Along with NICE Actimize, Capco, a leading global technology and management consultancy, recently released a benchmarking report on communications surveillance. The report was compiled following a survey of 43 organisations globally, carried out between March and May 2025.
The report is timely, as it reinforces what we at NICE Actimize have been seeing in our own research and hearing over the past twelve months in discussions with industry participants and regulators, particularly as firms seek greater regulatory certainty around the effectiveness and defensibility of their surveillance programmes:
• While communications surveillance has long been seen as lagging trade surveillance in terms of maturity, the field is catching up quickly, due in no small part to the adoption of new financial technologies such as artificial intelligence and cloud deployment.
• Communications surveillance, when combined with trade surveillance, can provide the “smoking gun” needed to escalate a case for potential regulatory reporting.
• There is increasing emphasis on capture, recording and archiving capabilities across all communications channels, including unified communications platforms, chat and social media applications.
• Reducing false-positive alerts remains a priority, but new technologies may mean that fewer human resources need to be devoted to initial alert triage.
Other important trends highlighted in the report include:
• Exponential growth in data volumes: As trading volumes increase, so do related data volumes. In addition, hybrid and remote working practices have driven significant growth in communications data across an expanding array of channels and platforms.
• Hybrid and remote working: Beyond contributing to post-pandemic data growth, hybrid and remote working introduces new types of risk, such as information leakage and surreptitious or “off-line” activities that would be more likely to be detected in a traditional office environment.
• Data privacy: Firms must balance their obligations to combat financial crime with their privacy obligations to employees, clients and other stakeholders under the laws of the various jurisdictions in which they operate.
At the same time, regulators around the world are increasingly shifting emphasis away from simply expecting firms to have a surveillance system in place, toward control design. Firms are now expected to demonstrate that their controls are reasonably designed to provide appropriate surveillance coverage — including both trade and communications surveillance — across all relevant in-scope businesses and languages, and that those controls are regularly reviewed and tested, reflecting a broader regulatory focus on certainty rather than assumption.
This shift means there is less emphasis on simply reacting to alerts (“firefighting”) and greater emphasis on achieving complete coverage. This, in turn, enables firms to proactively identify changes in risk profiles across the business — including non-financial risks — and deploy resources earlier. Importantly, it also highlights the need to establish a surveillance assurance programme to support this approach and provide evidence-based regulatory certainty during examinations.
The report further notes that communications surveillance is an effective means of detecting information leakage and other forms of data breaches, which may be inadvertent. Such breaches can compromise not only privileged capital markets information, but also intellectual property and personal data.
From a technology perspective, the report highlights that communications surveillance has evolved well beyond random sampling or simple lexicon-based searches. Traditional lexicon-based approaches, which can trigger alerts based on a single word or phrase, are well known for generating large volumes of false positives. While keywords and phrases remain important, newer technologies enable context-based searches, which can reduce false positives by looking at the types of words and phrases around the ‘target’ word or phrase. These techniques are also increasingly used to detect non-financial misconduct such as bullying, harassment and retaliation.
In addition, the report notes that AI-based translation engines are improving the accuracy of transcription and analysis across multiple languages — even where more than one language is used within a single communication.
Despite this progress, the report underlines that significant challenges remain. One ongoing challenge — and the subject of considerable regulatory action since 2021 — is placing effective controls around the use of unauthorised communications channels. Hybrid working has exacerbated this issue, alongside the proliferation of available channels, ranging from widely used platforms such as WhatsApp, Telegram and WeChat to chat functions embedded within other applications. In some cases, specific markets (by geography or asset class) may gravitate toward particular channels, and firms seeking to operate in those markets may need to ensure those channels are brought within their surveillance programmes. The report notes that decisions around how many, and which channels to approve often involve a trade-off between business scope and the marginal cost of establishing controls.
Another major challenge highlighted in the report relates to unified communications platforms such as Zoom, Webex and Microsoft Teams, which typically include audio, video and text (for example, chats and transcriptions). These multimedia channels can generate very large volumes of data, leading some firms to simplify their approach by capturing and surveilling only one component, such as the audio track or an automated transcription.
However, it is often argued that such an approach may miss critical information — for example, an instruction conveyed visually via a handwritten note shown on camera, an emoji, or content displayed during a screen-share. Historically, aside from having a compliance officer present or conducting a manual video review, there has been no reliable way to capture this information. Increasingly, firms are exploring whether AI can help address this challenge. While accuracy remains an issue and progress may be incremental, advances in this area are continuing. As with traditional voice data, information generated by these channels is largely unstructured and must undergo multiple processing steps before it can be effectively subjected to surveillance.
A third challenge is integration. Individuals routinely use multiple means of communication, making it entirely possible — if not likely — that attempts to abuse a market could involve communication across several channels. As a result, a robust digital communications governance and archiving framework is increasingly necessary to complement trade surveillance and help create a compelling evidentiary record that supports regulatory certainty across investigations.
For Chief Compliance Officers, the key takeaways from the report are that communications surveillance warrants increased attention because:
• It has been the subject of recent regulatory focus (although the emphasis may evolve under new SEC and CFTC leadership).
• It will remain an area of ongoing scrutiny due to the proliferation of communications channels beyond traditional phone and email, including unified communications platforms.
• It aligns with and supports statutory recordkeeping requirements.
• It complements trade surveillance to detect fraud and market abuse, while also extending into areas such as information leakage, marketing and public communications, and non-financial misconduct — helping to mitigate broader forms of liability.
• It may include social media communications.
• It is critical in the context of hybrid and remote working.
What Should the CCO Do Now?
The purpose of any surveillance system is to detect wrongdoing. However, the system itself must also be monitored to ensure it is functioning as intended — as the cliché goes, a crime may have occurred, but the CCTV cameras were not working. The first priority for the CCO, therefore, is to confirm that surveillance systems are operating as designed, and that this can be clearly demonstrated to regulators.
Next, the CCO’s surveillance strategy must respond to the trends and challenges identified in the report. Available technologies have evolved rapidly in recent years and will continue to do so, and regulators will increasingly expect firms to deploy up-to-date capabilities in pursuit of greater regulatory certainty.
If they have not already done so, CCOs should also consider how to bring together all elements of the surveillance function into a more unified platform and strategy. Integrating communications surveillance, trade surveillance and other conduct-monitoring capabilities allows relevant signals to be connected, improving both effectiveness and efficiency. This will likely require robust multi-language support.
Finally, CCOs must remain alert to emerging technologies. These have advanced quickly and will continue to do so. Those seeking to commit misconduct are often early adopters, and firms focused on preventing financial crime must be equally prepared to evolve their surveillance capabilities.
Learn More
Download the full NICE Actimize – Capco Communications Surveillance Benchmarking Report to learn more.