The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

The Emerging Challenges of Compliant Communications

At the jam-packed RegTech Summit London held in St Paul’s last week, Paul Liesching, global head of financial markets at Truphone, gave the room a whistle-stop tour of the current key challenges for electronic communication in terms of trade surveillance – and how to fix them.

With technology becoming ever more ‘consumerised’ the tools of communication are becoming cheaper – and it is becoming harder to separate business use from consumer applications. The Facebook-owned Whatsapp, for example, has over 1.8 billion users – it’s free, it’s powerful, and everyone uses it. But how do you monitor that use when your regulatory compliance depends on it?

“It’s all about the asymmetry of knowledge. If I know more than you and I can communicate that knowledge faster, I will make more money,” pointed out Liesching. “The impact of this means that market participants are forced to use the most efficient tools to keep up – and those are often consumer tools. At the end of the day it’s all about making more money – but it means they are taking on more compliance risk.”

A survey conducted by Truphone and Verint of financial services clients on instant messaging recording found that 77% would like Whatsapp messages to be recorded – compared to 34% for WeChat and 17% for LINE. Yet when asked what measures they had in place to comply with mobile recording regulations, as per MiFID II, 41% of firms noted that they were either managing by policy, or doing nothing. “That’s a very loose approach,” warned Leisching. “It won’t fly forever.”

The problem is that buying business phones for all your employees has become  very expensive – especially ones that they actually want to use. “New joiners to the industry have a high expectation of highly functional mobile and communication tools,” noted Liesching. “If you don’t provide them, in some instances they won’t even join your firm. It is becoming a competitive edge.”

So what’s the answer? Potentially, a solution could be to put your own functionality on your employee’s personal device (BYOD – bring your own device) – which is far cheaper and removes the requirement for two phones. According to the Truphone survey 41% of firms are now looking at BYOD. But inevitably, this creates additional risks around monitoring and control.

“Consumerisation of IT is happening. But compliance is also increasing. It’s a competitive market given the freeflow, ubiquity and ease of information transfer,” said Liesching. “But ignorance is no longer bliss. Non-compliance incurs high fines.”

The paradox is that while too much restriction stagnates growth, too much freedom creates too much risk, which is costly and dangerous. The holy grail is ‘controlled freedom’ that encourages compliance.

“You need to understand what regulations there are, what controls they imply, and what your users are actually doing – is that something you want to encourage and control, or actively stop?” explained Liesching. “It is not enough just to write a policy paper and put it on a shelf – you have to actively drive that policy.

“If we get it right, we make money – and so do our customers. So engaging with the vendor community is key.”

Going forward, Truphone believes that in five years time, firms will be empowering employees to buy their own mobile phones, then installing tools on them to control business related communication and information. With the advent of 5G, these tools are also expected to be dramatically more effective. But issues remain – such as the recording of Whatsapp messages – currently not allowed, due to encryption, and the separation of personal and business accounts on the same phone.

“Right now, the priority is to put compliance communication tools on our consumer devices,” stressed Liesching. “That’s the end-goal, and there is no doubt that in terms of communications surveillance, that is the direction in which we are all headed.”

Related content

WEBINAR

Recorded Webinar: Developing operational resilience

Financial institutions’ operational resilience – essentially the ability to prevent, adapt and respond to, and recover and learn from operational disruptions – has come under extreme pressure during the coronavirus pandemic, with last year’s March lockdown creating unprecedented circumstances for financial firms. Employees working from home raised the stakes, as they still do, adding to...

BLOG

Mirato Raises $9 Million to Fund AI-Based Supplier Risk Platform

In another indicator of the market’s acceptance of AI, Tel Aviv-based Mirato has raised $9 million to support the development and commercialization of its third-party risk management (TPRM) platform. With regulators intensifying their scrutiny of financial institutions’ relationships with external suppliers – with regulations like GDPR addressing privacy concerns, for instance – Mirato’s offering helps...

EVENT

Data Management Summit Virtual

The Data Management Summit Virtual will bring together the global data management community to share lessons learned, best practice guidance and latest innovations to emerge from the recent crisis. Join us online to hear from leading data practitioners and innovators from the UK, US and Europe who will share insights into how they are pushing the boundaries with data to deliver value with flexible but resilient data driven strategies.

GUIDE

Putting the LEI into Practice

Hundreds of thousands of pre-Legal Entity Identifiers (LEIs) have been issued by pre-Local Operating Units (LOUs) in the Global LEI System (GLEIS), and the standard entity identifier has been mandated for use by regulators in both the US and Europe. As more pre-LEIs are issued ahead of the establishment of the global systems’ Central Operating...