4 Steps to Reinvent Financial Compliance (Master)
4 Steps to Reinvent Financial Compliance
Reinventing Financial Compliance
Today, it’s never been more critical that your compliance approach meets regulatory requirements and stands up to the closest scrutiny. Voice recording is not enough. After-the-fact compliance is a halfway measure. And manual monitoring is inefficient and risky. Learn more about key strategies that can help your business solve the compliance equation.
the New Regulatory Landscape
Financial services have always been a heavily regulated business segment. The introduction of a new wave of more stringent regulations – such as the Dodd-Frank Act in the US or MiFID II and MAR in the EU – has significantly tightened the rules for financial trading.
The New Compliance Equation
Ever-evolving regulations have increased the scope of the interaction data that must be captured and monitored – from mobile devices to trading desks and back-office operations.
Regulators have been ramping up their efforts to protect investors, prevent market abuse, and pursue suspicious trading activities while also imposing higher penalties on lawbreakers. Banks, investment firms, trading floors, and individuals found to be non-compliant, face the risk of prosecution, heavy fines, penalties (including imprisonment), and loss of reputation – impacting hard-won customer trust and loyalty.
A Decade of Fines and Oversight
A 2017 report from Boston Consulting Group calculated that banks around the world paid over $321 billion in fines since the 2008 financial crisis. Source: Bloomberg
The cost of regulatory compliance has also risen dramatically in recent years. Most of the expenses are driven by the increased number of staff needed for testing, monitoring, and other oversight responsibilities. But there is growing realization that continuing to throw additional resources at the compliance conundrum – and focusing solely on reactive measures once a compliance event occurs - is not a sustainable strategy.
While compliance spending will clearly increase still further, transforming compliance solutions is of growing interest to financial services organizations.
"Compliance technology transformation has become a top spending priority for financial services as compliance moves towards deploying new technology rather than people to fulfill its mandate.” (Accenture Consulting: 2018 Compliance Risk Study)
New compliance challenges
- The weight of regulatory requirements, and their regional variations
- Expansion of the scope and extent of data to be captured, aggregated, and analyzed
- Ability to demonstrate that appropriate measures and capabilities are in place
- Implementation of surveillance systems for transactions and related communications
- Ability to provide near-instant responses to regulator's inquiries
- Burden of ensuring that complex infrastructure and systems are operating as required
- Frictionless compliance when using new communication and collaboration channels
2.1 Understanding Regulations: MiFID II
Building on the foundations of the original Markets in Financial Instruments Directive, MiFID II aims to create a regulated, transparent, and accountable financial atmosphere within EU investment services. This means increased supervision and a new set of obligations for investment firms.
MiFID II and Financial Compliance
MiFID II is a revised directive, which came into force on 3 January 2018 across the European Union’s 28 member states and beyond. The new requirements aim to create a regulated, transparent, and accountable financial atmosphere within the EU.
MiFID II applies to financial services businesses operating anywhere in the EU. Many non-EU-based institutions that trade with European clients and entities must also comply. The legislation has broadened record-keeping and monitoring requirements and provides a stricter legislative framework for financial trading activities:
- Financial services firms must record all voice and electronic communications – including voice, email, IM, and video - that relate to actual or intended transactions.
- Data must be stored for at least five years (seven years in certain cases). Additionally, it should be retained in a durable medium that can be easily accessed by regulatory authorities.
- Companies found non-compliant with MiFID II will risk fines of up to €5 million, or 10% of global turnover.
READ ABOUT THE 7 STEPS TO ENSURE MiFID II READINESS
“The revision of MiFID also expands the regulation of equities whereby voice recording requirements are extended to mobile calls. It also requires data to be recorded and stored on all communications (voice and non-voice) pertaining to a trade, expanding the scope beyond the actual traders to all participants associated with a transaction...”
