Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy

OCTOBER 2018

Prepared for:

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

TABLE OF CONTENTS INTRODUCTION ...... 3 METHODOLOGY ...... 3 COMPLIANCE AND COMMUNICATIONS MONITORING: A QUICK HISTORY LESSON ...... 4 THE CHANGING FACE OF SURVEILLANCE ...... 8 THE ROLE OF SPECIALIZED SOLUTIONS ...... 9 CORE CHALLENGES: INTEGRATION AND ACCURACY ...... 10 LEVERAGING SOLUTIONS: INTEGRATION AND COMMUNICATIONS SURVEILLANCE ...... 12 THE MISSING LINK: THE IMPORTANCE OF E-COMMUNICATIONS MONITORING ...... 12 FILLING THE TECHNOLOGY GAP ...... 12 THE NEXT GENERATION: INDIVIDUALISTIC SURVEILLANCE ...... 14 CONCLUSION ...... 16 ABOUT AITE GROUP...... 17 AUTHOR INFORMATION ...... 17 CONTACT ...... 17

LIST OF FIGURES FIGURE 1: TRADE AND MARKET SURVEILLANCE SPENDING, 2010 TO 2020...... 4 FIGURE 2: REACTIVE VS. PROACTIVE APPROACHES TO COMPLIANCE ...... 5 FIGURE 3: COMPLIANCE INVESTMENT PRIORITIES ...... 7 FIGURE 4: COMPLIANCE PROCESS CHANGES IN THE NEXT 12 MONTHS ...... 8 FIGURE 5: AUTOMATION IN COMPLIANCE PROCESSES ...... 9 FIGURE 6: COMPLIANCE DATA INTEGRATION ...... 10 FIGURE 7: COMPLIANCE FUNCTIONALITY CHALLENGES ...... 11 FIGURE 8: RESPONDENT FIRMS’ E-COMMUNICATIONS MONITORING MODELS ...... 13

LIST OF TABLES TABLE A: GLOBAL COMMUNICATIONS REGULATORY SUMMARY ...... 6

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

INTRODUCTION

The deluge of regulatory obligations that ensued from the 2008 global financial crisis placed the industry spotlight on the multifaceted compliance function. Everything from tightening up employee monitoring practices to ensuring data lineage and audit trails are in place has come under scrutiny over the last decade. Culture and technology take time to change, however, and the industry is only now seeing the real picture emerge.

The chief compliance officer was formerly a standard but unobtrusive member of the C-suite, but this individual has become a crucial contributor to firm-wide strategy and operations. While compliance standards and practices were once deemed sufficient by way of their mere existence, they are now a key and highly examined part of prospective clients’ due diligence investigations, including the initial line of defense found in front-office surveillance controls. And though compliance-focused technology was an afterthought or, in many cases, nonexistent, the regulatory technology sector has emerged as a significant shareholder of financial technology investment—and a good portion of firms’ technology budget remains betrothed to regtech allocations for at least the near future. This white paper highlights these changing dynamics and the integral role that next-generation technology will play in the evolution of the compliance function.

METHODOLOGY Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy, commissioned by Digital Reasoning and produced by Aite Group, is based on proprietary Aite Group research, including qualitative in-depth interviews and data collected in surveys executed by Aite Group in 2016 and 2017. Response filtering and quantitative and qualitative data analysis were also conducted by Aite Group.

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

COMPLIANCE AND COMMUNICATIONS MONITORING: A QUICK HISTORY LESSON

Since the 2008 global financial crisis, the regulatory environment has changed to a new normal. The revised Markets in Financial Instruments Directive (MiFID II), the Dodd-Frank Act, the Market Abuse Regulation (MAR), and countless other regulatory acronyms that may cause the reader confusion, bad memories, or fear, have put extreme pressure on financial institutions to remain compliant. Unsurprisingly, financial institutions’ compliance departments and anyone focused on controlling their front offices have gained a level of relevance unseen in the past.

