It’s a volatile world out there, and the failure to manage risk appropriately for many financial institutions has been costly.
Let’s set the scene. According to the Guardian, the City regulator imposed more fines on companies in the first half of 2019 than in the previous three full years.
In fact, in the six months to the end of June 2019, the Financial Conduct Authority (FCA) imposed fines worth a staggering £319.2m.
Regulators are demanding more. They want controls in place for safeguarding against misconduct and they expect institutions to have a robust operating model in place to address this.
However, many Financial Institutions may find their operating models do not have reliable processes in place to define a suitable surveillance strategy.
They may face challenges around accessing data as well as the integrity of that data. We find this particularly common with voice data and communication capture technology – a key driving force behind compliance.
They may also find that the broadening scope of interactions and emerging channels has made it harder to ensure compliance. Organisations still need to ensure that interactions from these channels are all being captured, stored and can be accessed quickly and efficiently. If not, they will fall into a black hole of compliance risk.
In the following article, we would like to provide actionable advice on some of the main challenges financial institutions face when managing their call recording and communication capture data, and how you can leverage technology to manage the increased complexity of today’s regulatory space, particularly around voice recording compliance.
Challenge #1: Managing Separate Silos of Data
How can financial institutions manage their separate silos of call recording and communication capture data?
Call Recording is a critical function of compliance for financial services companies. However, many companies have ‘muddied the waters’ by acquiring different voice recording systems over time and in different regions.
Managing multiple voice recorders has meant dealing with issues such as end of life (EOL) technology, manufacturer upgrades, call recording legacy systems and even the introduction of new systems. This has resulted in silos of data which have become difficult to control, creating a real dilemma for many financial organisations in terms of regulatory compliance and operational efficiencies.
The ability to retrieve call recordings efficiently is essential if there is a compliance request or customer dispute for example. However, because of separate silos of data, many financial organisations have made this difficult by allowing departments or branches to use multiple voice recording software solutions.
As well as this, the risk posed when you are not able to audit your own trades and investigations is paramount when regulators are expecting all financial firms to offer data consistency, management control and auditability access across the board.
Let’s consider how important voice data is for one moment. If utilised correctly, it can drive organisational change and business insights. If utilised incorrectly, it can expose risk, security concerns and weaknesses. Data is at the heart of compliance.
Consider a ‘federated’ solution which offers data consistency, management and control across the estate. This solution can sit on top of any voice capture system whether live or legacy and will give you the ability to add future systems as and when you need them. Using this solution, you will be able to access, replay and manage all your data in one single portal.
As well as this, with the use of open APIs you can extract data in bulk into required applications such as a surveillance or compliance platform, trade reconstruction tools, transcription tools or analytics etc., allowing users to make use of their recordings in a wider range of applications.
In today’s compliance recording landscape, businesses should be leaning on a recording system that can provide open APIs. The system should be able to integrate seamlessly with multiple applications and platforms, providing users with the element of flexibility to do as they please with their data.
Challenge #2: Maintaining the Integrity of Data for Compliance Recording
How can financial institutions maintain the integrity of their call recording data for compliance recording?
Data integrity refers to the accuracy and validity of data over its entire lifecycle. Maintaining data integrity should be a core focus for all financial organisations in trying to maintain compliance recording, however many struggle to achieve this.
The integrity of call recording data in particular, can be compromised in many different ways, ranging from data replication, transfers, system updates or just by being accessed by staff.
As many organisations acquire a range of legacy call recording systems, accessing recordings from these systems and maintaining their data integrity after they have become EOL, can prove a challenge. Upgrading or migrating to a newer voice recording system does not necessarily guarantee the integrity and availability of all old recordings. Extraction and conversion of the voice recording files and databases to different formats can for example, risk corrupting the files, resulting in the files becoming inadmissible in court.
In order to ensure call recording data integrity, financial organisations need to consider:
- The integrity and storage of call recordings from live recorders
- The availability and integrity of call recordings which live on a legacy system
- Recorder access – ensuring the right level of access is provided to staff
- Audit trails to see who has accessed, replayed or downloaded a call recording
- Encryption of audio and metadata of call recordings
- Voice recording resiliency
Failing to ensure data integrity as a whole means organisations are at risk to several compliance breaches such as call recordings being tampered with, sensitive business information being exposed, and ultimately the original file format or the metadata of the call recording being altered. Compromised data cannot be used and may result in significant costs if this data is needed for regulatory compliance.
