About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Can You Prove Risk-Based e-Comms Surveillance Outcomes Have Merit?

Subscribe to our newsletter

By Robert Houghton, Founder, CTO and Technical Evangelist at Insightful Technology.

The elephant in the room whenever a discussion turns to risk-based surveillance is the fact that many Compliance Officers do not have complete confidence in their data. There are currently no parameters from the regulators of the financial sector to permit risk-based surveillance, yet still the approach is carrying favour with many Compliance Officers.

If this is a course you are considering for your organisation, ask yourself this one question: Should the regulator comes knocking, how will you demonstrate that the outcomes of your risk-based assessments have merit?

The risk-based approach has gathered momentum. However, can pure analysis of e-comms provide a data model that is sufficient to conduct an effective risk-based methodology? Whilst a risk-based approach to measuring a decision process has merit, have organisations considered extending the model to include other data sources?

This leads us on to the misleading narrative that has emerged surrounding the viability of holistic surveillance. Whether financial institutions have successfully built the right models to do holistic surveillance is a different matter! However, debating the different approaches to eComms surveillance distracts from the underlying issue that truly needs to be addressed, and that is how to solve the data quality problem. Get this right and whatever model for surveillance you then choose to implement in the future will be based on a sound and reliable footing.

Like it or not, it needs to begin by addressing who is actually responsible for the delivered surveillance functions. IT are responsible for delivering the infrastructure and supporting the chosen solution and compliance are looking for a solution that meets their needs. Neither party are proven data scientists, who can fully analyse and understand the data and data flows, the links between disparate sources of data and create a single clean data set. I believe that this forms the single biggest hurdle for the market to achieve cost effective automated compliance through machine learning, AI and risk-based surveillance models.

I am not opposed to risk-based eComms surveillance, or indeed any approach a financial institution deems right for their circumstances. Applying a risk profile to the surveillance objects, as a ranking tool, can make good sense. However, it would be remiss for me as a vendor that is well entrenched within financial institutions around the world, to not issue a note of caution as this trend gathers momentum.

Should banks come to the decision that a risk-based approach is right for them, it is our responsibility as a technology vendor, to work together with them and other consultancies to navigate a path that keeps them on the right side of the regulator. Openness with the regulator is essential and it is imperative that they are kept well informed regarding the guidelines, processes and reporting that will be implemented.

Tackling the seemingly larger data challenge may seem insurmountable, but the rewards to be reaped are immense and not only in relation to removing compliance and regulatory related headaches. Regulatory compliance is to a large extent about honesty and transparency, whether within an organisation or with the regulators. As such there is a need for some introspection to look at the root cause of the problem that faces compliance teams every day. In doing so, we transform the function and perception of the compliance department, from a cost centre to a value-driven asset, not only safeguarding the organisation, but delivering additional insight-driven value throughout it.

Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: Best practice approaches to data management for regulatory reporting

Effective regulatory reporting requires firms to manage vast amounts of data across multiple systems, regions, and regulatory jurisdictions. With increasing scrutiny from regulators and the rising complexity of financial instruments, the need for a streamlined and strategic approach to data management has never been greater. Financial institutions must ensure accuracy, consistency, and timeliness in their...

BLOG

Murex Completes SOC 1 and SOC 2 Type 2 Attestations for its SaaS Platform, MXSaaS

Murex has completed SOC 1 Type 2 and SOC 2 Type 2 attestations for its software-as-a-service (SaaS) platform, MXSaaS, covering the period from July to December 2024. The examinations, carried out by KPMG, were finalized with no exceptions noted, building on the SOC 2 Type 1 attestation obtained in July 2024. These independent assessments are...

EVENT

RegTech Summit New York

Now in its 9th year, the RegTech Summit in New York will bring together the RegTech ecosystem to explore how the North American capital markets financial industry can leverage technology to drive innovation, cut costs and support regulatory change.

GUIDE

AI in Capital Markets: Practical Insight for a Transforming Industry – Free Handbook

AI is no longer on the horizon – it’s embedded in the infrastructure of modern capital markets. But separating real impact from inflated promises requires a grounded, practical understanding. The AI in Capital Markets Handbook 2025 provides exactly that. Designed for data-driven professionals across the trade life-cycle, compliance, infrastructure, and strategy, this handbook goes beyond...