Communication tools like Microsoft Teams and Zoom have become indispensable in creating high-performing remote workforces. However, for brokers, banks, hedge funds and other financial institutions it’s created a high-risk game of cat and mouse. Legally they cannot use MS Teams or Zoom unless they are able to record and monitor all conversations. The same goes for messaging apps like WhatsApp and WeChat.

 

Discussed further in our white paper, here are the experiences and collective thoughts of the DoubleEdge leadership team, captured during a recent virtual Q&A.

  

How has compliance evolved and where is the market today?

 

Steve Burges: 15 years ago most firms had small compliance teams and only had to worry about monitoring fixed lines and emails. And, from 2011, recording mobiles as well. Since then we’ve seen an explosion in the way people communicate, while legislation has tightened and will only get stronger.

 

Steve Dourdil: It’s also no longer just a financial services problem. Other industries like healthcare, legal firms and health and safety are struggling with very similar challenges.

 

What are you seeing in your conversations with clients? 

 

Alex James: Siloed data remains one of their biggest headaches. It lives in multiple systems and even across multiple geographies. There’s no central management or consistent governance across phone, mobile, video and messaging recordings, for example. So, the compliance process becomes ever-more complex and heavier to handle.

 

Steve Burges: The other thing I’ve noticed is there’s far more millennials, particularly among brokers and dealers. They’ve grown up as digital natives with smartphones and behave very differently. But I’m not sure the workplace has adapted quickly enough with them.

 

Has anything surprised you about the way firms have tried to meet the challenges of the past 12 months?

 

Steve Dourdil: I think attitudes have started to change. Most firms have realised there is no grey area or wriggle room now. If they want to adopt solutions like MS Teams or Zoom, they must record relevant communications.

Steve Burges: Breaches in compliance recording provide a welcome new revenue stream for regulators like the FCA. So, it’s no surprise they’ve become far more active with fines from successful enforcements currently accounting for as much as 50% of their total income.

 

To what extent do you think extending Senior Managers and Certification Regime (SM&CR) legislation to include all FCA-regulated firms, just months before the COVID outbreak, has influenced the way firms have managed compliance while working remotely?

 

Alex James: Travel bans and getting shut out of buildings showed everyone the limitations of legacy on-premise systems. We know of one case where compliance recording was assumed to have been running when in fact it had stopped several months previously, leaving the firm wide open.

Steve Burges: Firms feel exposed with home working. They’re looking towards cloud-enabled monitoring solutions that can be securely managed from anywhere. And rethinking whether they still want to manage operations in-house or outsource to a specialist.

 

How has the role of Chief Compliance Officers changed over the past few years?

 

Steve Burges: The CCO is a relatively new role that didn’t exist 10 years ago. Now the CCO is the custodian of brand and reputation. Their decisions and actions directly impact a firm’s trading performance. Most also have the thankless task of gathering recordings and building cases.

Steve Dourdil: CCOs have a really big job on their hands when it comes to keeping up with changes in regulation and, increasingly, technology. They need help understanding how enablers like AI and machine learning can be integrated to make compliance easier.

 

Finally, how do you see the compliance landscape looking in 5-10 years?

 

Alex James: It’s basically Moore’s Law, right? The pace of change continues to quicken every year. The scary thing is that some trading floors don’t even have phones now. Automated solutions will be key because manual processes and intervention will no longer be sustainable.

Steve Burges: Recording of apps like WeChat and WhatsApp is now becoming commonplace. And we’re already seeing interest in extending compliance monitoring to newer applications like Signal, Telegram and LINE. And, in 2022, I’m sure we’ll see more new communication tools emerge. So we need to make sure we’re ready.

To discover how DoubleEdge is helping customers to effectively navigate the world of compliance, call 44 (0)20 3137 8460 or get in touch at info@edge-edge.co.uk

Further Reading

White Paper: The Changing Face of Compliance

Meeting FCA, MiFID II, FINRA, GDPR and innumerable other regulations is nothing new for brokers, banks, hedge funds and other financial institutions. They’ve been doing it for years.

