The actions of employees, clients, counterparties and others can pose significant risks to financial services firms—not only in terms of monetary losses, but also in terms of regulatory actions and reputational damage. Financial services firms are trying to mitigate these risks and comply with regulations requiring the surveillance and retention of all written communications—but are having mixed success.
The large and growing number of internal and external data sources adds to the complexity of the problem. No holistic solution exists at present.
The increase in the volume and variety of communications have tested firms’ resources. At the same time, new regulatory frameworks require organizations to take a more proactive approach to surveillance, including monitoring of voice communications. However, the technology needed for effective voice surveillance is still in its early stages.
Another challenge comes from social media. Participation in social media may be considered a “public appearance” with the same requirements for supervision to be in place as for other public appearances such as a speech or a televised interview. The Financial Conduct Authority (FCA) has said that firms are expected to have a system in place to create a record of social media communications and to retain this information for reference.
Structured data from transactions, positions, portfolio and performance history is proliferating, but firms are also generating more and more unstructured data, including internal chat and instant messages, news feeds, text messages, and content from internal and external collaboration sites. And new platforms such as WhatsApp Messenger and Snapchat are launched all the time.
Financial services firms also face difficulty in identifying, developing and retaining enough skilled people to establish and operate the systems needed for surveillance. Firms need to find the right people and also determine where people and teams should be located, keeping privacy laws in mind.
Ultimately, firms will need to develop integrated surveillance programs using unified information access platforms. Key elements of such programs include:
Enriching unstructured data from emails, chats, forums, social media and voice calls with structured information such as internal restricted lists, government maintained lists, transactions and activity logs.
Integration of voice surveillance into the overall surveillance model, possibly using new technologies employing biometrics, advanced phonetics and other innovations to identify speakers and eliminate background noise and other problems.
Verifying and centralizing data, using new rules and executing ad hoc queries and defining comprehensive analytics against an extensive data repository.
Providing speed and flexibility through the use of customized dashboards and other tools.
Adopting semantic technology that can automatically recognize concepts and topics, understand meaning and categorize information.
Using network analytics, applying statistical methodologies to identify networks and map relationships.
Incorporating visualization tools to supplement alerts and spot patterns.
We believe that with structured and unstructured data proliferating, firms that take an integrated approach to surveillance and detection will be better positioned to address regulatory concerns and avoid losses from ever-evolving threats.