The global pandemic and the resulting shift to remote work has accelerated the adoption of technology in financial services compliance. As firms seek digital tools to meet new demands from regulators, Thomson Reuters Regulatory Intelligence caught up with Compliance & Monitoring expert Jonny Frank for his thoughts on how remote surveillance technologies could remain fixtures in the industry.

Read the full article below:

Posted In:

By Richard Satran, Courtesy of Thomson Reuters Regulatory Intelligence

Published 05-Aug-2020 by TRRI News

The COVID-19 shift to remote work has accelerated the adoption of technology in financial services compliance, a trend already underway as firms seek digital tools to meet new demands from regulators.

Monitoring remote workers, capturing more data on customer interactions via voice, video and social media, detecting fraud and money laundering and meeting new privacy requirements over personal data are among the compliance tasks seen as ready for new technological approaches.

Skepticism had grown about spending after the billions spent on regulatory technology in the post-Dodd Frank era disappointed firms and shareholders, said Bain Consulting in a recent report. However, it said, “Since the pandemic took hold, many have told us they plan to increase investments in automation across the board, including those dependent on AI/ML (artificial intelligence/machine learning.)”

Contact tracing resembles compliance oversight

In contrast with the post Dodd-Frank wave, the pandemic has driven a change in what had been a piecemeal approach to applying technology. Rather, end-to-end solutions from the individual consumer to cross-enterprise  models are being deployed.

Technology responses to public-health needs arising from the pandemic are providing a model for financial services. The Future of Privacy Forum, a consortium of academics and industry, in a recent paper said the AI models for activities such as contact tracing and other big-data pandemic needs “leverage audio-visual data, text analysis, chatbots, and sensors.” Compliance requires a similar tech approach, and, similarly, the tools must ensure fairness in use of data, sensitivity to privacy concerns, transparency and confidence in the results.

Financial services firms must also consider how to target their spending at a time profits are under severe pressure. Gartner Group in a  recent study said that tech spending globally will decline 8 percent to $3.4 trillion in 2020.

Finance firm chief executives nonetheless have expressed enthusiasm for digital adoption. Many saw the pandemic as a stress test of their risk-management processes and a reason to invest more in digital tools to better embed compliance controls.

“The health crisis has proven the value of our high-tech and high-touch strategy,” said Paul Donofrio, chief financial officer of Bank of America, echoing the message from other C-suite finance executives.

Algorithms prove worth in PPP funding wave

Banks have moved to apply digital processes suited to quickly manage the barrage of fiscal stimuli unleashed by the U.S. Federal Reserve Bank and other agencies in recent months. Algorithmic credit scoring, due diligence and anti-money laundering processes have been essential in monitoring the $2 trillion injection of government money.

“Technology didn’t just enable us to compete. It enabled us to beat some of the largest banks in the country,” said Phil Goldfeder, senior vice president of public affairs at Cross River Bank, which partnered with fintechs to lend $5 billion, or double its existing assets, through the Paycheck Protection Program. He was quoted by S&P Global Inc Market Intelligence in a recent report  on the issue.

Greg Carmichael, chairman, president and CEO at Fifth Third Bancorp, said, “What  the pandemic has done is kind of accelerated digital adoption by our customers, and in some cases, our employees, by about five years.”

Compliance pandemic report card will take longer

For compliance, the jury may still be out on how well finance firms responded to the virus, especially with estimates of fraud under the Paycheck Protection Program ranging into the billions. That liability could hover over banks for years to come.

With staff operating remotely, the managing of data from documents and communications, keeping and correlating records amounts to “a monster task that all firms are wrestling with,” said Robert Cruz, vice president of  information governance at the technology services company Smarsh Inc.

Financial services executives have shown enthusiasm over the potential benefits, highlighted by the pandemic, of large-scale digital transformation. Compliance professionals may personally be more tepid, since compliance and control operations may be in the sights of CEOs who see deeper structural use of AI applications as a way to cut $1 trillion from fixed costs, according to Oliver Wyman, the Morgan Stanley research consultant.

Pandemic compliance has wider application

Technology experts, however, see the digital tools solving some of the most daunting regulatory challenges compliance teams face. The Europe Union’s MIFID II, for example, requires many U.S. firms to have the capability to produce for regulators recordings of all interactions leading to transactions. The Europe’s General Data Protection Rule, and similar privacy laws in other countries and in U.S. states, will require firms produce any personal data on demand from customers.

