The past 12 months have been rife with increased guidance on surveillance and millions in regulatory fines for not adequately detecting misconduct. From COVID-19 dominating and affecting every aspect of business and surveillance for the past two years, to increased data sources and a new ESG focus, there are a variety of new challenges facing compliance teams.
Last week, compliance experts joined Rob Mason, Relativity Trace’s global regulatory lead, to discuss what they saw in the market in 2021, and how that will affect surveillance teams’ strategies in 2022.
Let’s dive into the five topics they covered.
1. Bigger, Billion-Dollar Fines
For the first topic, Sonia Chowdhury, compliance subject matter expert on the Relativity Trace team, joined Rob to discuss how fines and enforcement actions have been shaping up. Interesting statistics showed just how much the issuance of fines and penalties in the market abuse space have increased since the 2008 financial crisis for the six largest banks in the US:
- Pre-crash: 1998-2008
- 85 legal actions
- $14 billion in sanctions
- Crash-related: 2008
- 108 legal actions
- $154 billion in sanctions
- Post-crash: 2009-2020
- 202 legal actions
- $26 billion in sanctions
- COVID-19: 2021
- 67 legal actions
- $2.6 billion in sanctions
Rob went on to explain: “It’s probably fair to say only a steady flow of standard market abuse enforcement actions have come out over the COVID era—however, the size of fines seems to continue to get relentlessly bigger.”
The fines are getting bigger because the regulations aren’t being followed, as with a recent $200 million fine for a large global institution’s lapses in recordkeeping and monitoring all employee communications.
“This seems unlikely to be restricted to just this one firm. As the SEC ‘sweeps’ continue, firms need to revisit their surveillance strategy to ensure all communications are captured for recordkeeping and monitoring purposes—and it’s safe to assume that FINRA and FCA will also be prioritizing these actions,” Sonia added.
The key takeaway regarding these breaches and fines is that, as ongoing hybrid working circumstances persist, all devices should be within the scope of monitoring regardless of where work is being undertaken. Firms can also proactively identify risk with robust communication surveillance systems and a strong tone from the top.
2. Social Trading Post-Gamestop and That SEC report
The next topic Rob dove into was one of the most popular topics of the year, grabbing headlines for months. A quick recap: on Reddit, r/WallStreetBets learned that hedge funders were betting that shares in GameStop would plummet, so they decided to buy shares and the price shot up 90 percent. As a result, Robinhood suspended buying, “do not sell” trended on Twitter #holdtheline, and general chaos ensued.
A detailed SEC report on the phenomenon followed later in the year, suggesting a confluence of factors occurred but no real action was the conclusion. As Rob explained, “Regulators have, for years, wrestled with bulletin boards where individuals recommend stock picks where they may encourage other investors to follow suit and help drive the price of their investment up, then benefit from that price movement. Putting social media into this equation feels like putting bulletin boards on steroids, as the reach, global audience, and potential impact can be massive.”
The difficult question becomes: what is smart research and what is insider trading? Although we don’t have an answer now, with the SEC report and the rapid growth of trading accessibility through apps like Robinhood and eToro, regulators are going to continue to try to find ways to protect markets from manipulation.
3. Environmental, Social, Governance: The New Compliance-Owned Risk
Diving into ESG, Rob explained that this is what he believes to be one of the most monumental new compliance issues on regulatory and boardroom agendas. Here’s a quick explainer of what the terms mean:
It is clear that ESG is no longer just viewed as a desirable strategy for the securities industry (obviously also affecting all sectors); it’s also, for example, where investors might move their investments to “sustainable pension funds only,” and it falls to compliance to provide oversight. Any sustainable or environmental claims must be corroborated so that they can be defended if challenged.
Rob went on to explain that ESG overlaps with broader cultural and integrity concerns within organizations. “Inevitably we will see some specifics of ‘green abuse.’ Greenwashing is already a consideration, when companies claim environmental credentials for investments and practices when they don’t deserve them. Setting up controls which explicitly cover this won't be easy, but will be needed as regulations are coming and abuse or breaches of them are inevitable.”
An example: In 2021, Nike found itself in a heap of trouble for human rights/ESG concerns with accusations of child slave labor in its supply chain in China. Managing this issue in a geography where it has a lot of workers but also a large number of customers was not comfortable and, it could be argued, has had an even greater impact on shareholders than potential environmental concerns.
The key takeaway here is the ESG violations are not just regulatory concerns—they should be top of mind for leadership because of the impact on consumer behavior. Leveraging one surveillance tool to monitor both employee conduct and market abuse communications can help prevent risk and drive internal efficiencies in this area.
4. Crypto and Compliance
Chief Compliance Officer for capital.com, a trading platform specializing in cryptocurrency, Joseph Lodato joined Rob to lead the discussion on how compliance is taking on crypto. The SEC actions around crypto have grown over the past few years, with 75 enforcement actions taken against cryptocurrency firms and individuals between 2013 and 2020—resulting in $1.77 billion in penalties, mainly around unregistered offerings.
While Joe and Rob agreed that cryptocurrency trading is designed to be electronic and transparent with an open ledger and verifiable via blockchain, extensive verbal communications may also be necessary for trades to take place given the complexity and relative immaturity of some crypto products. This is where comms surveillance comes in.
Joe quickly added the caveat that crypto is just now entering its “teenaged” phase.
“Surveillance teams and regulators have always known what manipulation looks like until now. Crypto is entering its teenaged years and we’re all still discovering what abuse looks like, which is why it’s important to watch this sector,” he said.
Crypto is gathering more momentum and institutions are fearful of being left behind, so trading and investing in this space are becoming more mainstream. Compliance oversight will need to keep pace even where the associated risks are not entirely defined.
5. Work-from-Anywhere Challenges Are Here to Stay
The work-from-home era is here to stay. The Future Workforce Pulse Report predicts that by 2025, 36.2 million Americans will be remote, an increase of 16.8 million people from pre-pandemic rates.
Rob added: “It makes the requirements for firms to capture all communications channels relating to business activities, however challenging this may be, even more essential. Following on from the fines we discussed earlier, alongside their ‘sweep,’ the SEC has really demonstrated a low tolerance for breaches, and it seems unlikely this is the last enforcement of its kind.”
But how do firms keep up?
Peter Haller, head of product for Relativity Trace, joined to discuss the challenges organizations are facing. The four main challenges he laid out were:
- New communication channels are being added or adopted to create greater efficiencies within organizations, but these new channels must be monitored to meet surveillance regulation.
- With more communications occurring over electronic mediums and greater volatility in the market, more alerts are being generated—straining compliance teams.
- Employees have a greater feeling of invincibility because they are working out of the comfort of their homes, opening them up to exploring the bounds of monitoring and risk management.
- With the Great Resignation, risks associated with employees entering and leaving an organization are more crucial—and evolving compliance teams may open you up to new risks related to personnel changes.
Rob and Peter agreed that while today’s challenge is “work-from-anywhere,” tomorrow the challenge may be something new and completely unexpected.
“The key within all these solutions and communications surveillance platforms in general is being able to easily adapt the product to the changing landscape, changes in business, and changes in the regulations,” Peter said.
When these processes and tools are more flexible, surveillance won’t be a detriment to business efficiency. Instead, it will be able to mold to the needs of today and the changes of tomorrow. The pressure to review alert volumes and find misconduct is only becoming more difficult. Compliance teams must explore innovative technology solutions to find the content that matters with significantly less noise.
The panel covered a wide range of topics during the webinar, all speaking to how quickly the compliance landscape changes and the importance of flexibility across the business. To watch the webinar and the engaging Q&A that follows, click here.