The pandemic has had a significant effect on how business are being run, due to the challenges of homeworking and changes to technology. According to Julia Hoggett, the FCA’s Director of Market Oversight, banks must still deliver the same standard of surveillance with home workers as they would in an office environment. Hoggart warned that any challenges faced at the beginning of the pandemic where the usual levels of recording and surveillance were not possible, should now be fixed.
It now seems there is no room for error. It also seems that misconduct may especially be increased by use of encrypted and unmonitored communication apps such as WhatsApp, which can be responsible for sharing potentially sensitive information connected with work. If this is the case, organisations must ensure that these apps are being recorded and auditable.
The pandemic can no longer be used as an excuse for non-compliance. The FCA expect both office and remote working arrangements to be equivalent and to play their part in ensuring our markets are clean whatever the times and whatever the challenges.
With the opportunity to provide remote working offerings to employees outside of the pandemic, it’s a vital time to revisit and update policies and solutions.
According to the FCA, ‘they expect firms to have updated their policies, refreshed their training and put in place rigorous oversight reflecting the new environment – particularly regarding the risk of use of privately owned devices’.
The FCA went on to say, ‘these policies should be demonstrable to us and to your audit teams. It should go without saying that policies should prevent the use of privately owned devices for relevant activities where recording is not possible’.
Financial Organisations now need to look at long-term solutions to ensure effective surveillance at all times – pandemic or post-pandemic, office working or remote working. New ways of working have now been found and have been fully adopted – ways of working we thought might happen in the future have now been catapulted into the present.
Regulatory obligations have not changed – it’s how they are managed that will need changing.
What part does Technology play in helping to ensure compliance in a work-from-home environment and keeping our markets clean?
Technology firms have had to react quickly to changing demands in the market, as traditionally compliance controls meant some roles were not naturally suited to home working. Working remotely can make it difficult to comply with specific regulatory requirements and introduces new types of risks and challenges into the business.
Technology and data play a big part in keeping markets clean and the good news is that there is a plethora of regulatory technology out there which specialises in ensuring regulated firms remain compliant, specifically for when staff are working from home.
Investment banks need to maintain effective control of traders monitoring for non-compliance and recording certain types of communications. In an ideal world, would you have your traders speaking to customers over the phone at home? – probably not. But as we have all found 2020 is not our ideal world, and we’ve all had to rise to new challenges.
Going forward, despite what path the virus may take, many organisations are now considering hybrid ways of working for employees. For many it’s worked well, employees are enjoying the extra hours back in their day which was previously taken up with commuting. Now is the time to look at potential long-term changes to allow this to continue.
Remote Working Technology Solutions
Now that many businesses are on the tail end of managing remote working challenges, forward thinking financial institutions are now focussing on boosting recovery and productivity.
So, what immediate steps can financial services organisations take to continue to strengthen remote working and solve challenges around:
- Limiting disruption to your clients
- Managing visibility of all communications activity, both in and out of the organisation
- Managing communications in real-time across employees, departments, teams and locations
- Quality Monitoring
Managing visibility of all communications activity – Cloud Communications Management
Look for a flexible Cloud Communications Management solution that allows you to route communications to employees regardless of their location. By intercepting a call in the cloud, the solution will route the call to an employee’s mobile or landline ensuring that the call is still being recorded in line with business processes.
Management are still able to gain visibility of all communications activity in and out of the business and disruptions to customers are avoided. In addition, this allows activity to be managed in real-time across all employees, departments, teams and locations.
Ensuring Compliance – Mobile Call Recording
This solution is ideal for any regulated organisation that must record business calls even when staff are working from home. Most mobile call recording solutions can be deployed within days and usually require no assistance from IT. Security is guaranteed as calls are stored in a secure web interface.
When the need for mobile call recording was first introduced by the FCA back in 2011, most solutions at the time were unstable however today the technologies have advanced greatly.
There are options available whereby employees can use their personal mobile phone to make and receive business calls and SMS. The mobile application provides a second number on a business or personal phone for calls and SMS helping to reduce the number of mobile handsets an organisation needs to provide while allowing them to capture inbound and outbound calls and texts to meet regulatory requirements. Recordings can be retrieved from a simple interactive web-based portal and usage reporting is also available.
Capturing and Archiving WhatsApp Communications
Recording obligations, according to the FCA, ‘apply to conversations and communications made with, sent from, or received on, equipment provided or permitted to be used for business purposes’.
This therefore includes recording and archiving WhatsApp communications (text & voice calls), which the latest emerging technology can do.
With this technology solution, WhatsApp calls, texts, multimedia and files on corporate-issued and employee BYOD phones are captured and archived (on-premise and in the cloud), ensuring compliance with regulations such as MiFID II and Dodd Frank etc.
Although unified communications and collaboration platforms are transforming the way millions of us are working every day by enabling business communications and supporting internal collaboration, this does bring about challenges around compliance. Rules require organisations to record voice and electronic communications as well as to retain them for a specific number of years and provide full reconstruction of trades when the regulator demands.
Although Microsoft will record Teams calls and store them in the cloud, it only does the recording. However, not only does data needs to be stored, it must also be retrievable for replay and analysis for regulatory compliance, conduct risk management, surveillance and evidential purposes.
Many organisations who are regulated will need a third-party solution to manage, replay or archive calls for compliance. They will need to take into consideration utilisation/volume of traffic on Teams, what communication features within Teams staff are using (i.e. Calls, videos, chats etc.), which storage platforms they wish to use and where the recordings are to be stored. They will also need to decide on what type of resilience they require in their capture platforms and current recording solutions.
Remaining compliant in a work-from-home environment and staying on the path to recovery
Financial Organisations must continue to take steps to strengthen remote surveillance operations so they can continue to thrive in a remote environment.
COVID-19 has accelerated a transition to a more digital, flexible and virtual workplace and technology is playing a vital role in making this happen.
The FCA have been very clear on their stance that whether an employee is working from their kitchen table or their office desk, regulatory obligations with regards to managing market abuse, remains rigid. Both organisations, and individuals are still required to meet compliance, and this has not diminished in the face of the virus.