Buy-side Trade Surveillance Q&A: Experts Weigh in on Holistic Surveillance

The world around us is changing fast, but technology is evolving even faster. Asset managers, hedge funds, insurance companies, and other global buy-side firms, are finding themselves at the intersection of these two global trends, as regulatory pressures outpace compliance resources. Are buy-side firms finally upping their surveillance game? And can a holistic approach help? In this Q&A Roundtable Interview three buy-side experts (below) share their unique perspectives on these and other questions.

• Chris Beevor, Head of Advisory & Development Group Compliance GAM
• David Cowland, Head of Compliance Operations Fidelity International
• Steve Bill, VP EMEA NICE Actimize

According to a recent webinar poll, only 30% of buy-side compliance professionals felt they had implemented an effective market surveillance program. Why are buy-side trading firms now looking to raise their game with respect to surveillance?

David Cowland: Many buy-side firms are already meeting regulations. But I think the world is starting to change. First – and this is important to clients as well as to regulators – firms are increasingly focused on ethical behavior. Anything that goes wrong can affect your firm’s reputation. We live in a very connected world, and it doesn’t take long when something goes wrong, for it to spread on social media. Recently, I read a piece on the FCA’s website about how financial services organizations are transforming their cultures in a very purposeful way. Firms and their leaders are stepping forward on: climate change, diversity and inclusion, ESG, ethical use of data, and in terms of acting in the best interests of customers, rather than just acting so as to optimize profitability. This culture shift is a driving factor in why firms are looking to step up their game. Of course, cost efficiency and effectiveness matter too. As firms introduce new products, as they diversify, more things needs to be monitored.

Finally, as new technologies have emerged, it has become much easier to take a proactive, forward-thinking approach to trade surveillance communications monitoring, because the technology removes the manual effort.

So what’s wrong with using spreadsheets as a way to track lists for market surveillance?

Steve Bill: Spreadsheets were never good enough. As we all know, regulators want much more. And I think we should all expect better too. In a ’Dear CEO’ letter published by the Financial Conduct Authority’s director of wholesale supervision, Marc Teasdale, earlier this year, he highlighted his concerns about the levels of governance within the investment management community, and came to the conclusion that it was below expectations. The letter set forth the FCA’s supervision strategy for buy-side and it highlighted risks of harm arising from market abuse, both for customers and more broadly, for the market. Firms all know they need to leverage appropriate monitoring and surveillance systems, but the FCA has made it pretty clear that it believes there’s significant room for improvement in terms of putting appropriate controls in place. They’ve also been pretty blunt in saying if firms aren’t complying, there’s going to be a need for enforcement action. This gets back to the ’why now’ part of the original question. Clearly, more needs to be done to curb criminal activity, but technology is also much more readily available.

Which regulations in particular are driving the current buy-side focus on surveillance?

Chris Beevor: I think there are a number of regulations, MAR (the market abuse regime) which is an obvious one in terms of trading surveillance. Then there’s SMCR (the Senior Managers and Certification Regime) which comes into play for large asset managers. This is all against a bigger backdrop of corporations placing a renewed focus on culture, conduct, and ESG. I think that the opportunity – and probably the problem as well – is that firms can implement different types of controls to manage conflicts of interests, trading surveillance, personal account dealings surveillance, and so on, as standalone processes, but to get to the level of an organization that fully embodies conduct and culture, you have to try to bring all of these things together. And I think that’s where the regulatory expectations are changing now. Regulators aren’t just looking at the individual components; they’re interested in seeing how conduct fits into the wider governance of an organization.

Given the current landscape, what technologies are buy-side firms looking at to address these challenge?

Steve Bill: There has been a lot of attention around trade surveillance, but we’re also seeing much more focus around conduct risk in the broadest sense – not just around trade compliance but AML, anti-bribery and corruption. So they really are looking at bringing everything together. Of course this means there’s a lot of data, coming from a lot of places, that needs to be analyzed and managed – data from exchanges, payroll systems, HR systems, and also data from various forms of communication surveillance, including voice. And as we know, voice has been historically challenging. There’s also a strong demand for compliance case management tools that can provide a joined up view across everything that’s being surveilled. And finally a demand for technologies that employ artificial intelligence to help with the heavy lifting.

David Cowland: I agree with Steve. I think it comes back to the need for a holistic view. When you are investigating possible insider trading, just think about what actually happens. First, you’ve got to look at your trades, so you open up your trading system. Then you’re probably going to need to open up your order management system. Then you’re going to need to open up Bloomberg chat. Then you’re going to need to get all of the research materials, emails, chats, voice conversation, maybe even Zoom communications. Before you know it, you have eight or nine applications open. And that becomes really challenging when you’re trying to understand whether a flagged item is a false positive or real issue that needs to be investigated. That’s where holistic surveillance technology can help, by overlaying orders, trades, and all types of communications, so you can see them all in one place.