With Wordwatch, recordings are kept in their original format ensuring their validity. With this solution you can ingest, replay, manage, extract and report on calls from live and legacy systems whilst retaining all data in its original format. This also allows financial organisations to de-commission aging voice recorders, mitigating further risk.
Challenge #3: Managing A Growing and Complicated Infrastructure
With several generations of call recording technology, upgrades, end of life systems and new systems, voice infrastructure for financial organisations can become complex and costly to manage.
Due to the growing complex voice infrastructure, financial organisations may face the following challenges:
- Supporting multiple systems from different manufacturers
- Supporting multiple systems which have reached end of life support
- Paying for multiple support contracts
- Manufacturers ceasing support for the legacy call recording systems
- Important product updates being missed and security vulnerabilities for legacy call recording systems
- Being unable to access your voice recordings quickly and efficiently, due to them residing on different systems
In situations such as these, organisations need to simplify their call recording infrastructure.
Managing a growing and complicated voice infrastructure, particularly in different locations or across the globe will only get more complicated as newer systems are acquired, and older ones are deemed obsolete yet still maintainable in terms of storing data.
In terms of managing legacy call recorders, it’s important to consider the hidden risk behind security and network vulnerabilities. As manufacturers no longer release important updates to end of life systems, this can leave voice data exposed to untimely security breaches.
In terms of live call recorders, there is still a risk managing a growing and complicated infrastructure, where you are not able to access your voice recordings as easily as you would due to them being stored on multiple different voice recorders.
In order to tackle this, consider a solution which can unify all of this data together. This means, the mixed bag of call recording platforms (whether live or legacy), can be brought together onto one single point of access. Ultimately, this provides significant savings with the removal of legacy systems, a lower server footprint and risk mitigation knowing where all your data is stored.
Challenge #4: Managing Evolving Channels, Unified Communications & Digital Messaging Platforms
How can financial institutions keep on top of managing and capturing data from all the emerging channels for compliance?
10 years ago, recording and monitoring within financial organisations were limited to call recordings and email conversations. Today, the landscape has changed drastically. With the addition of multiple new channels, unified communications and digital messaging platforms such as Skype, Microsoft Teams, Webex Teams etc., compliance monitoring has become an even greater challenge.
Although these collaboration tools make it much easier for traders, clients, and even back office support staff to negotiate trades and share important information, they must also be monitored for compliance reasons.
As users continue to leverage platforms such as these, capturing and storing data from a wider number of capture sources can prove difficult. Many financial organisations lack the solutions to capture the extended scope of these communications. Moreover, let’s not forget that traditional compliance recording solutions cannot capture all these communications. They may partially capture some, with the remainder creating a black hole of compliance risk.
On top of this, regulators are expecting these new collaboration channels to also be recorded and stored in the same way as traditional voice communications.
The need to keep on top of evolving channels and unified communication platforms can prove to be a challenge. Ensuring there is one repository where all this data is stored becomes an even greater issue.
Keeping on top of these channels and systems is critical for compliance. Regulatory bodies are expecting all forms of communications to be monitored and extracted if needed. Failing to do so, can mean significant costs for the organisation as well as reputational risk.
Consider a solution which addresses all these channels and systems as well as one that incorporates legacy calls. Wordwatch can perform a full on-going ingest of all live calls across all interaction platforms (such as Skype, Teams) into one central interface, ready to be replayed and extracted for audit purposes or to your chosen application.
The Challenge Around Compliance Recording – Better Late Than Never
Managing compliance, particularly compliance recording, will always be a huge challenge for financial organisations. Therefore, many of our customers are dealing with their voice recording complexity now. They are finding their way out of the voice recording maze, aware that as more channels come on board, and regulatory bodies become more and more demanding, the problem will only escalate. They key is having an agnostic replay and management layer which will ensure the voice recording estate can remain forever young.
City CIOs need a serious, strategic answer to ‘data unification’. As an enterprise communications solutions provider, we helped three major investment banks deal with this complex issue and witnessed how technology helped with their legacy and interoperability issues as well as compliance.
For more information on the technology or any of the issues referenced in this article, speak to our team.