We will be in contact shortly.
4 October 2021
Even though compliance is not a new requirement for financial institutions, organizations still work daily to check the boxes and stay up to date. While innovation enabled new ways to monitor activity, it also complicated things, burying organizations in data. The sheer volume and velocity can distract from the nefarious activity organizations need to detect.
Fortunately, surveillance platforms can help these organizations gain value from all that’s flying around. Our KX colleagues Sam Stanton-Cook and Enda Gildea, who have each been working in surveillance for eight years, shared how gathering and analyzing trades, quotes, E-comms, and more can provide financial institutions with the visibility they need to avoid fines and reputation hits.
Listen to the podcast on your favorite platform:
Vincent Lam (VL): What happens when financial institutions don’t meet regulations?
Sam Stanton-Cook (SS): There’s obviously the financial repercussions, which should come as fines. But the other piece that many are really concerned about is the reputational damage that can come with being caught. That’s something that they want to avoid at all costs. These days fines can reach up to a billion dollars, but it’s the reputational damage that comes with that’s of great concern.
VL: Wow, so the reputation is greater than a billion dollars?
Enda Gildea (EG): Sometimes.
SS: Well, it can be worth that much. Building an image of trust and respect with all of their customers and clients, can be worth more than a billion dollars to these companies. So, it’s really, really important that they mitigate these risks.
EG: Yeah, I couldn’t agree more. It’s also not only the reputation from the public, but potential business partners too. Would you want to work with you think someone who might be doing some dodgy-dealing behind our backs? So, it’s a matter of basic business integrity as well.
VL: Many new regulations have been cropping up in recent years, popular ones that many know by name, such as GFC and Dodd Frank. Were banks just monitoring themselves before that? Did these regulations spark evolution overnight?
EG: Prior to the last 15 years, most regulations were a box-ticking exercise. The systems were fragmented or manual. The data captured would just be simple activities, rather than everything that happened around each event.
The financial crisis led us to look deeper and think about everything surrounding these single activities. Adding in liquidity ratio, leverage checks, making sure you’re not front running any clients, all these regulations added up. And that meant that all the participants had to store a lot more data, as much as seven years worth. As a result, organizations need an automated system, moving away from legacy databases, and moving forward to a really accessible system.
SS: I completely agree. In the equities market, there’s always been some rules. In terms of the FICC markets, there was also some oversight, mostly manual investigations, where they would go back through and pull some data out of one of their trading platforms and then pull some data out of the audio recordings or emails and stitch it all together. Because of those fragmented systems that Enda spoke about, this process was traditionally was quite difficult.
Since these large organizations have so many systems pulling all of that information together to do this ad hoc analysis, that if the regulator came banging on the door, which they weren’t doing as much pre GFC, saying, “We need x, y, and z,” it was quite difficult to present it to them.
Post GFC, all of the regulations have gotten more specific about the data types that you need and how to store it such that you can report to the regulators.
VL: So, the problem you just presented – at least to the lay person – sounds almost untenable, right? I’m thinking about the volumes that must be going on at some of these large banks, all the different interactions, and most of them innocuous. Plus, I imagine that anybody that is savvy enough to commit some sort of fraud is probably not going to do it in a way that announces their committing fraud, burying it underneath all that traffic and making it seem like business as usual. So, what are the challenges that banks are facing to find this type of fraud and surface it? What are the key things they have to be able to do?