US regulators may be stepping back from the penalty-led off-channel communications sweeps that defined recent enforcement cycles, but that does not mean firms can ease up on surveillance or record-keeping controls. The shift under new leadership at the SEC and CFTC should be reviewed as a change in enforcement emphasis: fewer technical cases pursued in isolation, and greater focus on misconduct that affects market integrity, customer protection, fraud, manipulation and insider dealing.
Rob Mason, Director, Regulatory Intelligence at Global Relay speaking with RegTech Insight cautions that firms should not confuse a softer supervisory posture with a change in the rulebook, especially when market-abuse cases often emerge years after the underlying events occurred.A Shift in Enforcement Priorities
SEC Chair Paul Atkins has criticised the previous SEC administration’s focus on off-channel communications cases, arguing that broker-dealer record-keeping requirements were stretched beyond a common-sense interpretation of the “business as such” standard. The SEC’s latest enforcement messaging has also drawn a sharper distinction between technical record-keeping breaches and cases involving direct investor harm, fraud or market abuse.
At the CFTC, the emphasis is moving in the same direction. Enforcement leadership has signalled a stronger focus on insider trading, market manipulation, disruptive trading, retail fraud and wilful AML/KYC violations.
Speaking after attending SIFMA’s Compliance & Legal Conference, Mason noted that senior compliance leaders were cautious about reducing controls in response to the current US mood. “Fundamentally the rules haven’t changed,” he says. “There’s not been any real shift in legislation, so everything still applies, everything’s in play.”
Surveillance obligations are becoming more closely tied to evidentiary quality. Firms need to know what was captured, what was missed, how records can be retrieved, and whether communications data can be linked to trading, conduct and investigation workflows. Defensibility becomes the central test.
From Lexicons to Context
Mason describes how traditional lexicon-based approaches were built around “word lists to see if something comes up in an email or communication … large language models (LLMs) can now read the message in totality and understand exactly what’s going on.”
That capability is widening the role and increasing the effectiveness of communications surveillance across market abuse, information dissemination, collusion, complaints, conflicts of interest, mis-selling, bribery and payment-for-order-flow concerns. Mason notes that “communication surveillance has been sort of the ‘poor cousin’ in the corner. We’re sensing that balance is really shifting.Trade surveillance remains the starting point for many market-abuse alerts, but communications data is becoming more central to investigation, reconstruction and intent analysis. Mason says firms are moving toward the ability to ask questions such as “show me all the trades between X employee and Y employee” and search across multiple systems rather than one archive or one surveillance tool.
The Data Imperative
Data completeness emerges as the common control priority across off-channel communications, venue coverage and AML. Mason links those areas directly, noting that firms are still focused on capture gaps across communications, trading venues and beneficiary information. AI tends to amplify the shortcomings of fragmented data. “You can have rocket ship AI, but if the data’s not good, you’re not getting very good insights out of it,” Mason says, noting that many tier-one organisations still operate across fragmented archives, regions, vendors and formats, with “little pools of data” in old and new formats.
Communications surveillance is also being applied to conduct risks beyond market abuse. Mason points to growing attention around non-financial misconduct in the UK and Europe, and whistleblowing risk in the US. “We’ve seen quite a lot of demand from our clients, using AI to identify whistleblowing retaliation,” he says.
Defensibility Is the Test
The regulatory mood in the US has changed, and broad off-channel communications sweeps may be less likely under current leadership. The underlying obligations remain active, and misconduct cases often depend on records created years earlier.
That puts archives, surveillance platforms and third-party providers inside the control environment. Firms rely on these systems for retention, retrieval, reconstruction, supervision and AI-enabled analysis, while also needing assurance over cyber controls, technology dependencies and third-party supply chain resilience. Mason cautions, “Fundamentally, the rules haven’t changed.” For firms, the focus should be on complete records, governed channels, searchable archives, linked trade and communications data, explainable AI alerts and clear remediation.
Subscribe to our newsletter
