Welcome to GRIP, Global Relay’s new digital information service on practical compliance and regulatory change.

Please enjoy this free trial of our subscription content service, for a limited time only.

  

Rules

Compliance always needs a human touch

Photo: Getty Images

Thomas Hyrkiel

 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

We sat down with William R Rowe III, Global Head of eComms Compliance at Cantor Fitzgerald, to talk about how the job is changing.

How did you first get involved with Global Relay at CF?

“We had a number of issues where nightly batches did not generate, the lexicon was weak, it had no advanced whitelisting capabilities, there was message type incompatibility. It was a tough system to work with: it had constant software issues, and hardware upgrades were required with support that was not very good. It was really a thorough and complete mess.”

“Right from the start of my tenure at CF we began getting various replacements like Global Relay, and I have been very happy with GR.”

Do you ever have dull days?

“I sort of operate as a ‘Swiss Army knife of compliance’ and although I am the global head of eComms, managing the GR system on a global scale, there are other things I am tasked with such as AML and transaction monitoring duties, vetting clients and client refreshes, reviewing trade alerts on various platforms, and interpreting various transaction reports.”

“No one day is like another. We have a small, tight team covering 200 global entities so we always have our hands full, we are always learning, and it is nice to not be in a silo as we all get to work on high-level, interesting projects. I have developed and organically grown our eComms monitoring efforts globally from a policy and lexicon perspective and also conduct a risk assessment of our affiliates, using GR to help us to reign them in from an eComms perspective. It has been a very interesting journey in a full four years.”

“There is an ebb and flow and, like all firms, we have had to cope with temporary budget cuts at the start of Covid-19 with headcount loss, but we have made new hires since. But I am supported by incredible colleagues who are very dedicated and who work in all time zones to accommodate our global footprint.”

What is your stance on innovative tech, especially in the compliance space?

“We are starting to use AI and ML more regularly and eComms is not straightforward, especially if there is a reliance on random sample and lexicon. False positive rates can dominate the hits. That narrow percentage of hits that emanate from bad actors is the target. We have enjoyed our sessions with the AI Lab at GR and we are excited about what happens next in this iterative process.”

“It is hard to evaluate the worth if tech and people in management have differing views, sometimes leaning towards being conservative to catch all in a bid to make sure that not one key alert is missed. AI might fall into this category and we need to show results of substance. Testing and review of samples can build confidence here so that different compliance officers get comfortable with what they are looking at.”

“I think this is a slow and gradual adoption process across the industry, as so much is related to education and participation in industry events to help people to grasp the concepts that can be distributed across a firm.”

“The area of hesitation in eComms is all related to voice as the tech, while improving, is still not quite there yet. The machine approach is already ahead of human analysis but I frame this as a tool that works 24/7 rather than the limited hours a human can contribute. It is efficient and effective, and carries less management risk with less maintenance and fear of turnover.”

“Compliance always needs a human touch and market knowledge, especially as we become more electronic. AI can really augment this, assisting with the more manual compliance processes.”

How do you view voice as a data type and is it something that now demands monitoring?

“No one could foresee Covid-19 and the challenges it would have for all of us, firms and regulators. This has led to the emergence of collaboration platforms and this is a new paradigm that regulator and regulated need to adapt to.”

“In terms of voice, I think regulators are just starting to poke around what we have in place; there have not been many intense, thorough requests or actions that I am aware of in the industry. But if there is an opportunity to be better prepared, I am a proponent of it and this need is imminent.”

“Beyond the pure regulations, if you take a risk-based approach and there is a business-related communication in voice, we want to archive and monitor it and we want to use technology to do that as efficiently and accurately as possible. So leveraging AI and ML in voice is going to be very important to us. Our management want us to embrace this in 2022.”

“The industry-wide interest means greater adoption and lower costs for all in the capture and monitoring of voice. Even though there is no regulatory requirement in the US currently, this is all about capturing risk to prevent nefarious activity, whether the regulator tells us to do it or not. It is the right thing to do.”

Do you see challenges related to emerging privacy regulation?

“There is such an obvious privacy risk related to delving into people’s personal mobile phones, and the best way to prevent this is to have all attest that they are not using their personal phones to conduct business or advise on business.”

“With the California Consumer Privacy Act, more regulation is emerging to control privacy. It’s natural that you will be capturing much more than you want to. Not only does this breach the private/corporate divide, but it also triggers many more false positives. This needs to evolve. It is a very tough topic and it will be interesting to see what happens next.”

Is crypto on your radar and how do you go about educating management on any risks?

“A lot of leaders at financial institutions still don’t really understand crypto. We have discussed this on our team, talked about the intricate settlement process compared to traditional financial product, and I am a Coinbase user personally. The settlement periods are different and are gradual.”

“Governments must take a risk-based perspective if they are adopting their own virtual currency. Data leaks and vulnerabilities apply to them too, even though it might only represent a shade of the money laundering risk related to paper currency. It will be fascinating to see how regulators and officials approach this.”

William R Rowe III, Global Head of eComms Compliance at Cantor Fitzgerald

“For leadership and for compliance, there are a lot of nuances and intricacies to understand. But for regulators, the biggest exposure must be in the AML space. Most of the more established crypto platforms and exchanges have considerably enhanced their know your customer processes – onboarding with two forms of ID, such as a social security number.”

“This will all help but, for intermediaries like Coinbase, the onus is on them to normalize this so it resembles a bank-type environment or a financial intermediary. The quest to retain anonymity is being chipped away now. It will never fully resemble a traditional financial product but, from an AML perspective, it must. It is getting more institutional traction.” 

Do you have a view on governments deploying national digital currencies?

“Governments must take a risk-based perspective if they are adopting their own virtual currency. Data leaks and vulnerabilities apply to them too, even though it might only represent a shade of the money laundering risk related to paper currency. It will be fascinating to see how regulators and officials approach this.”

“My own initial aversion to widespread crypto adoption was as a student of Charlie Munger and Warren Buffett, who have been public opponents. In commercial terms, I think it does minimize many of the compliance and AML risks but also presents new ones at the same time. The vulnerability within blockchain and DeFi is, of course, the immaturity of interest in and knowledge about them.”

“I think it is advantageous to adopt it at a national level. It reduces cost and improves reliability in asset transmission, especially for the unbanked. It replicates new entrants to the money transmission business but offers superior technology. The more widespread the adoption, the greater the commercial advantage.”

Based on your many years of compliance experience, what macro risks do you think lie ahead that require diligence?

“Compliance and financial system risk is perhaps best pinned to easy money and easy credit historically. It can take longer to emerge but it feels like we are entering that cycle again now. The economy seems to be running out of steam and this leads to new risk, especially for front office folks who are more prone to push it, perhaps participate in something they should not to compensate for the squeeze.”

“The big compliance risk is the cohesiveness of other businesses from a tech perspective. It is evolving so fast that it is a challenge to compliance teams and even national regulators to stay up-to-date. Zoom is a great example.”

“We all need to take in as much information as we can so we are educated on what is being developed and invested in. We often have to conduct risk assessments in-flight right now as the advances are so fast. Tech improves business and process in an exciting way but new risks have to be analyzed. We all have to stay educated and curious.”

, , , ,

You may also like