Of concern are not only the number of regulatory regimes to comply with—an inevitable side effect of the globalization of the financial industry—but also the increasing size of fines and the growing publicity profile of regulatory infractions. Throughout several Aite Group quantitative and qualitative studies, compliance personnel and firm executives consistently report that compliance standards are considered highly important to firm operations. Likewise, where the compliance department exacts influence within the firm has recently expanded as well; in 2017, throughout several quantitative and qualitative surveys conducted by Aite Group, financial firms increasingly emphasized the importance of compliance to both firm operations and firms’ long- term strategy. Moreover, spending on trade and market surveillance specifically has expanded at a 14% compound annual growth rate (CAGR) and will likely surpass US$1 billion in surveillance technology spending within the next five years (Figure 1).

Figure 1: Trade and Market Surveillance Spending, 2010 to 2020

Projected Vendor IT Spending on Market Surveillance and Trade Compliance, 2010 to e2020 (In US$ millions) $827 $759 $690 $616 $542 $460 CAGR 14% $422 $375 $300 $258 $210

2010 2011 2012 2013 2014 2015 2016 2017 e2018 e2019 e2020

Source: Aite Group

The recent increase in compliance focus was largely fueled by MiFID II implementation in January 2018; post-deadline compliance requires further coordination and a deep understanding of the directive. These large projects, sometimes in the tens of millions of dollars, involve entire

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018 institutions and require compliance departments’ involvement in setting firm strategies for the long term.

Indeed, the role of the compliance department has transformed in many ways throughout the firm as well as throughout the traditional lines of defense; while in most firms the front office maintains its own surveillance practices, it is now working much more closely with the general compliance infrastructure. The way this relationship works depends on the type of firm, but in general, it remains fairly horizontal across firm types; a typical iteration of the structure sees compliance departments advising the front office rather than supervising the day-to-day activities. Though supervision is unavoidable, it is a smaller part of the overall collaboration, the level of which reflects the firm’s cultural preferences toward proactive or reactive approaches to compliance responsibilities. While firms are evenly split between proactivity and reactivity (Figure 2), the level of the compliance department’s coordination with the front office (which also typically maintains its own line of defense) is an effective indicator of each firm’s cultural preference.

Figure 2: Reactive vs. Proactive Approaches to Compliance

Q. How reactive or proactive do you feel your firm is with regard to monitoring noncompliance? (n=103)

49%

39%

8% 4% 1%

Very reactive Reactive Proactive Very proactive Don't know/not applicable

Source: Aite Group survey of 120 capital markets firms, Q4 2017

One consequence of the changing regulatory regime is that many firms’ main concern has been understanding new regulatory requirements and their direct impact on firm operations. To illustrate just how challenging this can be, especially for firms operating in multiple regulatory jurisdictions, Table A provides a summary of major global regulations covering communications surveillance requirements.

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

Table A: Global Communications Regulatory Summary Year Regulation Relevant requirements Sources covered 2003 Market Abuse Anti-insider trading and market Not specified Directive abuse directive (MAD)

2003 Securities and Requires firms to record and All platforms—covers cellular by Exchange maintain communications for default Commission three years

2010 Dodd-Frank Recording, record-keeping, Email, instant message, voice Act technology audits

2014 MAD Updated to include recording Phones, computers, devices and storage of trade-related communications

2016 MAR Recording and storage of Phones, faxes, e- communications related to communications, meetings, trade execution websites, blogs, social media

2018 MiFID II Recording and storage of Phones, e-communications, communications, use in trade internal and external reconstruction

Ongoing Chartered Recording and storage All Financial Analyst Institute

Source: Global regulatory regimes, CFA Institute, Aite Group

However, during the last 12 to 24 months, concerns over understanding regulations has started to give way to emphasis on technological ability—indicating that firms are beginning to fully appreciate the importance of leveraging available compliance technologies to guide them through the regulatory labyrinth. As a result, investment in compliance vendor technology has eclipsed other areas of compliance investment, significantly outpacing consulting services (Figure 3). This shift in focus indicates a structural change within compliance departments; they have moved toward seeking the right technology products to supplement the efforts made on the research and education front. While the timing of regulatory implementations has undoubtedly influenced this shift, there is much evidence that the vendor community has managed to affect this outcome by providing firms with extensive counsel and independent research in regard to deploying compliance technology.

