For years, my company has been forecasting the increasing impact of regulations from the perspective of the trading floor technology manager. During this time, the number of channels from which communications must be recorded and stored has been increasing, accurate retrieval has also become a more acute requirement. This widening of scope has happened in a regulatory context that has seen penalties ramp up. Some cases have concluded with custodial sentences while individual fines for regulatory breaches have passed the $10B mark. Banks that are found to maintain inadequate IT systems for Anti-Money Laundering and Trade Reconstruction purposes see a multiplier effect on their fines as well as suffering large, separate penalties for their technology shortcomings. Will the trend continue?
2017 is off to a politically unique start in the UK and the US. The successful Brexit and Republican campaigns promised the repeal of unwanted laws and a relaxation of regulations but is that likely to change our industry? In the case of Brexit, probably not. The UK was heavily involved in the drafting of MiFID II which is relatively London-friendly. With its stewardship of the multibillion-pound Euro Clearing Market under threat, London will need to keep its regulatory and legislative profile harmonised with that of the EU, which it won’t formally leave until 2019 anyway, a year after MiFID II becomes law.
This week, the US administration approved the signing of an executive order requesrollbackll back on Dodd Frank legislation as promised back in February. Repealing the law will require the support of Congress. Critically, the support of the banks that have just spent billions on Dodd Frank compliance will be seen as important. The wording of the order is vague and the reality is that Dodd Frank, having taken so long to reach 70% completion, is probably here to stay, at least in essence. The current administration is more likely to soften regulatory pressures by selecting more closely aligned enforcers and on May 1st it was announced that they would seek to replace Comptroller of the Currency, Thomas Curry, as chief overseer of the federally chartered banks.
I foresee no abatement in the trend towards shorter required lead times for trade reconstruction. Partly because advancing technology facilitates it and partly because it provides evidence of “Being tough on the bankers.” The resultant situation could be like raising the road speed limit but busting more motorists for reckless driving.
There was another significant event in March when a banker was fined by the FCA for using WhatsApp to share confidential client data. The reports haven’t disclosed how the activity was discovered but we must assume, due to the app’s end-to-end encryption, that it was through the physical examination of a mobile device. The information was not being used for money laundering, fraud or market manipulation so the red flag that triggered the search, assuming it wasn’t just random, either came from the recipient, another whistle-blower or as the result of surveillance. This is an unusual compliance story where the bank, Jefferies in this case, emerges with credit.
- This case highlights and validates some of the key tenets of JP Reis blogging, consultancy and service development over the last few years:
- It is the content, not the channel that is important when capturing data for compliance.
If rule-breaking is endemic in a company’s culture then recording selected channels will be superficial in compliance terms unless an effort is made to change that culture.
- Bring Your Own Device is a green light for Bring Your Own App which presents a raft of security and compliance issues that must be remediated through technology, process and policy.
- Compliance testing will evolve from being slow, reactive and retrospective to being a proactive, real-time activity. The term “surveillance” is being thrown around by vendors who are nowhere near to having an off the shelf, plug in and play solution.
- A genuine surveillance service must monitor all channels and satisfy all stakeholders across The Business, IT, Compliance, Security and Legal. The data should be tagged homogeneously for storage in a centralized archive, the user interface should be a single screen and it should be possible to add new channels using open standards software.
The Practicalities of Implementation
Putting all of this together will be an iterative process but the forward-thinking organizations who embark on this path will achieve competitive advantage. It was true for the banks who trialled Reuters’ Globex service in 1995 (see blog), it was true for the banks who responded to the FSA directive for Mobile Voice Recording in 2010 and it will be true for the ones who are well prepared for MiFID II at the start of 2018. Compliance, reliability and functionality are the three pillars of developing a solution. While compliance and reliability can be tested in the lab, real world functionality can only be achieved through acceptance testing with a less sensitive sample of users. This was the process we had to lead firms through with mobile voice recording at the turn of the decade. Mobile voice recording was an example of a compliance requirement that had merit but which solved very little in terms of compliance. Data was generally untagged and was often stored in different locations and on different formats to landline recordings. Reconstructing trades with disjointed data and recordings is a painful process. We helped several global players to do just that using our own accelerated methodologies but it remained onerous and therefore costly.
The Future of Trade Reconstruction
Modern regulations are being written on the assumption that multi-channel trading conversations are the reality and that multi-channel reconstruction is technically possible. Even if regulators start to take their foot off the gas, the trend towards holistic trade reconstruction will continue because it’s a long-established concept and they will simply try to close the gap with reality. MiFID II takes the important step of saying that “management must have clear oversight of recording processes.” Hopefully, this will challenge banks to move towards cross-functional compliance teams, thus removing the silo mentality away from divisional functions as well as communication channels.
It’s critical that new solutions use a single, well-tagged archive for all channels but the complexity will be huge. The repository will be interrogated via a single screen that presents required data in chronological order. I saw a demo of a system that was almost ready to do this back in 2014 and there are solutions out there that combine parts of the puzzle.
When calls were recorded without much thought given to the need for playback, it made data retrieval very difficult years later, and trade reconstruction was an order of difficulty higher than that. To achieve a solution that satisfies all parties it will be necessary to combine the systems that record conversations with those that flag conversations for investigation. The route to this will consider patterns in trading records as well as communication channels. Specialisms such as big data interrogation, artificial intelligence, machine learning, quants algorithms, speech recognition and voice recognition will all play a part. The process will be iterative and new comms channels will need to be assimilated along the way which is why open standards are so important. As systems like this become more precise and powerful they will be able to meet the challenge of real-time compliance. Hopefully, this time the banks will realize that the smart money is on early adoption.