Compliance teams are finally renovating compliance programs neglected in the scrum to prepare for MiFID II. However, too often voice surveillance has been an afterthought. Revamping trade and transaction surveillance has been uniformly atop of the 2018 compliance agenda, and leading market participants have also focused on improving the quality and scope of e-communications surveillance. The majority, however, are still a bit intimidated or too complacent to soundly address overdue voice surveillance requirements.
MiFID II, MAR, and Dodd Frank require a more active approach to voice monitoring, where it was once sufficient to only reproduce recordings of conversations in the event of a dispute. While smaller buy-side firms have been given permission to submit written notes of calls instead of recordings under MiFID II, other market participants are required to capture all voice communications, including voicemails, related to trading activities, as well as verbal exchanges related to pre-sales and client suitability vetting.
Figure 1: Surveillance Requirements in Dodd-Frank, MiFID II, and MAR
|Tamper proof archiving (up to 7 years) of all services, activities, & transactions; Voice and eComms||X||X||X|
|Reconstruction of trade and order (incl. communications) upond request from client or regulator||X|| ||X|
|Orders intended to result in a transaction, even if cancelled, must be archived||X|| || |
|Archive should include notes of face-to-face meetings||X|| || |
|Constant monitoring of orders received, transmitted, and executed to indentify suspicious behavior|| ||X|| |
|Upon request from the regulator, submission of reasons for decision for not filing a Suspicious Transaction and Order Report (STOR) after suspicious orders and transactions are examined|| ||X|| |
|Submission of STOR to regulators along with relevant trade and communciations records|| ||X|| |
Voice is often perceived as the most complex and costly frontier of surveillance. While regulators have been forgiving of substandard approaches in the past, this will not persist in the coming months and years. In this post we will discuss some outdated voice approaches and offer a few recommendations for beginning to tackle this challenge. As technology solutions and the understanding of voice surveillance have improved in recent years, regulators are promising to be less lenient. The market’s reticence to appropriately monitor voice must be addressed.
Approaches to abandon
- Spot Checking Voice Interactions - It has been common practice for even the largest financial institutions to spot check only a small percentage of voice interactions in low-cost call centres. Bad behaviour can easily slip by unnoticed with such a porous approach, guaranteeing exposure.
- Banning/Limiting Trade-Related Activities Using Voice - Because voice-based trade communications must be monitored across turrets, fixed lines, mobile devices, VoIP, and numerous apps, it is costly to capture and store consistently. Alongside severely limiting voice trading, a few firms have also constrained trading activity only to technology platforms that also provide or more directly enable surveillance. Organizations should carefully consider the implications of limiting such activities on efficiency and client and employee experience before making these decisions.
- Banning Mobile – In order to cohesively monitor mobile devices, firms operating across multiple geographies and mobile operators often need to establish arrangements with several suppliers to ensure complete mobile recording integrity, while heeding local privacy laws. Because of this complexity, some firms have simply opted to ban the use of mobile for all trade-related activities. Not only is this difficult to enforce, but it also has a traceable impact on efficiency and mobility.
- Reliance on Metadata Alone - Some firms rely mostly on the metadata of voice interactions and avoid pre-emptive analysis of recordings altogether. While relationship maps can help to make sense of metadata by revealing communications flow intensity and changes between entities, it does not provide sufficient coverage alone to satisfy regulators and mitigate vulnerability. Metadata analysis, while able to provide quick and important insights, is best deployed in conjunction with an assessment of the actual content of conversations.
As market participants look for ways to begin tackling voice, they should:
- Ensure Quality Recording Files - Even when firms are confident they are recording most voice channels, geographies, and abiding by privacy laws, poor compression of files can make even basic analyses of content of conversations impossible. Ensuring the integrity of recordings is sufficiently maintained is essential - too many firms fail on this front.
- Enable Voice-to-Text Transcription – Market participants should consider beginning with the conversion of voice to text using phonetic, keyword, natural language processing, voice recognition, allowing sentiment analysis and pattern recognition. Financial institutions must diligently ensure their service provider covers the languages required and is able to reliably train these systems.
- Embrace Mobile – We expect to see firms revise mobile and bring-your-own-device (BYOD) policies demanding the use of company-provided mobile phones, where everything is immediately recorded and timestamped either via service providers or built-in applications.
- Not Expect Artificial Intelligence to Solve Everything – While more nascent techniques using behavioural analytics and artificial intelligence are promising, some companies have begun trying to employ such approaches without having the basics in order. Artificial intelligence can dramatically improve surveillance coverage, but without the fundamentals including quality recordings, coverage of all channels, maintenance of an active directory, and the ability to handle all required languages and accents, artificial intelligence will fall far short of its potential.
Apart from good hygiene, proper voice surveillance is essential to avoid the eye-watering fines already meted out by regulators for lapses in market and e-communications surveillance, as well as to ensure best business practices. Those firms who continue to rely on the manual, people-intensive, or leaky voice surveillance approaches will struggle and put themselves at risk.