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

Figure 3: Compliance Investment Priorities

Investments in Compliance Support Over the Past 12 Months (N=120)

Increased investment in dedicated 45% technology (vendor) Reworked process via consulting 28% services Increased investment in dedicated 25% technology (in-house build)

Increased dedicated staff 23%

Don’t know /not applicable 20%

Began/implemented/completed a 16% centralization project

Other 5%

Source: Aite Group survey of 120 capital markets firms, 4Q17

After years of evolution in both regulatory regimes and compliance departments, firms are accepting at last the necessity of investment in regtech. Compliance departments are vastly more important and interconnected within firms, and firms’ C-suites appear to finally be aware of the importance of leveraging the most developed regtech available. Perhaps most importantly, spending trends indicate that the executives holding the purse strings have accepted this reality. For many firms, the question is not whether to invest in compliance technology but rather how to best utilize the available solutions.

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

THE CHANGING FACE OF SURVEILLANCE

A major shift in the trade surveillance technology space in recent years has been the expected driver of compliance process change. In 2016, it was widely anticipated—considering the impending MiFID II deadline—that regulatory scrutiny would shape the way compliance operations took place during 2017. In a post-MiFID II world, the general industry expectation is of a normalized regulatory regime without vast changes, and thus there is slightly less focus on regulation as a driver of compliance processes. Instead, the influx of new data sources and technologies is now a major driver of compliance initiatives; over two-thirds of firms surveyed at the end of 2017 had either completed a recent strategic review of compliance technology or were planning to do so in 2018 (Figure 4). Correspondingly, regulatory scrutiny as a primary process change driver saw a statistically significant decrease. In terms of data sources that need to be considered, a few stand out:

 Trade surveillance and e-communications: Specifically, there is a need to integrate both structured and unstructured data sources pulled from a number of systems for the purpose of identifying suspicious activity and malicious intent.

 Best execution requirements: Especially considering transaction cost analysis, this requires financial institutions to collate data on trading strategies, dealers, venues, algorithms, and execution impact across all asset classes through the trading workflow.

 Transaction reporting: With MiFID II the number of fields to report has increased from 24 to 65, as has the number of instruments within the reporting scope, all at T+1. If delegated to third parties, the responsibility is retained by the reporting firm.

Figure 4: Compliance Process Changes in the Next 12 Months

Q. Have you conducted a strategic review of your compliance technology environment in the last three years? (N=120)

Don't know 3%

No, none planned 28%

Yes 41%

No, but planning one in the next 12 months 28%

Source: Aite Group survey of 120 capital markets firms, Q4 2017

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

THE ROLE OF SPECIALIZED SOLUTIONS The scale of the data challenge for all individuals engaged in compliance has been bemoaned at industry conferences across the globe over the last couple of years, but certain areas of the function have benefited from the use of specialized technology to automate formerly manual, labor-intensive processes, such as false positive filtering and e-communications alert reviews. Approximately half of firms now employ automated processes to some degree (Figure 5), most of which are deployed in the realm of trade surveillance. Of course, all technology evolves from a baseline; in the case of trade surveillance technology, the most primitive solutions enable users to manually investigate potential misconduct cases in a siloed manner from a desk or market perspective. Given the increasing diversity and complexity of data, not to mention volume, manual processes are unsustainable. The evolving sophistication of refined malicious behaviors makes identifying breaches even more challenging, especially without equally sophisticated tools designed to isolate the urgent from the irrelevant.

Figure 5: Automation in Compliance Processes

Q. To what degree has your organization moved away from manual processes for compliance support? (N=120) Don’t know /not Fully applicable automated 1% Fully manual 2% 14%

Somew hat automated 49% Somew hat manual 34%

Source: Aite Group survey of 120 capital markets firms, Q4 2017

Although trade surveillance is the primary area in which specialized compliance technology is used, there has been a gradual increase in the use of technology in several other compliance areas, specifically Know Your Customer (KYC) practices, anti-money laundering (AML) tools, and e-communications surveillance infrastructure. While specialized technology has been deployed in KYC and AML practices for some time, firms are just starting to realize the benefits of adopting a holistic strategy for all areas, though this requires a certain amount of groundwork related to integration. Considering the technology available in the marketplace, many firms are relatively behind in terms of e-communications technology adoption. Nonetheless, leveraging specialized solutions for all these areas—particularly natural language processing capabilities—has certainly become a more urgent conversation and investment mandate.