Now compliance controls cover a distributed remote workforce using diverse collaboration tools and messaging apps. And penalties are no longer confined to companies. UK regulators are coming after individuals under Senior Managers and Certification Regime (SM&CR) legislation.

Essential reading for board members, compliance leaders and IT managers, this white paper discusses the practical steps companies can take to ensure continuous compliance across their communications estate, including Microsoft Teams, WhatsApp, and other emerging channels.

Report: The 7 Ways To Record WhatsApp For Compliance

With 2 billion active users and over 100 billion messages being sent every day, WhatsApp is the most popular instant messaging app on the planet.

Factor in the increased usage sparked by global lockdowns and the growing trend towards remote working, and it’s easy to see why many organisations in heavily regulated sectors such as Banking, Finance, Energy, Commodities Trading and Insurance are scrambling to find a solution to capture these communications in order to gain a competitive edge while remaining compliant.

As it is encrypted end-to-end, WhatsApp cannot be recorded using traditional methods. But, if your organisation is looking for a way to compliantly capture and archive its employees’ new ways of working, this report outlines the seven ways in which this can be achieved.

COMPLIANCE: IMPORTANT OWNERSHIP CHANGES WHILE ADAPTING FOR FLEXIBLE REMOTE WORKFORCES

Managing ever-growing regulatory demands was tough even before COVID-19. Now controls have to cover a remote workforce using increasingly diverse collaboration tools and messaging apps. And compliance is no longer solely a company responsibility. UK regulators are also coming after individuals under Senior Managers and Certification Regime (SM&CR) legislation.

 

Discussed in detail in our white paper, here are the key takeaways for board members, compliance leaders and IT managers.

 

Technology: friend or foe?

Home or hybrid working looks set to stay. One year on from the first national lockdown the FCA has made it clear UK firms have had ample time to put compliance recording measures in place for remote workers. That’s easy to say and hard to do. Especially when they’re using more devices and channels than ever before.

Old-world surveillance technology focused mainly on phone, mobile and email. Today, the only way to ensure continuous compliance is to record and monitor all business-related communications across all channels on all devices – phone, PC, laptop, tablet and mobile. Increasingly, this includes interactions over video platforms like Teams, Skype and Zoom plus messaging apps like WhatsApp, Signal, Telegram, LINE and WeChat.

Also, in the case of financial firms, all communications relating to deals and investment must be recorded and kept – even if they don’t result in a financial transaction. That’s a lot of data storage. And a lot of unbudgeted expense.

Raised stakes

SM&CR rules firmly place senior managers on the front line. They are personally accountable for their actions with the threat of misconduct investigation, fines, prosecution and possible suspension or dismissal. While effective governance models with clearly defined roles, responsibilities and processes go a long way to helping, they still don’t solve the basic problem. Your clients want to choose how and when they engage with your business. However, unless you can monitor and record conversations, you can’t offer those services, leaving your company out in the cold and falling behind rivals who can.

When I talk to our customers, they’re understandably spooked. Some are looking to get started with a specific solution for, say, capturing calls on Microsoft Teams. Others want to simplify a spaghetti of legacy compliance recording, archiving, and reporting products. It’s not uncommon for PBX recordings to reside in one archive, Trader Voice in another, emails in another, IM chat messages in another, and so on. Standalone systems with multiple archives can be spread across various regions and legal jurisdictions.

Assuring the compliance journey

At DoubleEdge we have market-leading solutions and experts to assist at all points of the compliance journey. Our professional services team provide assessments and end-to-end solutions including MS Teams deployments, from licencing and solution design to PBX integration and compliance recording.

Along with maximising savings from retiring legacy systems, we help customers avoid hidden pitfalls and gotchas. For example, by designing always-on solutions for only those employees who need to be recorded, not those who don’t. So, there’s no need to over-engineer storage for peak loads such as a large weekly Microsoft group call. Storage costs are further minimised through automated record de-duping. Total cost of ownership and bandwidth are also lowered using technologies to reduce file size and frame rates.

