“Surveillance remains top-of-mind for so many at so many financial services organizations.”
Picture this. It’s the future and you start your day by saying “Good morning Premonition – What is going to be in the news today, where is my first breach coming from or are all employees in good standing”…?
You’ve just asked your precognitive surveillance platform for an update.
OK, now back to the present.
Surveillance remains top-of-mind for so many at so many financial services organizations. The future of surveillance is a highly technical environment in which a system – or system of systems – parses vast quantities of data to identify potential bad acts or actors.
Surveillance has been a significant part of my work throughout my career. When I started working with surveillance in the financial services industry, it consisted of electronic communications (“e-comms”) surveillance and trade surveillance. E-comms was conducted through random sampling and trade surveillance was done using spreadsheets. Breaking the often repetitive review process, to one that was meaningful was the first hurdle – finding the right keywords that were not going to bury you in false positives. Then for e-comms the challenge became the ever-growing list of channels that simply had to be made available to the various traders, salespeople and front office staff. Similarly, the models used for trade surveillance were finicky and unpredictable. Before data lakes (or swamps) were created and models were built, trade surveillance was often a manual process which initially involved massive print outs and then extensive spreadsheets. For trade surveillance this was not helped by the increase in the types of products and complexity. And frankly, neither e-comms nor trade surveillance were made any easier thanks to the various trading scandals that were identified.
The advent of voice recording obligations didn’t help much either. And let’s not get started on mobile devices, text messaging, social media, an increasing array of personal online trading platforms, cybersecurity, privacy, or cryptocurrency!
Technology aside, what has also increased is the intersection of the different types of surveillance. Before long, the discussion evolved from – “what do the e-comms say about the trade” or “conversely is there anything in the trading?” to “what else are you seeing?”
Indeed, the conversation has shifted from the transaction or communication level. Now it’s about the team and the process involved in specific surveillance activities. In addition to wanting to know the context of the alert, questions like “are the coverage teams doing their jobs effectively?” or “How many alerts were properly reviewed, closed or escalated in a timely manner?” have become increasingly frequent.
I speak today with people doing communication surveillance or trade surveillance, or both. But I now also speak with people who are responsible for a broader definition of surveillance, one that includes other fields that provide contextual data to the function – areas like anti-money laundering, Human Resources, and security/building management, to name a few.
The reason I speak with a broader selection of people is because the surveillance function that was related to processes that were born out of regulatory obligations is no more; in my opinion surveillance in today’s markets and environment goes beyond the obligations that regulatory bodies require and extends to conduct and behavior that was not part of traditional surveillance.
Additionally, the traditional scope of surveillance – limited to registered representatives for e-comms – or firm trading activity for trade surveillance is, in my view, under challenge. We will look at both in future posts.