
In one of the most expensive communication cases on record, a single internal message did the damage. An engineer at a global aircraft manufacturer wrote, in an internal chat, that he had “basically lied to the regulators.” The message was captured, stored, and retained, exactly as a modern archiving system is built to do. Years later it was read back during an investigation and became part of a USD 2.5B settlement.
Notice what worked and what did not. The recordkeeping worked perfectly. The message was preserved and produced on demand. What failed was the timing. By the time anyone with authority read that line, it had already been sent, stored, and turned into evidence. The control arrived after the risk.
That distance, between the moment a message is written and the moment anyone reviews it, is the whole difference between post-send and pre-send compliance. Most teams run one of these. The strongest run both, for different reasons. Here is where each one actually catches the risk.
Every business message moves through a short lifecycle. Someone writes it, sends it, and from that point it is stored, searchable, and discoverable. Compliance tooling sits at two very different points on that line.
Post-send tools operate after the message has left. This is the layer most regulated firms already own: archiving, supervision, e-communications surveillance, and e-discovery. Platforms like Smarsh, Proofpoint, and Behavox capture messages across email, chat, and collaboration tools, store them in a compliant archive, and run detection over the stored record to surface anomalies, policy breaches, and conduct risk. For regulated firms this layer is mandatory. Recordkeeping rules from the SEC, FINRA, and the FCA require that communications be captured and retained, and supervision rules require that they be reviewed. Post-send tooling exists because the regulator demands a record.
Pre-send tools operate before the message leaves, while it is still a draft in the compose window. This is the newer “nudge” layer. As an employee writes an email or a message, the tool reads the draft, flags the specific phrase that carries legal, regulatory, or reputational exposure, and offers a safer way to put it, before send. The line that would have entered the archive as a violation is corrected while it is still editable.
The two layers answer different questions. Post-send answers “can we prove what was said, and can we find the problems in it.” Pre-send answers “can we keep the problem from being said in the first place.”
Put concrete risks against each control and the division of labour becomes clear.
| Scenario | What post-send does | What pre-send does |
|---|---|---|
| A rep writes “guaranteed returns, risk-free” to a client | Captures it, may flag it in the review queue days later, after it reached the client | Flags the phrase as the rep types it and offers a compliant rewrite before send |
| An internal message admits wrongdoing (“I lied to the regulators”) | Preserves it as a permanent, discoverable record | Surfaces it before it is sent, while removing it is still costless |
| Confidential data is about to go to an external party with no NDA | Records the disclosure once it has happened | Warns at the recipient level before the message leaves |
| A message to a competitor proposes “aligning” prices | Becomes an exhibit in the file | Flags the coordination language before it is sent |
The pattern holds across categories. Post-send gives you the record and the after-the-fact detection that regulators require. Pre-send lowers how much risk ever reaches that record. One is your system of evidence. The other is your way of having less to explain.
The common mistake is to treat these as rival purchases. They are different controls at different moments, and for a regulated firm the honest answer is usually both.
Keep the archive. It is mandated, it is your system of record, and nothing about a pre-send check removes the obligation to capture and retain. What a pre-send layer changes is the volume and severity of what flows into that archive and into the supervision queue your team reviews by hand. Every guaranteed-returns line corrected before send is one fewer item in the review backlog, one fewer remediation, one fewer near-miss that could have been a fine. The pre-send layer sits in front of the archive as a filter, so by the time a message is captured, the language has already been vetted.
This is also where the cost case lives. Supervision teams already spend real money reviewing flagged communications after the fact. A control that lowers the inflow is measured against a budget that already exists, which is a very different conversation from asking a team to fund the prevention of a hypothetical.
A pre-send check is built for the most common cause of communication incidents. That cause is rarely a sophisticated attacker. It is a well-intentioned employee, under deal pressure or simply moving fast, who does not notice that the line they just wrote creates exposure. We spent two decades teaching people to distrust the suspicious inbound email. Almost no one is taught to distrust their own outbound wording. That blind spot is where pre-send earns its keep.
Be precise about the limit, because it shapes how the two layers fit together. A pre-send check is a probabilistic assistant. It is not an adversarial enforcement wall, and it should not be sold as one. A determined insider who wants to evade it can phrase around it, the same way a determined insider can evade most controls. That is exactly why the archive stays the system of record. The pre-send layer reduces accidental and careless risk at the moment of writing, and the immutable record stands behind it for everything the pre-send layer is not designed to catch. Used together, they cover both the common case and the adversarial one.
If you only run post-send tooling today, you have a complete record of what went wrong and a queue of it to review. That is necessary, and it is a different thing from prevention. The cheapest moment to change the outcome of almost every communication case on record was the moment before send, while the message was still a draft.
A simple way to audit your own controls: map each one to the message lifecycle. If everything you own sits after send, you are equipped to prove and to detect, and you are not yet equipped to prevent. Adding a pre-send check is how you start catching the line before it becomes the case.
VerbaPulse is a pre-send communication-compliance check that flags risky phrasing in Outlook, Gmail, and LinkedIn and offers a safer rewrite before a message is sent. It pairs with the archiving and supervision stack you already run. See how the pre-send layer works for compliance teams.
See how VerbaPulse flags risk before an email is sent, right inside Gmail and Outlook.
See VerbaPulse in action →