2.2 Understanding Regulations: Dodd-Frank Act
The Dodd-Frank Wall Street Reform and Consumer Protection Act was signed into law in July 2010 and aims to improve accountability, transparency, and consumer protection in the US financial sector.
Dodd-Frank and Financial Compliance
Dodd-Frank affects all federal financial regulatory agencies and many other aspects of the US financial services industry. New rules have been implemented relating to record-keeping and risk management. Failure to comply means heavy fines and penalties.
The Dodd-Frank Act doesn’t just apply to US-based financial businesses. Many non-US-based institutions that trade with US entities must also comply. MiFID II likewise expects financial services organizations outside the EU to comply with its provisions when doing business with European institutions. The Dodd-Frank Act also requires firms to implement monitoring programs that can ensure traders are not using or communicating practices and news that is deemed to be manipulative.
- Storage of daily trading records of all trade activities, including voice, email, IM, chat, mobile, and other electronic communications, for a period of 5 years, in a secure archive.
- Compliance departments upon request need to be able to retrieve requested data and provide records to the regulator within 72 hours.
- Implementation of surveillance procedures that keep watch for market manipulation and insider trading.
2.3 Understanding Regulations in Asia Pacific
The complex regulatory landscape in the APAC region has increased the need for effective compliance programs and improved oversight over operations, transactions and employee behavior for financial services firms.
Companies are facing mounting pressure resulting from the constantly evolving regulatory complexities and compliance requirements in APAC.
Asia Pacific regulators are increasingly watching if financial services firms are consistently verifying customer accounts (KYC), driving transparent anti-money laundering programs and demonstrating sanctions compliance as a continuing regulatory priority.
Across the region, robust procedures for data capture, trade surveillance, and timely identification and action on suspicious matters have been and continue to be top of mind for regulators. At the same time, there has been a significant increase in regulatory reporting and record-keeping requirements in APAC, especially since the 2008 financial crisis. (Source: Deloitte)
Looking Beyond Reactive Procedures
Concentrating on good governance and other preventative mechanisms to supplement reactive enforcement and mitigating the risk of misconduct is an increasingly important part of the Asia Pacific regulatory agenda. The Monetary Authority of Singapore (MAS), for instance suggests adequate measures to avoid conflicts of interest, along with efficient operational control and monitoring to ensure compliance with internal and external policies. Additionally, the regulator has driven a greater demand for the compliance function in data governance, financial crime, investigations and monitoring.
Similarly, the Australian Securities and Investments Commission (ASIC) and the Securities and Futures Commission of Hong Kong (SFC) articulates the need for financial firms to have procedures and systems in place to construct and monitor ‘ethical walls’ (‘chinese walls’). This way broker-dealers, financial advisors, and other employees with potential conflicts of interest cannot communicate with each other or share confidential information with unauthorized parties to avoid insider dealing and data breaches proactively.
Tightening Rules around Data Capture and Governance
Capturing regulated interactions, as well as managing and making sense of data is equally as important in meeting regulatory expectations. The explosion of data brought about by electronic communication and digital collaboration channels brings new, yet untapped opportunities for financial firms, but also increasing regulatory expectations around data processing, protection and retention.
Record-keeping, in particular, has been at the forefront of multiple codes of conduct, directives and industry regulations across the region. The MAS advises businesses to keep records of calls related to trades and of discussions with customers about transactions in a durable, tamper-proof medium to facilitate investigations and dispute resolution.
In Hong Kong, the Code of Conduct of the SFC states that firms should record communications related to agency orders and internally generated orders. Businesses should use centralized recording systems and maintain call recordings in a secure, controlled format for at least six months. What’s more, the code suggests procedures to ensure that the recording system is operating properly and carry out regular checks to verify if all applicable laws, rules and regulations have been complied with.
