Following my previous blog on PCI DSS Compliance, I had some push-back on my claim that confusion persists in UK organisations regarding call recording for PCI compliance. So it’s only fair and reasonable that I should justify my observations and explain precisely why I believe that some organisations still aren’t getting it. Business Systems specialises in call recording technology implementations and with 25 years’ experience as an independent provider we have pretty much designed, installed and provided on-going service delivery and support for most solutions. In our work in the industry, we have had a steady stream of engagements where clients have mistakenly believed that their call recording solutions met their PCI obligations. The four most common mistakes we see are: Access to our recorder is password protected: while this may be good systems management practice, it is not PCI Data Security Standards compliant. It still does not satisfy Requirement 3.2 which stipulates that no personal identification information should be captured or retained. Our recordings are encrypted: while this was initially viewed as being OK, there has been further clarification on encryption which rules it out: “Sensitive Authentication Data cannot be stored whether encrypted or not”. We use audio masking to obscure the sensitive data: while this approach (it’s a bit like a TV Bleep machine) may seem reasonable, it is not PCI DSS compliant as the sensitive authentication data is still being retained. At collection our agents pause & resume the recording: again this fails to meet requirements and has been the subject of an explicit clarification. Sensitive authentication data must be removed from recordings… “with no manual intervention by your staff”. The fact that the pause has to be initiated manually by the agent means that it is liable to human error as the agent may simply forget to pause the recording. If you want to find out more on how Business Systems can help you ensure compliance, feel free to contact us: 0800 458 2988, [email protected]. Written by: Business Systems UK
Blog 29 January, 2026 Microsoft Teams Recording Without the Risk: A Practical Guide for Regulated Organisations Microsoft Teams has become the backbone of collaboration across financial services, insurance, the public sector and other regulated industries. Trading conversations, client discussions, internal decisions and approvals are now happening daily across voice, video, chat and shared files. That shift brings opportunity, but it also introduces risk. For organisations operating under regulations such as FCA,
Blog 5 December, 2025 The clock is ticking: Why end-of-life recording systems are a critical compliance risk Outdated recording technology isn’t just an inconvenience, it’s a ticking time bomb for regulated firms. For financial services and other heavily regulated industries, end-of-life (EoL) voice recording systems can create dangerous blind spots. When vendors withdraw support, these unsupported platforms become vulnerable, exposing your firm to major compliance penalties under frameworks like MiFID II, FCA,
Blog 20 November, 2025 Proactive AI vs Reactive AI: Understanding the Difference Artificial intelligence is changing the way organisations across the UK engage with customers, but all AI solutions aren’t created equal. Many still rely on reactive models that respond only once a customer makes contact. Proactive AI takes a more advanced approach, identifying needs and acting before the customer does. Understanding the key differences between proactive
Blog 20 November, 2025 5 Ways Proactive AI Can Reduce Manual Workload in Contact Centres Contact centres today face a familiar challenge: maintaining exceptional service while managing high volumes, rising costs, and limited resources. Agents are spending valuable time on repetitive, manual work instead of focusing on complex, high-value interactions that truly build customer loyalty. This is where Proactive AI makes a measurable difference. By combining automation with intelligence, it
Blog 4 November, 2025 End-of-Life Voice Recording Systems: Why Doing Nothing Is No Longer an Option in Voice Data Compliance Across regulated industries, a silent risk is growing. As legacy voice recording platforms reach end-of-life (EoL), they don’t just age, they expose organisations to compliance blind spots, data integrity issues, operational fragility and accrue mounting maintenance costs. Ignoring unsupported systems is no longer a harmless oversight; it’s a calculated compliance gamble. With regulators tightening oversight
Blog 28 August, 2025 What is Conversational AI? A Beginner’s Guide to Smarter CX In today’s fast-paced digital landscape, businesses are under increasing pressure to deliver seamless and efficient customer experiences (CX). Customers expect quick responses, personalised interactions, and 24/7 availability. This is where Conversational AI comes in. By leveraging artificial intelligence (AI) and natural language processing (NLP), Conversational AI enhances customer service, automates interactions, and significantly improves operational
Blog 23 July, 2025 Mike Wardell Appointed Executive Chairman We are pleased to announce that Mike Wardell, former CEO of Business Systems Ltd, has transitioned to the role of Executive Chairman of both Business Systems and Wordwatch. This strategic move marks a significant milestone for both brands as they continue to strengthen their market-leading positions in customer contact solutions and communications governance and archiving.
Blog 16 July, 2025 Unlocking the Power of Conversation: How Interaction Analytics Is Reshaping Contact Centre Workforce Planning Contact centres are no longer just cost centres – they’re goldmines of actionable insight. And in 2025, forward-thinking customer contact leaders are discovering that the most untapped resource in their operations isn’t in headcount or tech—it’s the conversations they’re already having. Welcome to the era of interaction analytics. With the power to transform how you