Compliance in the Digital Age – Why turning back isn’t an option

Banks are faced with the problem how to deal with communications in the digital age. Gone are the days they only had to monitor e-mails and tap their phones. Chats aren’t limited to Bloomberg anymore, instead many new channels can be used to communicate with peers and clients nor do their employees want to be constrained to use their company phones. However, these new channels present new challenges for banks to comply with their regulatory obligations. Some are trying to turn back time, but we will look at why this isn’t really an option and how financial institutions should respond in the 21st century.

Recently the FCA fined a former investment banker for sharing client confidential information over WhatsApp. The financial watchdog stated that the former managing director failed to act with due skill, care and diligence by sharing confidential, deal related information. Though neither he nor the people he shared the information with dealt in any securities relating to these disclosures and while the FCA accepted that he did not share it with that expectation, the consequences for his career are severe. However, the investment bank he worked for has also suffered as a result and the question is how financial institutions should respond to the challenge that comes with new communication channels and the behaviour of its employees in the digital age.

In a way, the problem is not new though. Fair markets always demanded control about how information is shared and therefore to some extend financial institutions always had to stay on top of their communication flow, too, be it through simple conversations to phone calls to e-mails to Bloomberg chats. Employees had to know what they could and could not say, while the regulated firms had to make sure they did. It just got a little bit more interesting first with mobile phones in general (since employees could simply step away from their desk, for instance, to make an unmonitored call), and smartphones with their variety of messaging apps. With the rise of the Bring Your Own Device (BYOD) era, i.e. employees use their own smartphones or tablets in place of the BlackBerry handsets their employers had provided for many years, banks had to act. Some banks listened to the wishes of their employees that rather used the technology they used at home by moving to iPhones and iPads, but the problem of controlling an always increasing number of channels persisted. So financial institutions like Deutsche Bank responded by banning text messages and communication apps altogether on company-issued phones earlier this year, while others try to rule in their staff by through internal policies and best practices for BYOD.

However, there is also another aspect that needs to be looked at in this context: the compliance with rules regarding record keeping of client communications. In addition to existing rules, new regulations like MiFID II or MAR raise the bar significantly. For example, MiFID II Level 1 and Level 2 legislation will require authorised firms to record telephone conversations or electronic communications when they receive and transmit orders, execute orders on behalf of clients, and deal on own account. ESMA’s advise and commentary outlined further the organisational arrangements to ensure compliance and the detailed requirements firms have to fulfil. Existing systems are unlikely to be up to the task and increasing the number of compliance staff would elevate the cost of doing business even more than it already has.

One solution is embracing digital change and the opportunities that RegTech firms and their solutions bring. Not only do they offer a way to record all relevant data and make sense of it, they enable financial institutions to better store, monitor and analyse it.

It’s not only about complying with existing rules though. Having a digital mind-set will also help in other ways: firstly, it will make adapting new rules easier as having the right setup and culture in place will support change instead of hindering the transition. Secondly, change is always an opportunity, too, and using new channels the right way empowers financial institutions to understand both its staff and its customers better, which in turn will make the whole organisation better.

So the bottom line is to embrace technology, but to be mindful about the risks that come with it. To make sure to train staff as eventually a bank’s employees are the best line of defence. If you have the right culture they will protect your company or to use the words attributed to Peter Drucker,: “Culture eats strategy for breakfast, every day, every time”.