Your single source for new lessons on legal technology, e-discovery, compliance, and the people innovating behind the scenes.

E-Comms Surveillance Deep Dive: Good News & Bad News for Surveillance Teams

Kristy Esparza

In May, industry analyst 1LoD hosted the E-Comms Surveillance Deep Dive, where professionals from across Europe, the US, and Asia discussed the future of communication surveillance and weighed in on how their organizations are addressing today’s challenges.

In a recent report, 1LoD summarized the highlights of the conference and capped things off with a heavy dose of optimistic realism: There’s good news and bad news for surveillance teams.

The good news: 95 percent of attendees feel that their senior managers see the value of a communication surveillance program. The bad news is most organizations have tailored their surveillance budget to meet only the bare minimum—which could hurt them in the long run.

Today we’re diving into the highlights of the report and sharing the key areas that surveillance teams are grappling with. But to get all the details and see how your team stacks up, check out the full report. It’s worth the read.

Machine Learning: The Key to Surveillance Efficiency?

In refining their surveillance programs, many organizations are focusing on optimizing small details, rather than embarking on a big-picture overhaul. Reducing false positives to make alert flow more manageable tops their to-do list.

Attendees acknowledged that machine learning can be a huge help, though many institutions are still weighing the pros and cons of the investment. However, the benefits of using machine learning are hard to ignore.

Throughout the industry, participants suggested that machine learning has helped institutions reduce false alerts by 90 percent and can save analysts around 25 hours per week each. And that’s just the start of the benefits. It can also improve efficiency in other ways, including translation and keeping up with new and emerging data types.

Relativity Trace’s AI-based data cleansing is one option that can make this drastic difference. By removing headers, footers, confidentiality disclaimers, and duplicative emails, false positive alerts have been reduced by 92 percent for clients. Not only can you translate and transcribe more than 100 languages, but Trace also comes pre-built with more than 40 types of misconduct scenarios, such as market manipulation, code of conduct breaches, sales fraud, and anti-trust violations—helping you monitor alerts tailored to your organization’s needs.

Regulators Are Looking for Surveillance Integration

Integration was another hot topic at the event, though attendees had different ideas about what an integrated surveillance program looks like.

For some organizations, integration means aggravating data sets before alert generation to create fewer, more intelligent alerts. For others, especially banks, integration is about blending outputs from different parts of their surveillance program into one complete picture of activity and conduct.

Either way, regulatory pressure is a large driver for institutions to combine their surveillance efforts, with 44 percent of attendees assuming that regulators expect them to have integrated surveillance programs.

For Joep Knook, senior supervisor officer at the Dutch Authority for Financial Markets (AFM), that assumption is correct.

“We fully encourage investments in unification of data types. Instead of having different solutions for voice and e-comms […] get it under one umbrella or at least have a centralized case management system that sits on top,” Joep said at the Deep Dive.

If the AFM is any indication for how the regulatory world at large thinks about surveillance programs, organizations should definitely take note.

Still, most aren’t far along with integration, and it seem to be a long-term game. Sixty-three percent say integration is a work in progress, and 83 percent report that they will still be working on integration three years from now.

Risk-Based Surveillance Is Not Mission Impossible

Meeting regulatory requirements is, of course, the cornerstone of compliance, but is simply checking items off a list enough? Organizations are split down the middle on this one, with 50 percent saying they’re largely focused on meeting prescribed regulations. The other half is adopting a risk-based surveillance approach.

Risk-based surveillance could mean a few different things. Some financial institutions are expanding the scope of their surveillance programs to include employees outside of sales and trading. Additionally, organizations are beginning to rank employee behavior and narrow their surveillance focus to those marked as the highest risk.

Both of these strategies, while effective in reducing risk, come with privacy and employment law considerations.

Despite the legal challenges, 75 percent of attendees said that surveillance programs should be expanded to includenon-sales and non-trading employees, and 60 percent believe there’s a “strong” or “reasonable” case for narrowing the surveillance focus on high-risk individuals.

Relativity Trace General Manager Jordan Domash offered his take at the conference, noting that risk-based surveillance is challenging, but nowhere near impossible: “One way to think about a risk-based approach is that it means configuring relevant rules to specific populations. This in turn means you need agility in a world in which those risks are changing continuously.”

He went on to explain how institutions can achieve this with Relativity Trace. “You can do this with lexicons, applying a particular rule set to a specific population; you can add machine learning to a system like that; and there is technology that incorporates reporting capabilities around effectiveness, and also validation workflows that give assurance that your models are at a certain level of statistical confidence.”

Keeping Up with the Digital Revolution Requires a Long-Term Strategy

As communication channels continue to multiply and diversify, monitoring employee communications becomes increasingly difficult for surveillance teams.

Regulations, like MiFiD II and MAR, require companies to conduct all regulated activity on recordable channels. However, because most surveillance teams have yet to incorporate channels demanded by clients into their recording and monitoring solutions, client-facing staff are left with an impossible choice: Refuse to deal with clients on those apps, or use personal devices to get around the rules. It’s understandable that many employees—even the otherwise compliant ones—choose the latter.

Surveillance teams have recently attempted to counter the issue with strict and highly visible enforcements, such as publicly terminating executives for using unauthorized apps. Another option, 1LoD pointed out, is to monitor the number of communications in an approved channel—if the volume drops, that may be a sign that communication has moved elsewhere.

Yet, neither of these options provides a sustainable solution, especially as technology types continue to grow and regulations continue to evolve. Investing in technology that allows your institution to meet and grow with the minefield of new data sources could be a better long-term solution.

Relativity Trace, for instance, can ingest communications from more than 50 data sources, including the three most-demanded client platforms (WhatsApp, WeChat, and Zoom). With a monitoring solution that accounts for new and growing channels, organizations can get the best of both worlds: happy regulators and happy clients.

Futureproof Your Surveillance Team

1LoD wraps up their report with a salient point. Regulations are constantly evolving, and data types constantly changing. Organizations who are focusing only on today are missing a big opportunity tomorrow.

“By focusing only on current regulations, banks fail to invest in systems that would help them comply more cheaply with future regulations. Banks are missing an opportunity to build and demonstrate more effective and efficient systems which could, in turn, encourage the kind of regulatory changes that lower the burden and cost of compliance overall,” 1LoD noted.

The technology for a stronger, more comprehensive surveillance programs is out there. It’s up to the organizations to implement it.

Artwork for this article was created by Kael Rose.

Download a New Report on Communication Surveillance in the Cloud for Financial Institutions

Kristy Esparza is a member of the marketing team at Relativity, specializing in content creation and copywriting.