Communication Compliance – What’s coming next?

I hate putting out “yearly” reviews, but more than that, I hate putting it out when everyone does 🙂 So now that we’re WAY into 2022, time for my personal predictions.

This time of year, everyone muses on what they experienced last year and what trends they think are on deck this year. It’s a good exercise; that’s why people do it. Self-reflection is an important aspect of learning and growth. If you don’t look back to see what transpired and how those events impacted you or your business, you’re likely missing out on an opportunity for improvement. Those improvements aren’t limited to personal behaviors: they include revenue-generating initiatives that could be uncovered and executed for the ongoing fiscal year. As for trendspotting, it’s more than entertaining pontification – it’s a strategic exercise that can inform business and product planning.

 But first, a look back …

Let’s begin with a nod to 2021 and what was gleaned from the major initiatives around communication compliance. Here’s the quick highlight reel. In November, Microsoft unveiled a comprehensive series of communication compliance policies – built-in – to help users detect, monitor, and then act upon instances of non-compliance. The National Futures Association offered guidelines on how to navigate the pandemic-era hybrid workforce. FINRA, MiFID II, and GDPR all released updated regulations and expanded obligations regarding how to record review, and archive communications between banks and their customers. In October, the SEC and FINRA began a broad sweep “poking the bear” of communications on personal devices. Amazon, WhatsApp, JP Morgan Chase, and numerous other global enterprises received record fines around data privacy and communications. And many of Wall Street’s darlings vacillated around RTO (return-to-the-office) which has serious implications around compliance monitoring and risk.

 Now, if you will, a glimpse into the future…

One source of truth

With brokers now using at least four E-Comms apps, like WhatsApp, Instagram DM, WeChat, and others, there’s a need for consolidating them. If that could be achieved, compliance officers would have a single source of truth to record, review, and react to. Although it was all the way back in 2019 when then Facebook’s (now Meta’s) CEO, Mark Zuckerberg, announced that the social media giant was planning to integrate WhatsApp, Instagram, and Messenger into a single E-Comms platform, it hasn’t happened yet. This is the year that it will. Once that’s been achieved, a third-party E-Comms vendor is likely to take things to the next level by integrating WeChat and Snapchat into Meta’s unified E-Comms app.

My mobile, my choice

It’s no secret that, for decades, since the mobile phone became a ubiquitous feature in our lives, employees typically carry two devices. We use one for personal use to scroll our social media plus all sexting and all those other activities that we don’t want our employers to be aware of. And the other phone is relegated strictly for work use: we know it’s encrypted, monitored, and it’s the property of our employer so we use it intentionally – and potentially even cautiously. What happened in early 2020 as the onslaught of the pesky virus began is how brokers began using their personal devices to communicate with each other and their customers. Despite a lack of encryption, relaxed (if any) data privacy, and non-compliance, many brokers wholly embraced communicating this way in the interest of business continuity. Yes, firms like Chase paid dearly for doing so, but it’s a pretty good bet that the $250 million they were fined is only a small percentage of the revenues they made by engaging in non-compliant communications and record-keeping activities. For 2022, we predict that banks – and all regulators – will embrace the use of personal devices but developing policies around E-Comms apps and record-keeping to accommodate this trend will be a focus of the year ahead. Just think – this may finally be the year that we can start carrying only one phone!

Now I see you

Emails have been subjected to regulators’ record-keeping requirements for decades. With the explosive growth of video conferencing platforms like zoom, BlueJeans, Teams, and others, expect to see greater definition around the recording, reviewing, and retention policies for these data-dense formats. Analyzing video footage requires deep tech given the complexity of doing so. Storing all that .mp4 content is a logistics challenge – one that will not be achieved without exorbitant expense.

Can you hear me now?

Similarly, with the increasing popularity of exchanging voice notes, the SEC, FINRA, and other regulatory authorities are likely to release draft guidelines for compliance around this communications medium. Although .mp3 formats are the most common, they’re not the only game in town. FLAC, ACC, and other standards have become some of the favorites used in the music industry, which influences many other aspects of society.

Cloudy with a chance of transformation

Just like that child’s cartoon movie, “Cloudy With a Chance of Meatballs,” 2022 presents a situation where the world is in crisis and some unsung hero is about to emerge from the ashes. That hero will be the compliance officer who succeeds in getting their executive team to wholly embrace digital transformation and move all operations to the cloud. Banks were the slowest of any industry to adopt this strategy; although most large firms have caught up to modern tech standards, many smaller firms are still mired in paper and tape. This will be the year that banking can boast 100% of its players in the cloud.

Regulatory business intelligence gets smarter

Artificial Intelligence (AI) appears to be the saving tech for just about every industry and everything that ails it. AI is the harbinger that makes regulatory business intelligence possible and enables it to get smarter (machine learning) over time. From predicting which drugs are best for which patient to inferring malicious intent – before it happens – with regards to market abuse, AI is going to change the game by going one step ahead of regulators and predicting what new laws or guidelines will be released before they’re released based on trends and commentary made by those in power at the financial authorities.

Buckle up – insider trading is escalating

It’s just too easy. And too tempting not to flirt with the idea of making “a little extra money” that compliance officials are likely to miss anyway since they’re overwhelmed with the 2020-WFH and 2021 hybrid work challenges. You get a hot tip, you buy some stocks, then you tell your friend who tweets from an untraceable IP address to post a few provocative messages on Robinhood or Reddit to get other users excited about the stock. You carefully exchange messages with your friend by switching languages, rotating across apps, and using emojis to obfuscate your intention to commit market fraud. You let a few days go by until the stocks are driven up in value by the tweetstorm and fervor that your friend kicked up, you sell them, check the deposit in your bank account, and then book a trip to Tahiti. Easy-peasy. Regulators haven’t caught up to all the suspicious activity reported in 2020, let alone 2021, so you’re probably thinking that you’re safe. Maybe. Maybe not. You get away with it once … so you try it again. You like seeing the growth of your portfolio and bank account, so you do it again and again – until you’re caught.

Wrapping up, there’s a lot that we learned at Shield from 2021. We’re headed into 2022 better informed, better-funded with our recent $15 million Series A round, and we’re poised for growth. If I were to think of one 2025 prediction (or even further) is that we will need to get our heads around the Metaverse. It’s very fluid and evolving quickly, likely to echo what we’ve seen in Sim City, Fortnite, and other video games. But how you traverse the physical and digital worlds seamlessly from a compliance monitoring and detection perspective is non-trivial. Rest assured we’re thinking about these things. Perhaps a couple of years from now, we’ll be blogging about anticipated guidelines from the SEC around communications compliance – in the Metaverse.