To what extent do buy-side firms have an opportunity now to take a holistic approach to their market surveillance infrastructures?

Chris Beevor: The inhibitors of time and cost are always going to be there, but I think there is a big opportunity if they can recognize the business cases. The difference between buy-side and the sell-side is there are far fewer resources for compliance and surveillance on the buy-side, so surveillance, particularly in the current environment, is a lot more challenging.

The reality is a lot of organizations probably don’t really understand the surveillance process. It’s just something that happens. I think most companies need to take a step back and look at what pieces of information they should be pulling together to better understand events, where they need to improve their decision-making, and where surveillance technology can help.

From a regulatory perspective, what are some of the challenges of holistic?

David Cowland: The moment you use that word ’holistic’ with a regulator, the regulator’s going to say, "explain to me how it works." With separate surveillance applications, it’s easy to focus on that piece and explain how that one piece of technology fits into one piece of your surveillance program. But as you move to holistic and suddenly bring in AI, and there’s natural language processing working in the background, and machine learning, that’s where the struggles will come in. Senior managers will need to come to grips with how all of that works and explain it to regulators so they can understand what’s going on beneath the covers.

Chris Beevor: I would a hundred percent agree with that. I remember being on a call a couple of years ago with a regulator, and we were talking about AML payment surveillance systems using AI and robotics. The regulator made it clear that from a compliance perspective, they still expect you to understand what the rules are and how those rules are working through the underlying technology. The word ’holistic’ dresses up a lot of things, but you’ve still got to know the detail underneath it.

In a recent poll, we asked buy-side compliance professionals about the obstacles they’ve encountered in their efforts to implement holistic surveillance. By a wide margin most answered ’legacy technologies.’ What are your thoughts on that?

Steve Bill: I’m certainly not surprised that legacy technologies have been a challenge. People, process and technology are always the three things you’ve got to get right. If one of them isn’t right, then you’re not going to end up with the results you want. Legacy technology has always been a challenge. But interestingly, I think the sell-side, in my opinion, suffers more from legacy than the buy-side. A number of buy-side organizations that I’m working with currently are in a better position as greenfield sites, because they’re not constrained by legacy technology.

What improvements have there been in voice technologies that are making those technologies more useful, more beneficial, and easy to work with now?

Steve Bill: We know that making sense of voice is incredibly important for detecting intent. I saw a stat recently that well over seventy percent of market abuse activities are discovered through voice conversations. But the problem with voice has always been accuracy, and specifically the inadequacy of keyword searching. Over the years, voice communication surveillance systems have relied on lexicons which are simply inaccurate. For a voice surveillance solution to work, it really has to understand linguistic rules, nouns, pronouns, verbs, et cetera. It has to understand the structure of sentences, to determine context and sentiment. In our experience, understanding financial jargon is critically important too. Then when you start to layer in deeper analytics and machine learning, the system will be better at picking up that intent, because ultimately it should be able to understand the meaning of that conversation.

If we don’t adopt better strategies around voice, we’re just going to continue to see poor performance, and unmanageable numbers of false positive alerts. The good news is – advanced natural language understanding is leaps and bounds ahead of what we’ve been able to use before. It’s a real game changer. Buy-side firms don’t have armies of people to review and manage alerts. And of course, once you’ve got better data from voice, then you can start to bring it back and combine it with all of your other data, from eComms to trades, for a timeline view of a trade that might take you 30 minutes to reconstruct, instead of the 30 days it could ordinarily take using manual methods.

What factors do buy-side practitioners need to be aware of as they embark on designing and implementing a state-of-the-art surveillance system?

Steve Bill: From my perspective, when I think of state-of-the-art, I definitely think of end-to-end surveillance, integrated surveillance, which we refer to as holistic. For me, when you think about a holistic, the place to start is a single case management layer that’s designed for compliance, where analysts can do all their work, from finding risks to managing alerts.

You also need to make sure you have a mechanism to bind all your data together – including trades and voice and eComms and other behavioral insights. Because if you can’t bring data together, then you’re going to struggle to detect the hidden risks.

The cloud is also becoming increasingly important. We rarely see firms, on the buy-side or sell-side, undertaking large bespoke projects that are solely on-premise these days. There are some firms that still aren’t embracing the cloud, but they are few and far between. Historically, the cloud used to be regarded only as a low cost alternative, but not necessarily the best solution, but today the absolute opposite is true.