Using AI automation we take the heavy lifting out of tasks like transcription, translation and proactive monitoring. And we boost ROI with infrastructure-related features like permissions-controlled access, active-active resilience across geographies, and PowerShell scripts to cut deployment times from days to hours.

So, however daunting compliance recording may appear, our customers are in safe hands.

To discover how DoubleEdge is helping customers find the right solutions, call 44 (0)20 3137 8460 or get in touch at info@edge-edge.co.uk

Further Reading

White Paper: The Changing Face of Compliance

Fulfilling FCA, MiFID II, FINRA, GDPR and countless other regulations is nothing new for brokers, banks, hedge funds and other financial organisations. They’ve been doing it for years.

Now compliance controls cover a remote workforce using varied collaboration tools and messaging applications. Penalties are also no longer confined to businesses. UK regulators are coming after individuals under Senior Managers and Certification Regime (SM&CR) legislation.

Essential reading for board members, compliance leaders and IT managers, this white paper explores the practical steps companies can take to ensure continuous compliance across their communications estate, including WhatsApp, Microsoft Teams and other emerging channels.

Report: The 7 Ways To Record WhatsApp For Compliance

With 2 billion users and over 100 billion messages being sent every day, WhatsApp is the most popular instant messaging application in the world.

Factor in the increased usage sparked by global lockdowns and the growing trend of remote working, it’s easy to see why many businesses in heavily regulated sectors such as Finance, Banking, Energy, Commodities Trading and Insurance are looking to find a solution to capture these communications in order to gain a competitive edge while remaining compliant.

As it is encrypted end-to-end, WhatsApp cannot be recorded using traditional methods. But, if your business is looking for a way to compliantly capture and archive its employees’ new ways of working, this report outlines the ways in which this can be achieved.

THE RISE OF BUSINESS MESSAGING APPS AND THE NEED TO STAY ON THE RIGHT SIDE OF THE LAW

In the past, investment banks and financial firms barred employees from using encrypted messaging services like WhatsApp and its rival Telegram Messenger. Internally-driven penalties to discourage flouting such rules could also result in high profile suspensions and dismissals. in today’s hyper-connected world, that stance has had to be adjusted with the introduction of compulsory message recording laws. Clients increasingly call the shots – legitimately – over how they want to engage and communicate. That doesn’t leave any option when it comes to whether or not to record deal-relevant communications over whatever medium.

Comms preferences strongly linked to loyalty

The ease and speed advantages of live synchronous messaging for deal instruction and execution are clear where milliseconds determine how much money is made or lost. Likewise, tools such as WhatsApp, WeChat, Signal and Telegram offer the ideal broadcast platform for flagging price fluctuations, stocks to watch, and similar one-to-many communications.

Pandemic-enforced home working and continuous lockdowns have taken their toll on business relationships. Video conferencing has helped fill the void, but we’ve all missed in-person face-to-face meetings. In a recent survey, 58% of advisors attributed the loss of clients to failure of meeting communication needs. Brand loyalty is on the wane, with Foresight Research uncovering a whopping 27% rise in churn rates within the banking sector.

The key takeout is customers are more likely than ever to defect to rivals if you cannot meet and beat their service expectations – and that includes the use of messaging apps.

Ignorance is no excuse
Most bright Generation Z workers have grown up digital natives. It seems like a marriage made in heaven. Yet, the reality is anything but. In the case of financial firms, all communications relating to deals and investment must be recorded and kept, even if they don’t result in a transaction.

So, unless you can track conversations over media like WhatsApp and WeChat, you can’t use them. And, as firms are discovering, there are no longer any grey areas. Regulators are clamping down worldwide and only too willing to issue substantial fines.

Gaining control of encrypted messages

What’s needed is a new approach; one that expedites the safe adoption of messaging apps without presenting IT and compliance executives with still more costs and complexity to manage. For example, replacing dodgy workarounds such as copying and pasting chat messages into emails (a risky practice that wastes time, is open to abuse and unlikely to stand up in court).

