging without an archiving or supervision protocol. Cruz explained there's still a fairly low awareness of solutions that can segregate business and personal text messages.

Instead of leveraging bring-your-own-device (BYOD) technology solutions, companies are more accustomed to hiring a forensic team to provide discovery services on texts and SMS messaging, he noted. However, a majority (69 percent) of respondents said they had no or low confidence in finding specific messages in a text platform within a reasonable time span.

The low confidence may be triggered by companies deploying slower methods such as leveraging the forensics team, reviewing troves of messages or waiting for a telecommunications service provider's record of communications.

"The problem is that's not easy or fast and in many cases you don't get the information you are looking for," Cruz said.

Despite text messages being a top compliance fear, companies are also struggling to archive popular social media platforms, despite allowing employees to use them for work.

Indeed, 49 percent said Instagram communication was allowed by the company without specific archiving solutions, above Facebook (28 percent), collaboration platforms (25 percent) and LinkedIn and Twitter (20 percent each).

Cruz noted Instagram provides an array of ways to interact, making capturing all edits, comments and interactions more challenging for companies and archiving solutions.

The survey also found respondents don't have a policy regarding meeting solutions (47 percent) and collaboration platforms (42 percent), possibly to the company's detriment.  

Cruz noted that this proportion has changed dramatically over the years, with the growing popularity of collaboration tools, including Microsoft Teams, Slack and Cisco Webex. It's "beginning to change how they work, and that is reducing the amount of emails and in-person meetings," he said. "But the problem is, some of these tools get deployed by IT without any guardrails. There's no guidance from IT of what not to do."

However, the report found 37 percent of companies don't have a policy regarding encrypted messaging apps, perhaps underscoring that corporations are waiting for guidance from regulators before they allow certain communication platforms.

The survey found that one-third of respondents said they were waiting for regulators to enforce regulatory guidance before they determined how they will provide those apps with support. More than half (56 percent), however, prohibited encrypted and ephemeral apps outright.

Read more: 

• Employee emails, and other common causes of data breaches
• 4 things to look for when hiring a cybersecurity expert
• 6 employee risk management best practices HR should not ignore