Before 2020, compliance teams had a much different approach to surveillance—largely based on the assumption of accessibility to monitored individuals. However, after the pandemic, a work-from-anywhere environment has changed the game. One survey found that now 52 percent of global employees work remotely once a week, and 68 percent do so at least once per month.
Rather than being footsteps away, monitored workers are now regularly scattered across hundreds, sometimes thousands, of miles, using video conferencing and other communication tools outside of previously regulated avenues. So how are compliance teams keeping up?
At the recent A-Team RegTech Summit APAC, Relativity Trace’s global regulatory lead, Rob Mason; Emily Wright, global head of compliance surveillance at Standard Chartered Bank; and Selina Tindall, a senior solutions consultant at Smarsh, discussed these topics.
During the event, panelists identified some key challenges for compliance teams in the current landscape. If you’ve been in the communications surveillance game for a while, these probably sound familiar.
1. Alert Volumes.
“While there are many drivers for challenges amongst compliance teams following COVID-19, if I could name one core driver it would be the scaling up of a alerts. The sheer volume of alerts went up almost 200-300 percent overnight,” one panelist said.
With ever more conversations taking place across platforms, it’s no wonder that alert volumes increased. And once these excess alerts are triggered, the headaches don’t end there.
2. Quality of Alerts.
With an unmanageable alert volume, teams can be strapped to adequately review and clear communications that have been alerted on.
As the panel noted: “The same surveillance and IT teams were also put under pressure, working remotely themselves for the first time and doing all kinds of troubleshooting they would normally not have to deal with, and an immediate backlog arose because of the volume.”
3. Identifying Risk.
When alert volumes are up and the quality of these alerts is in question, finding true risk becomes the bigger issue.
“It’s increasingly an issue to close down all these alerts. But more importantly, there's also that risk of actually missing a lot of those transgressions within that because you're just inundated with so many alerts that because of the human element of review,” the RegTech panel warned.
Fortunately, this is where technology can be the biggest help.
RegTech Data Ingestion and Case Management Help
As Rob posited at the Summit, these work-from-home environments are more than likely becoming permanent arrangements, and RegTech is ramping up to fill the gap.
“We’re finding that clients are starting to understand that solutions need to not only meet their current needs, but future-proof their organizations for new regulations as they arise,” Rob explained. “One way we’ve done this is by integrating case management tools into our monitoring to support those surveillance teams in managing these disparate workflows and channels.”
Being able to ingest a variety of data and make sure that it is “good” can be a serious pain point for compliance teams. As the participants all agreed, “garbage in, garbage out” is all many platforms are able to provide. The importance of data integrity, through accuracy and completeness, cannot be overstated. Only by accounting for both the medium of the communications and the way conversations cross those mediums, can tech truly provide good data for teams to analyze.
For instance, audio surveillance has long been the “white whale” of comms surveillance, but in this remote work culture, regulators are now focusing on the ability to monitor this medium as well. One way some platforms, like Relativity Trace, have adapted is by bringing voice surveillance into an integrated view with eComms.
Rob went on to say: “Not only detecting misconduct, but integrating that with other systems and advocating that broader overview of where these alerts can be viewed, bolsters an overarching supervisory tone with alerts from other areas. So, for example, failure to complete compliance training, working hours per breaches, conduct issues, et cetera—these flags could pinpoint suspicions of a rogue trader. But they might otherwise have been missed if each alert is looked at in isolation. I think we see this is where firms are seeking to head generally.”
Organizations that are siloed can allow risk to be overlooked. A more holistic view of a monitored individual can provide a better picture of what’s truly going on.
AI and Machine Learning: Not Just Buzzwords
Buzzwords have long been an annoyance for anyone who encounters them. They come and go, and usually carry no weight. No one likes jargon that doesn’t mean anything—especially in the compliance world—which is why the panelists shared strong feelings about the use of AI and machine learning in RegTech.
It’s clear that a solely lexicon-based solution is not enough for our current work environment. But as Rob explained, finding the right hybrid approach starts by identifying the organization’s goals.
“What risks are they seeking to monitor? What specifically are we looking for? Lexicon-based tech would probably do a good job in some scenarios, but it could be enhanced by using AI to remove other irrelevant content like headers and footers,” he said.
“In many cases, the scope and population of who is being monitored also needs consideration. In financial services—generally front-office positions—it makes the most sense to use targeted searches. It’s worth considering the risk in conjunction with the scope population,” Rob says.
As the session drew to a close, the panelists agreed that the new work environment in APAC and beyond is going to continue to force communication surveillance platforms to adapt. From security concerns to cost effectiveness, compliance teams have much to consider in how they choose to effectively monitor risk. And although alert volumes are a concern, it’s not just about false positive reduction; it’s about finding the real risk in communications.
Ultimately, it’s about reducing the noise so that teams can more adequately protect their organizations from misconduct.