Now, there are purpose-built recording solutions on the market that are able to securely access encrypted messaging apps. All text conversations are immediately time-stamped and safely archived, making it impossible to delete or edit them. Surveillance alerts can be set to expose potential breaches and demonstrate even stronger compliance.

As an example, one of our clients, a large brokerage, has transformed productivity and customer service. They now handle around 30,000 messages a day, safely and compliantly. And they sleep soundly at night knowing that they can always prove it.

Don’t overlook calls
Many firms have no direct control over employees making calls via WhatsApp or WeChat. That’s often because their mobile device management systems can’t prevent users from doing so through IT policy enforcement. So, short of relying on employees’ goodwill, firms are effectively leaving themselves open to possible compliance breaches.

Messaging app recording solutions remove this worry too. They are also pretty versatile and can cover most workplace situations. For instance, it’s now possible to record on both corporate-owned and personal mobile devices, across Android and IOS operating systems, without encroaching on staff’s right to keep their personal, non-business communications private. And new solutions are being developed all the time for emerging platforms like Signal.

Kevin Nugent
Account Director
DoubleEdge Professional Services
www.linkedin.com/in/kevin-nugent-7757b5

To discover how DoubleEdge is helping customers to safely adopt messaging apps, call +44 (0)20 3137 8460 or get in touch at info@edge-edge.co.uk

Further Reading

White Paper: The Changing Face of Compliance

Meeting FCA, MiFID II, FINRA, GDPR and innumerable other regulations is nothing new for brokers, banks, hedge funds and other financial institutions. They’ve been doing it for years.

Now compliance controls cover a distributed remote workforce using diverse collaboration tools and messaging apps. And penalties are no longer confined to companies. UK regulators are coming after individuals under Senior Managers and Certification Regime (SM&CR) legislation.

Essential reading for board members, compliance leaders and IT managers, this white paper discusses the practical steps companies can take to ensure continuous compliance across their communications estate, including Microsoft Teams, WhatsApp, and other emerging channels.

Report: The 7 Ways To Record WhatsApp For Compliance

With 2 billion active users and over 100 billion messages being sent every day, WhatsApp is the most popular instant messaging app on the planet.

Factor in the increased usage sparked by global lockdowns and the growing trend towards remote working, and it’s easy to see why many organisations in heavily regulated sectors such as Banking, Finance, Energy, Commodities Trading and Insurance are scrambling to find a solution to capture these communications in order to gain a competitive edge while remaining compliant.

As it is encrypted end-to-end, WhatsApp cannot be recorded using traditional methods. But, if your organisation is looking for a way to compliantly capture and archive its employees’ new ways of working, this report outlines the seven ways in which this can be achieved.

30 MINUTE LIVE WEBINAR

Wednesday 27th January at 2:00pm GMT / 9:00am EST

Join us with Rob Houghton (Soteria) and Thomas Perkins (Kerv)

 

If your organisation is using or planning to use Microsoft Teams, how do you ensure regulatory compliance? 

Coverage gaps = increased risk = regulatory scrutiny and penalties.

Since the catalytic effect of COVID-19 on digital transformation and the adoption of business continuity and collaboration tools like Microsoft Teams, regulated financial firms are now potentially unaware of the compliance gap and associated business risk that widespread use of such a platform brings, within their wider communication monitoring efforts.

With Teams adoption surging from 15 million to over 115 million active daily users in under 9 months (Mar-Nov ‘20), the demand has become so prominent that it is attracting new regulatory focus regarding the potential oversight of generated Teams communication monitoring, during examination and enquiries.

The FCA has recently issued a strict announcement, warning firms of the importance of providing the same standard of surveillance of employees who are working from home as they would in an office environment.

If Teams is here to stay, how can firms implement policy-based MS Teams recording and ensure comprehensive compliance and risk mitigation across communication capture, archiving, reviewing and reporting?

Click here to register