As regulators in the UK, EU, and US continue to come down hard on firms failing to maintain adequate control of business conducted over digital communications channels, Smarsh’s acquisition of TeleMessage in February aims to broaden the company’s offerings in the digital communications compliance and intelligence space.
Says CEO Kim Crawford Goodman. “Together with TeleMessage, Smarsh extends its platform of communications compliance technologies. We now solve the broadest scope of customer mobile messaging and voice use cases, capturing data across various devices, direct capture from mobile carrier networks, corporate and employee-owned devices, and consumer and business mobile applications.”
The proliferation of mobile devices and messaging apps in the workplace that began during the COVID lockdown has continued and is now embedded in the hybrid work environment that followed – despite firms’ attempts to coerce people back to the office. Likewise, customers are demanding the use of their favourite app to communicate with their Financial Advisors (FA) creating pressure from the “revenue generating” side of the business.
Turning Off-Channel Communications – ON
Mobile communications such as text messages and WhatsApp are the primary culprits behind the surge in regulatory scrutiny and enforcement actions for both EU/UK and US-regulated entities. The Regulators have been cracking down and all signs are they have no intention of easing off anytime soon.
in September 2022, the CFTC issued orders against 11 financial institutions, imposing over $710 million in penalties for failures in recordkeeping and supervision relating to the use of unapproved communication methods, including texts and WhatsApp messages. The firms admitted to using personal text messages, WhatsApp, and other unapproved methods for business communications, in violation of CFTC recordkeeping requirements.
In August, the Securities and Exchange Commission charged 10 firms for widespread and longstanding failures by the firms and their employees to maintain and preserve electronic communications. The firms admitted the facts outlined in their respective SEC orders. They acknowledged that their conduct violated recordkeeping provisions of the federal securities laws, agreed to pay combined penalties of $289 million, and have begun implementing improvements to their compliance policies and procedures to address these violations.
These cases resulted from failure to comply with clearly defined regulatory requirements for adequate capture, record-keeping, and supervision of electronic communications. When these compliance failures underpin financial misconduct or crime, the penalties and reputational harm become severe.
The Regulator’s Perspective
The FCA publication Market Watch 69 lays out a regulator’s observations and considerations for how firms should establish and execute an adequate comms surveillance policy.
A recurring theme across the regulator’s observations is the need for firms to include market abuse risk and comms surveillance as part of their overall risk assessment and be as granular as needed to properly capture risk at the right level of detail across asset classes, markets, and jurisdictions.
“In our experience, the most effective assessments involve consideration of the different types of market abuse and how they apply across different areas of the business and asset classes. In some cases, firms conduct a combined assessment (an enterprise risk assessment), which considers market abuse along with other types of risk, such as credit and AML. Others assess only insider dealing and market manipulation, without considering how different levels of risk might apply to different sub-categories of these, such as layering and spoofing, wash trading, and ramping.”
Similar guidelines can be found at the SEC_ Office of Compliance Inspections and Examinations (OCIE) and other regulators.
The Smarsh Enterprise Platform
The Smarsh Enterprise Platform includes Enterprise Conduct where compliance, internal audit, and control functions can define policies and scenarios across multiple dimensions with a granular treatment of asset classes, markets, jurisdictions, and languages, enabling firms to capture their unique risk profile to significantly improve compliance.
AI/ML Integration: Enterprise Conduct leverages AI and ML technologies to enhance the efficiency of supervision, surveillance, and audit teams. This integration helps in effectively managing the data-at-scale and communications that need to be monitored for compliance and risk assessment.
Reducing False Positives: By utilizing AI/ML, Enterprise Conduct aims to reduce false positives in surveillance alerts significantly. This is crucial for compliance teams to focus on genuine risks rather than spending time on irrelevant alerts.
Uncovering Behavioural Risks: The solution is designed to uncover multiple types of behavioural risks, improving the ability of firms to detect potentially problematic behaviour without missing important alerts. The use of regulatory-grade ML technology is essential for maximizing risk coverage.
Efficiency and Productivity: The application of AI and ML in Enterprise Conduct is highlighted as a means to streamline workflows and improve reviewer efficiency. The technology helps reduce the time spent on reviews by up to 50%, thereby freeing up teams to focus on other critical tasks.
Scenario Testing and Analysis: Enterprise Conduct provides an integrated workbench (Cognition Studio) that allows users to test, analyse, and promote scenarios using AI/ML along with pre-packaged lexicons. This feature enables firms to adapt to regulatory changes and mitigate risks effectively and quickly. This ability to stay current is another point the regulators comment on best practices.
When responding to regulatory events; – examinations, investigations, litigation, or audits, – the ability of compliance personnel to demonstrate an accurate review of data and quickly understand its relevance and impact is critical. Smarsh captures all conversations in their native format as threaded conversations with metadata such as joins, leaves, edits, deletes, comments, replies, attachments, and more. This enables compliance to manage and trace the life cycle of compliance events through the workflow and demonstrate a robust control function to regulators. Communications data can be sent seamlessly to the Smarsh Enterprise Warehouse or any Client archive, application, or data lake.
“Smarsh solves for the wide range of mobile use cases that global firms have so that they can achieve compliance without compromising employee productivity,” said Goutam Nadella, Chief Product Officer of Smarsh. “Our customers have a true end-to-end, AI-powered platform solution, where mobile communications data is captured at the source, retained, and leveraged effectively and efficiently within downstream applications like surveillance and e-discovery.”
A New ‘Capture Mobile’ Group
Smarsh has established a Capture Mobile group within its Product team, reflecting the significant customer demand in this segment of comms surveillance. Guy Levit, formerly TeleMessage CEO, will lead this team for all Smarsh Capture Mobile offerings, including TeleMessage products.
“As organizations become more mobile and the regulatory environment grows more intense, we have seen growing demand for easy-to-use, reliable, and effective compliance solutions for WhatsApp and other popular mobile channels,” said Levit. “We are excited to be part of the industry leader Smarsh, and to help more firms across the globe solve their persistent and evolving mobile compliance challenges.”
Subscribe to our newsletter