Firms should set their eyes on a world class solution, but still expect something consumable in terms of price point, and being able to deploy at their own pace. They don’t need to always jump straight into holistic and that’s really important. The holistic journey can start with eComms, or voice, or whatever approach you want to take. But whatever vendor you choose to work with, just make sure they can take you to holistic, on your timetable, whether it’s six months or two years.

Chris Beevor: I completely agree. I think the most important thing firms can do is ask what problems are we trying to solve? And ultimately, what pieces of data do we need to be able to solve those problems?

The technology is there to do whatever you need it to do these days. The key is being able to bring the data together to give you the picture you want. So you need to be clear on what factors you want to focus in on for your organization. When you talk about holistic, you want to be thinking about what that means from an organizational perspective, what answers it can give you, what risks it can help you manage. I strongly advocate before you start, to stand back and look at what problems you’re trying to solve.

Is an understanding of the relevant regulations essential? Do firms need to go through those with a fine tooth comb?

Chris Beevor: Most organizations already understand the detailed roles of the regulations and how they impact the different components of their surveillance programs. I think if you need something for a specific regulation, then the chances are you’re going to have to buy something very specific. But when you’re looking at something as an integrated approach, I would caution about focusing too much on the individual regulations because you could end up going down an avenue that you can’t back out of. Holistic surveillance solutions are configurable and adaptable to different types of rules.

What is the biggest mistake firms make when deploying a new surveillance solution?

Steve Bill: I’ve actually had potential customers say to me, "I need to buy some AI." And the question I always pose back to them is "Why, what are you trying to do?" Many times they can’t give me a clear answer. The reality is they want to buy technology to help them, but they haven’t always thought through the problem they’re trying to solve. And if you haven’t thought about the problem that you’re trying to solve, you’re setting yourself up for failure.

David Cowland: I agree, I think the biggest mistake firms make is simply focusing on the technology, without understanding the problem they want to solve. Technology is an enabler. But before you jump in, you need to first focus on the problem.

Another mistake firms make is to focus too narrowly. For example, we have an email comms problem, so let’s just get a solution to sort that out.

Another issue is focusing too broadly. You don’t want to necessarily embark on a surveillance project that’s going to take eighteen months to deliver because it handles email, Bloomberg chat, voice, Zoom, trades, et cetera, when in the meanwhile, you still have a hole in your emails. You need to get your eComms problem solved, but at the same time keep an eye on your longer term strategy.

If the current situation has taught us anything it’s that the world is changing very fast, and so the best approach is to break things down into small pieces, but without losing sight of your long term strategy.

In your opinion, should buy-side firms be adopting a buy or build approach?

Chris Beevor: In my opinion, that shouldn’t be a binary question. There’s always benefit in buying because it gives you an out-of-the-box package. And a lot of the times from a regulatory perspective, it gives you the rules-based coverage you need. On the other hand, if your firm has a core competency in something you may be better off building, but those build opportunities are becoming rarer. It’s all about finding the right balance.

David Cowland: I think we should be buying primarily, but on the 80 / 20 rule. We’ve taken an approach of looking for out-of-the-box solutions, but sometimes those solutions don’t provide everything we’re looking for. In this case, it’s best to take a step back and challenge the vendor, or challenge your own processes. Why doesn’t this do what we think is a reasonably vanilla process? Why are we still doing this process this way? Also, stay close to your vendor. For the small number of use cases they don’t support, ask them when they will be able to provide that coverage? As financial services firms, we may have the core competencies to build stuff, but product development is a big issue. If we’re in the business of asset management, do we really want to be a software house? And do we want to have to maintain that product over ten years? Those questions always come into play.

Steve Bill: Historically, lots of firms have spent a lot of money getting to where they don’t want to get to. There are good and bad and ugly stories with any technology. But I really do believe that we’re in a much better place today with technology, especially with the cloud, and with the mainstream capabilities of AI.

With today’s advanced technology, if you are going to try and build it yourself, there’s so much more you’d need to build, that you wouldn’t have needed to build five or ten years ago. We’ve talked about all of the buckets of data, integration, natural language understanding, very complex surveillance, case management, investigation tools, workflow automation, and that’s just the beginning. It’s a big job to build all of this today. But I would definitely agree with David – challenge your vendors; be demanding, but also be collaborative too. Help them understand what you’re trying to do. That’s the best way to achieve the best results.

Meet the experts:

		Chris Beevor is Head of Advisory & Development Group Compliance at GAM
		David Cowland is Head of Compliance Operations at Fidelity International
		Steve Bill is VP of EMEA at NICE Actimize