Extraterritoriality – the Impact of Dodd-Frank and MiFID II
Besides local requirements for recordkeeping and surveillance, certain legislation such as the Dodd-Frank Act (US) and MiFID II (EU) pose regulatory obligations for financial services overseas affiliates and outsourced business functions. This means an Asian bank present in the EU will need to obey the records retention demands in place under MiFID II, while a European asset manager with subsidiaries in APAC may need to meet reporting and monitoring rules under the same legislation.
The impact of MiFID II is discussed in two Ovum whitepapers – click below to download:
Evolving Your Compliance Strategy
Performing data collection, storage, processing, and analysis - without errors and in a timely manner - can be hard to achieve.
New regulatory technology solutions can help you keep up with the latest regulatory expectations while preserving or increasing productivity.
... adhere to regulations by capturing all interactions via voice, video, IM, mobile, SMS, and screen or content share, and exploit the power of new unified communications and collaboration tools.
... automatically verify the health, performance, and functionality of your entire infrastructure, reducing the scope for errors and removing the burden of manual checks.
…. reduce the risk of penalties by demonstrating proof of compliance by safely capturing, archiving and retaining interaction data.
... streamline compliance investigations with automatic categorization, collaborative case management, approval workflows, advanced search, legal hold, and sophisticated data management.
… easily reconstruct and analyze any communications around a transaction at any stage of the trade lifecycle using advanced speech search, speech transcription, and phonetic boosting.
Now you can!
Read on to see how Verint® is reinventing financial compliance.
If compliance requirements are driving your organization to change its data capture methods, you should consider the following building blocks for evolving financial compliance.
Apply flexible and open technology.
An integrated solution that fulfills record-keeping requirements can help you protect your data and effectively manage the risks of every interaction. If it will need to work alongside other solutions, look for adoption of open standards and APIs that will make integration quicker and more reliable.
Uncover your data for in-depth analysis.
Get insights from massive amounts of structured and unstructured data with a solution that offers rapid and accurate speech transcription and automatic labeling.
Take an agile approach.
It is crucial to control access to recordings, collaborate on compliance cases, and meet litigation hold requirements. Choose a solution that offers very precise mechanisms to tackle the most sophisticated compliance scenarios.
Preserve what matters.
It is important to demonstrate that your recordings are fully protected and readily available. You'll need full audit logs, role-based access control, automated data retention, and the ability to integrate across data stores. Data archiving that is flexible enough to process records from other solutions can give you the flexibility needed to select the systems of choice for your business.
Capture everything, everywhere.
Consider a compliance recording solution with the ability to capture all communications, including voice, video, instant messaging, desktop screen, and content sharing. And look for the ability to proactively monitor communications in real time, as this can help prevent compliance failures before they occur.
Reinventing Financial Compliance
As the number of channels and data associated with trading increases, so does the need for constant vigilance. By leveraging new technology and partner alliances, you can prevent issues proactively, automate compliance processes and maintain an infrastructure that facilitates compliance.
Collaborate, Comply, Compete
All types of businesses are unlocking the power and convenience of Unified Communications (UC) tools – such as Microsoft Skype for Business or Cisco Jabber. But to benefit from this enhanced collaboration, both internally and externally, it must be possible to record the full range of communication modes they offer – video conferencing, chat, screen and file share, instant messaging and mobile communications. This is something that traditional compliance recording solutions cannot - or only partially - provide, creating a "compliance gap" that impedes their adoption.
Closing the Compliance Gap
Verint Financial Compliance™ can unlock the full potential of digital collaboration for financial services organizations. The solution offers complete and robust capture of all communication modes offered by UC solutions. It was one of the first recording systems to receive the highest level of Skype for Business interoperability certification provided by Microsoft in 2016.
Also compatible with Cisco’s Jabber platform, Verint Financial Compliance offers full capture of mobile communications as well as traditional voice. It is also integrated with a wide range of the most popular trader turret solutions, such as BT (IP-Trade), IPC Unigy, Cloud 9, and Speakerbus.
