About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Can You Prove Risk-Based e-Comms Surveillance Outcomes Have Merit?

Subscribe to our newsletter

By Robert Houghton, Founder, CTO and Technical Evangelist at Insightful Technology.

The elephant in the room whenever a discussion turns to risk-based surveillance is the fact that many Compliance Officers do not have complete confidence in their data. There are currently no parameters from the regulators of the financial sector to permit risk-based surveillance, yet still the approach is carrying favour with many Compliance Officers.

If this is a course you are considering for your organisation, ask yourself this one question: Should the regulator comes knocking, how will you demonstrate that the outcomes of your risk-based assessments have merit?

The risk-based approach has gathered momentum. However, can pure analysis of e-comms provide a data model that is sufficient to conduct an effective risk-based methodology? Whilst a risk-based approach to measuring a decision process has merit, have organisations considered extending the model to include other data sources?

This leads us on to the misleading narrative that has emerged surrounding the viability of holistic surveillance. Whether financial institutions have successfully built the right models to do holistic surveillance is a different matter! However, debating the different approaches to eComms surveillance distracts from the underlying issue that truly needs to be addressed, and that is how to solve the data quality problem. Get this right and whatever model for surveillance you then choose to implement in the future will be based on a sound and reliable footing.

Like it or not, it needs to begin by addressing who is actually responsible for the delivered surveillance functions. IT are responsible for delivering the infrastructure and supporting the chosen solution and compliance are looking for a solution that meets their needs. Neither party are proven data scientists, who can fully analyse and understand the data and data flows, the links between disparate sources of data and create a single clean data set. I believe that this forms the single biggest hurdle for the market to achieve cost effective automated compliance through machine learning, AI and risk-based surveillance models.

I am not opposed to risk-based eComms surveillance, or indeed any approach a financial institution deems right for their circumstances. Applying a risk profile to the surveillance objects, as a ranking tool, can make good sense. However, it would be remiss for me as a vendor that is well entrenched within financial institutions around the world, to not issue a note of caution as this trend gathers momentum.

Should banks come to the decision that a risk-based approach is right for them, it is our responsibility as a technology vendor, to work together with them and other consultancies to navigate a path that keeps them on the right side of the regulator. Openness with the regulator is essential and it is imperative that they are kept well informed regarding the guidelines, processes and reporting that will be implemented.

Tackling the seemingly larger data challenge may seem insurmountable, but the rewards to be reaped are immense and not only in relation to removing compliance and regulatory related headaches. Regulatory compliance is to a large extent about honesty and transparency, whether within an organisation or with the regulators. As such there is a need for some introspection to look at the root cause of the problem that faces compliance teams every day. In doing so, we transform the function and perception of the compliance department, from a cost centre to a value-driven asset, not only safeguarding the organisation, but delivering additional insight-driven value throughout it.

Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: How to ensure employees meet fit and proper requirements under global accountability regimes

Fitness and proprietary requirements for employees of financial institutions are not an option, but a regulatory obligation that calls on employers to regularly assess employees’ honesty, integrity and reputation, competence and capability, and financial soundness. In the UK, these requirements are a core element of the Senior Managers and Certification Regime (SMCR). They are also...

BLOG

“No WhatsApp Ban” – FCA’s Transition from Prescriptive Rulemaking to Outcome-Focused Regulation

There was a flurry of headlines recently following statements from Financial Conduct Authority (FCA) Chief Executive Nikhil Rathi on a podcast, where he laid out the FCA’s new five-year strategy and its mandate for growth. In response to a direct question about regulating encrypted messaging apps and WhatsApp specifically, Mr. Rathi stated that they’re not...

EVENT

AI in Capital Markets Summit New York

The AI in Capital Markets Summit will explore current and emerging trends in AI, the potential of Generative AI and LLMs and how AI can be applied for efficiencies and business value across a number of use cases, in the front and back office of financial institutions. The agenda will explore the risks and challenges of adopting AI and the foundational technologies and data management capabilities that underpin successful deployment.

GUIDE

Regulatory Data Handbook 2024 – Twelfth Edition

Welcome to the twelfth edition of A-Team Group’s Regulatory Data Handbook, a unique and useful guide to capital markets regulation, regulatory change and the data and data management requirements of compliance. The handbook covers regulation in Europe, the UK, US and Asia-Pacific. This edition of the handbook includes a detailed review of acts, plans and...