In our final article in the series we asked our experts a number of questions about the state of play of the surveillance function in today’s financial firms.
To kick-off, Emily Wright and Rob Mason listed some key challenges facing the function and surveillance professionals. For Wright, even though the detail may have shifted somewhat, these remain “the same as they have always been”:
- data access and integrity;
- technology (in terms of reliability as well as change);
- funding;
- number of false positives; and
- offshoring / reduction in key resource.
For Mason the focus on data completeness “represents a key shift” and firms must improve because “it must be better than it has previously been”.
Surveillance, in his view, has always been a “heavy lift task” with “lots of energy expended with little reward”. But, he now feels that “we are on the cusp of some better technology that might provide at least some answers.” But that harnessing this will require a “manifest leap” for organizations to implement this technology and incorporate it into their business as usual to really change the reality on the ground.
Also, “technology people will be a far more important stakeholder” because it will be essential to “understand the capabilities of AI engines as well as their functioning” in order to leverage them well.
Both Mason and Wright were quite downbeat about the current state of surveillance when it comes to staffing and resources suggesting that “in some organizations it is OK, particularly in those that are facing remediation action from a regulation”, but “across the board the general mood at the moment is doom and gloom.”
“While we are on the cusp of technology change, we have not got there quite yet.”
Emily Wright
Wright suggested that funding for the function has almost always, in her experience, been cyclical and “at the moment we are in a downward cycle – losing headcount, funding, resources, forced to do aggressive offshoring.” The latter is highly problematic if it exceeds a certain threshold and results in too much loss of highly skilled and experienced staff, it invariably leads to problems and enforcement action.
Mason agreed that surveillance and compliance tends to get access to resource and funding “when it’s raining” so when a firm is facing a “deferred prosecution agreement for example there is no shortage of resources.” He suggested that a good example of this is the $350m fine that JP Morgan paid in connection with data completeness issues. It is one that is sizeable enough to affect quarterly results and so will result in surveillance and compliance having access to resources and funding to address the underlying issue.
He reckons the “more nimble compliance leaders out there will try to leverage this to increase head-count size simply because they have been under pressure for so long.”
In his view the big issue is that reducing spend and improving efficiency has not led to either better results or cost savings: “For all the cost cutting I don’t know of many banks that are spending less money on surveillance when compared to, say, 10 years ago. The cost of everything has gone up – technology / wages. We are in a period of austerity, but the bank has not in any meaningful terms reduced the cost of surveillance. But they are not getting any better surveillance results.” And this is another reason why AI and technology solutions more generally should be explored.
And while Wright and Mason both believe that “surveillance has to be better about delivering on its current remit” they also think that some of the cost-cutting efforts are premature. According to Wright, organizations “are busy cutting heads before they have the tools in place to permit them to do so safely. Because while we are on the cusp of technology change, we have not got there quite yet.”
One of the big issues is resourcing. Mason says that is “essential for firms to understand what the technology does, where the gaps are” and also be able to explain this to senior management, the Board and the regulator. But according to Wright “surveillance talent is not at present good enough on AI” and it is difficult to see how this will improve in the short term because “some of the people working on solutions have either the surveillance knowledge or the AI know-how, but not necessarily an adequate combination of both.”
“Technology people will be a far more important stakeholder.”
Rob Mason
The question of surveillance facilitating over-disclosure to the regulator also came up. Wright cited an example of a bank at which she worked where the general counsel had “an enormous amount of clout and the advice to surveillance was always: capture the minimum you have to, purge everything, only hold it as long as you need to”.
According to Wright the bank was “religious about legal hold because it meant you could delete 90% of everything and only hold the data that you had to.”
But that was not the right way forward necessarily either because it led to some “gnarly questions”. Wright argued against this “bare minimum strategy” because if you are “in a principles based regulatory environment you have an obligation to do the right thing. And if you have risk on a line or channel then you have an obligation to apply a control environment.”
In her view it is entirely appropriate for a regulator to “assume that if you did not have the records it is either because you chose not to because there was risk that you could not mitigate or there were big costs associated with it, or because you were trying to hide something. And in such an instance “the enforcement has to fit the fact that you did not apply the control environment.”
Both Wright and Mason are bullish, however, about the future of surveillance. Although they are too experienced to offer absolute certainty about an uncertain future, faced with a question whether a broader remit for surveillance is on the horizon in connection, for example, with financial misconduct, their answer was a guarded but forceful “Yes!”
Other articles in this series
- Compliance and HR in the second line of defense – a new paradigm
- Ensuring senior management follows the rules
- Compliance training and the promise of AI
- FCA non-financial misconduct survey
Emily Wright is the Author of Behind the Screens: Understanding Employee Surveillance in Financial Services and former Global Head of Compliance Surveillance at Standard Chartered Bank.She has more than 20 years of financial services experience including senior roles across Compliance, Operational Risk and HR, within Standard Chartered Bank, JP Morgan, Lehman Brothers, ICAP PLC and Newedge Group. Emily has worked in London, Hong Kong, Singapore and Australia.
Emily has an MSc in History & Philosophy of Science from The London School of Economics and now offers consulting and executive coaching for financial institutions in surveillance & monitoring, regulatory compliance, and culture & conduct issues.
Rob Mason is the Director of Regulatory Intelligence at Global Relay. He has a wealth of experience across both banking and regulation, having undertaken senior compliance surveillance roles within UBS and Lloyds Banking Group, where he was responsible for the oversight, management, review and enhancement and operational effectiveness of the surveillance undertaken, including navigating internal and external audits as well as regulatory visits.
Before his time within bank compliance, Rob spent five years at the FCA where, most notably, he was the Technical Specialist in the team initiated to supervise the MAR – reviewing and examining all regulated firms’ surveillance capabilities aligned with regulatory expectations. Prior to joining the FCA Rob had a trading background with 10 years specializing in trading and broking on-exchange derivatives.