Gartner Market Guide
5 Key Levers of an Efficient Compliance Program - Learn more about taking a cross-enterprise approach to streamlining and managing compliance.
Read the Compliance Market Guide
After-the-fact compliance is not enough. Reacting to non-compliant actions still means a failure has occurred. Too much time and too many compliance resources are focused on manual testing and monitoring. The ability to proactively prevent unauthorized interactions and avoid unwanted disclosures can be a game-changer for traders, back-office personnel and compliance officers alike.
Verint Financial Compliance effectively monitors interactions in collaboration tools across a range of communication modes – including voice, instant messaging, video, and file and screen sharing. It performs the sort of proactive monitoring and compliance analysis necessary to help prevent conflicts of interest and other forms of non-compliance. It can actively prevent unauthorized interactions, and help ensure that your employees are always recorded per policy without the need for extensive human intervention.
Start Acting Instead of Reacting!
As part of your approach to establish the three lines of defence, automated policy enforcement and monitoring can significantly reduce the need (and resources required) for corrective actions following a compliance failure. They also help protect against the risk of fines and penalties; and associated reputational damage.
Phil Fry, Verint’s Vice-President of Financial Compliance Strategy, talks about the importance of addressing proactive, active and reactive compliance.
Put Automation to Work
Increasingly, businesses are turning to new approaches to monitor operations, control infrastructure, and ensure systems run reliably – from the trading room to the back-office.
At the same time, the recording of interactions needs to be monitored and the regulator notified in a timely manner if communication records are lost. It is also necessary to be able to demonstrate defensibility – a comprehensive and systematic approach to maintaining and ensuring compliance.
Monitoring and testing communications channels – such as trading turrets, unified communications tools, and telephony systems – and verifying the successful capture of interaction data, can consume significant resources. So businesses are looking for ways to reduce the cost and complexity of compliance operations. Adopting automated solutions that offer consistency, accuracy, and efficiency is increasingly a strategy of choice.
On average, Chief Risk Officers spend 19% of their time focusing on regulatory risk, and 15% looking into new technologies and automation.
WBR Insights: Creating an Automated Future
Put Automation to Work
Automate Assurance and Monitoring
Verint Financial Compliance offers automated verification capabilities that systematically check applications, processes and devices - automating infrastructure testing and monitoring and enabling effective control at an acceptable cost. The solution constantly monitors a variety of critical systems, testing all components – from desk phone to recording solution - for proper operation, and validating organizational changes to help ensure that regulated personnel are reliably recorded, no matter what devices they use.
Creating an Automated Future
A recent survey - carried out by WBR Insights – looks at existing trends in financial services and reveals the growing imperative for automation when managing risk and compliance. Learn more about how Chief Risk and Compliance Officers evaluate the importance of automation.
Download the benchmark report
Get to the Heart of Every Trade
The complex and evolving nature of the regulatory landscape makes it difficult for any single supplier to have the answers to every financial compliance challenge. A closely tied, holistic ecosystem of RegTech solutions and services providers can provide a comprehensive approach to help you reduce complexity, confidently manage change and realize a strategic advantage.
Get ready to meet sophisticated regulatory demands with a proven, open standards technology framework.
Partnering for Compliance
Verint has brought together the Compliance Partnership, a network of financial compliance specialist partners, to provide a variety of solutions, services, and support. Together with Verint, these carefully selected technology and service providers can deliver real-life solutions to real-life problems. Jointly, they are reshaping the regulatory compliance market by offering next-generation technology and disruptive solutions to increasing compliance demands.
Complementing the Verint solutions you have already read about, our extensive partner framework provides solutions for speech transcription that is fine-tuned to the peculiarities of “trader-speak”; for trade reconstruction and quantitative surveillance; for regulatory reporting; and for blockchain and data governance, to name but a few. Based on open standards, these solutions will also work with existing infrastructure – protecting investment in existing systems and the value of legacy data.