In addition, banks are being pushed to elevate their anti-money laundering processes to include “event-driven” risks in every account on an ongoing basis. Some describe the task as perpetual due diligence, tailor-made for AI machine learning and “multi-source identity tracking” that sorts through multiple databases in real-time to generate relevant data that might signal rising risk. In a case showing such red flags, the New York Department of Financial Services fined Deutsche Bank AG $150 million for failing to act on the publicly known sex-trafficking allegations against its client Jeffrey Epstein.

U.S. investment firms face similarly large challenges in meeting the Securities and Exchange Commission’s Regulation Best Interest, or Reg BI. The regulation increases the need need for firms to document how they serve the best interests of their millions of customers, a data-intensive task that could also benefit from AI tools.

Reg BI’s machine learning potential

Reg BI covers not just transactions, but any kind of advice across all forms of communication. It must also be correlated with the services promised under Form CRS, or customer relationship summary, that details the type of service provided to clients and describes their risk tolerances. What is more, the SEC and the Financial Industry Regulatory Authority will be able to correlate the care standard to all individual securities transactions when the Consolidated Audit Trail becomes fully functional over the next two years.

For investment professionals, the new rules could mean dozens of required reports daily on every potential client contact that offers, or pointedly does not offer, advice, according to FINRA’s interpretation. Advisers who might once have seen voice recordings as intrusive have become more receptive to technology tools, and firms offering the best-integrated desktops that put all customer contact information, servicing tools, market data and analytic applications on the same desktop could have an edge in recruiting talent, JD Power found in a survey released in July.

Rising number of firms using new digital compliance tools

“Advisor reliance on technology to manage all aspects of their practice has been growing for many years, but it has been accelerated considerably during the COVID-19 pandemic,” said Mike Foy, senior director of wealth and lending intelligence at J.D. Power

Firms have expanded their monitoring of remote operations, testing their ability to oversee a much wider footprint than physical office space. This has increased reliance on voice monitoring and surveillance. The machine-learning required to cover the widening scope has been a critical element in how voice monitoring is used.

Time for sophisticated, data-driven compliance

“The tightening requirements around data capture, record keeping, monitoring and regulatory reporting have paved the way for a sophisticated, compliance-driven communications recording use case,” Verint Financial Compliance said in a recent note to clients.“It is essentially built on automation, defined by a centralized architecture and a strong integration with the extended compliance infrastructure.”

In Europe, the MIFID II rules require recordings of “all interactions that might lead to a trade.” Such recordings must be archived for retrieval by clients and regulators.

Monitoring alone will do little, however, if compliance does not become involved as lead facilitators, working in concert with managers. The surveillance tools may be increasingly crossing boundaries that were breached between home and office during the pandemic.

The digital recordings, however, will not replace the work of compliance and front-line managers but will be  “humming in the background,” said Jonny Frank, a partner with global advisory firm StoneTurn and a former US prosecutor. The machines “can help to detect fraud and suspicious activity, but not to give the guidance that investment professionals need.”

Integrity monitoring not machine driven

The pandemic “has reinforced the need for integrity monitoring in a culture of compliance and integrity,” Frank  said. “It has required not just the CEO but the managers in banks having more remote meetings, as we have seen in the pandemic, constantly reinforcing what constitutes good behavior.”

The pandemic showed the markets operating effectively, SEC Chair Jay Clayton recently declared. “Despite these extraordinary volumes and volatility, the ‘pipes and plumbing’  of the securities markets—i.e., the clearing agencies, exchanges, ATSs and securities information processors, among other things—functioned largely as designed.”

There was, however, no declaration of victory over misbehavior in financial firms. The SEC has warned firms to be vigilant in their oversight of remote operations. The Office of the Comptroller of the Currency in its spring report on banking practices said, “Compliance risk is elevated due to a combination of altered operations, employees working remotely” and the heavy flow of stimulus funds. A recent BIS advisory said that while machine learning has transformed oversight, it needs to be retooled, since the COVID-19 crisis has changed the behavior of retail and corporate clients, which could drastically reduce the effectiveness of machine learning techniques, particularly those trained on past patterns of behavior. Other tools may face similar challenges.”

That’s the job of people understanding people — something even the best algorithms can’t fully manage.

(Richard Satran, Regulatory Intelligence)


Meet the Author

About the Authors

Jonny Frank StoneTurn

Jonny Frank

Jonny Frank brings over 40 years of public and private sector and law and business school teaching experience in forensic investigations, compliance, and risk management. He helps organizations and counsel […]

Read Bio