Head of Marketing
Around 2016, “holistic surveillance” was a phrase on the lips of just about everyone working in RegTech or with some stake in regulatory compliance within financial services institutions. Holistic surveillance, offered by several companies today, promised to help companies deal with the massive volume and scope of data that they are today expected – and legally required — to monitor in order to achieve compliance.
The holistic approach to compliance said that it would be able to connect trade and eComms data from both trade surveillance platforms and lexicon-based alerts generated from electronic communications. At a time when regulatory expectations have ramped up across the board for all financial institutions, with penalties levied for failing to comply with current rules, and new rules being added all the time, holistic surveillance sounded good. Maybe too good.
Since then, reality has replaced the hype. Companies that promise holistic surveillance have not been able to solve the problem efficiently, failing to properly connect data sets and throwing out large numbers of false-positive alerts in the process – creating a problem that is, in its own way, as dangerous and costly as no alerts. According to the PwC Market Abuse Surveillance Survey 2019, just 50 percent of banks surveyed were satisfied with their trade surveillance solutions, only 45 percent satisfied with their communications surveillance solutions, and a mere 40 percent with their voice surveillance solutions. Clearly, something has gone wrong in translating the dream of holistic surveillance into reality.
Connecting the dots between the “what” (the trade data) and the “why” (the comms) is both about intuitively linking and triangulating trade data with electronic communications of various sorts in a trail of digital breadcrumbs. It’s also about finding ways to connect the various silos that data is frequently kept in. New types of communication data mean that many companies, if not all, are dealing with a toxic hell stew of fragmented vendors, technologies, and data silos they need to be able to access, draw upon, and, in some cases, cross-reference.
The accompanying increased regulatory measures meanwhile push financial institutions to invest ever more heavily in measures that can monitor areas such as algorithmic trading activity to ensure compliance with measures such as Market Abuse Regulation (MAR), Markets in Financial Instruments Directive (MiFID II) and REMIT. The breadth of some of these regulations have proven extremely challenging for those in financial institutions and highlighted the need for new surveillance technologies to help fix the problem.
What some call “holistic surveillance” means monitoring both structured, transactional data and the unstructured data of communications such as voice conversations and text-based chat messages across a range of platforms. Many of these electronic communications platforms simply weren’t around a few years ago and thus there was no need to consider tracking it. Who, at the start of the millennium, though it was necessary to record not only emails and text messages but also video chat calls and smartphone-based instant messaging tools and social media? At the time, video calls, smartphones and social media were far from ubiquitous — if, in some cases, they even existed at all. The call for holistic surveillance describes a program that combines both the trade surveillance technology people were used to in the past with human expertise to spot signs of potential market abuse or insider trading. The “holistic” bit is a way of acknowledging that the data needed for full compliance today is more complex and, in some ways, messier than ever before.
But if the problem diagnosis is correct, the question is whether the cure — in the form of self-proclaimed holistic platforms — actually go far enough. Keeping humans in the loop for ensuring compliance is sensible. However, given the enormous quantities of data companies are dealing with today to ensure compliance, it’s necessary to embrace the latest AI technology to proactively monitor alerts.
A truly comprehensive compliance system, a hybrid surveillance program, should deal with data capturing, archiving, record-keeping, eDiscovery and advanced search, investigations, and surveillance: in essence, anything and everything that falls under the banner of eComms. AI-aided, cutting edge behavioral analytics can be used to scout out potentially anomalous behavior wherever it occurs — and offer up alerts in close to real-time, allowing for the proactive mitigation of risk. By fully integrating the trade and eComms side of surveillance, this kind of approach can move the market forward to a more user-centric hybrid. That means using both AI and lexicons to create alerts from a joint data set of both trades and eComms. The ability to take and analyze structured and unstructured data from multiple sources will ensure that the compliance process is made both more efficient and more accurate.
Instead of generating thousands of alerts each day, with high levels of false positives, hybrid surveillance can reduce the number of false positives and provides far more accurate alerts as a result.
The reality of today’s holistic surveillance tools isn’t that they have a description that sounds a little wishy-washy. It’s that, in many cases, they’re not holistic enough. As the demands for more data to be collected and made accessible quickly to regulators increases, this problem is only going to become more pressing. Big fines for those companies who do not comply with regulations are coming – if they’re not already here. In October 2020, federal banking regulators in the U.S. fined banking giant Citigroup $400 million and ordered that it fix its “ongoing deficiencies” with risk management systems. Citigroup is not the first – and, certainly, won’t be the last – to face similar fines.
It’s no longer enough for companies to consolidate all of their eComms into one single platform and call it a holistic solution; they need to be able to draw intelligent conclusions from this and be ready to provide instant responses in accordance with data management requirements. With more data than ever, and more types of behavior to watch out for from potential bad actors — ranging from insider trading to the receipt of potential kickbacks or money laundering — it’s far from an easy job. But it’s one that is absolutely essential.
The winners are going to be those who develop the best tools to help with that challenge — and, more aptly, the financial institutions who rely on them.