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

CORE CHALLENGES: INTEGRATION AND ACCURACY Where does the next frontier lie for trade surveillance once the manual processes have been replaced by technology? Integrating structured and unstructured data is vital to produce effective alerts but remains challenging for financial institutions. Figure 6 shows that there is room for integrated solutions to enter the trade surveillance markets. The data clearly displays such a need: While slightly over half (53%) of firms recently surveyed have a central data platform in place, all but 10% of firms have plans to implement an integrated system or are considering doing so.

Figure 6: Compliance Data Integration

Q. Does your firm have a central platform in place for data and documentation storage for compliance monitoring purposes? (N=120)

No, and have considered and decided against 1% No, and have not Don’t know/not considered applicable 9% 1%

No, but are considering whether it makes sense Yes 24% 53%

No, but have plans to put one in place in the next 12 months 13%

Source: Aite Group survey of 120 capital markets firms, Q4 2017

Integration of data sources, particularly unstructured data (a frequent e-communications monitoring hurdle) remains a formidable challenge for financial institutions (Figure 7). This is particularly related to the need to not only review flagged trading patterns but also enrich the view by adding other sources, such as e-communications data, so that a more accurate picture might be revealed. Communications surveillance is so important for regulators that the wording in new regulations includes references to the relevance of records in criminal prosecution cases. The ability to marry structured trading data and unstructured communications is not well- managed, with many compliance departments finding it extremely challenging; despite this under-development, data-type integration is a key part of next-level alert generation.

Alerts are indeed the lifeblood of employee monitoring; their accuracy is key, and they are essential to the success or failure of any surveillance system. Inaccurate alerts generally translate into an excess of false positives, which pose a time management challenge for the surveillance employee who needs to review them. The amount of time needed for compliance support has been cited as the most difficult compliance challenge (Figure 7), and it is certainly no easy task to reduce the number of false positives, especially when firms are still struggling to properly handle the increased amount of data utilized for monitoring. Furthermore, rules-based alerts provide

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018 only so much insight into potential cases, which—when combined with an exponential growth of data—can result in an explosion in the number of false positives. Moving from rules-based review of e-communication to natural language processing would indeed refine the data results and allow firms to more seamlessly integrate e-communication flags within the overall surveillance infrastructure. Financial institutions are still struggling with prioritizing and contextualizing each case, and with automating the process itself (dismissing nonrelevant alerts).

Figure 7: Compliance Functionality Challenges

Q. How would you rate the difficulty of each of the following compliance areas?(n=105)

Time to support new 8% 25% 50% 11% 7% requirements

Nonstandard data support 7% 20% 41% 24% 9%

Risk and control oversight 5% 19% 39% 14% 23%

Lack of automation 4% 11% 46% 26% 13%

Business structure issues 15% 51% 23% 9%

Audit 6% 30% 45% 17%

Client pressure 10% 46% 35% 8%

Extremely Very Somewhat Not difficult at all Don't know/ difficult difficult difficult not applicable

Source: Aite Group survey of 120 capital markets firms, Q4 2017

A worrying statistic to ponder is that addressing lack of automation presents a degree of difficulty for over 60% of firms surveyed at the end of 2017 (Figure 7), which is an issue that is frequently echoed in compliance studies and interviews—and unfortunately appears to be increasing in difficulty. Automation in trade surveillance means the immediate detection and flagging of unusual trading patterns as well as the ability to calculate statistics from trading data, which can then be used for comparative purposes and trade analytics. Likewise, automation in e- communications surveillance applies the same principles, but with a higher degree of challenge considering the unstructured nature of the data sources. If done manually, it can entail heavy workloads and potential loss of oversight of the process and delays in detection. Automation is a minimum requirement for trade surveillance employees in the data-intensive compliance landscape.

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

LEVERAGING SOLUTIONS: INTEGRATION AND COMMUNICATIONS SURVEILLANCE

Traditionally, trade surveillance practices have included the monitoring of an array of behavioral aspects, such as logins, timings, trading volume, and access, in a siloed manner using rules and manual auditing of flagged events. Ultimately, this reactive model is not enough to identify intent in the engagement and to proactively stop market abuse or minimize its occurrence— which is the regulators’ ultimate goal. Plus, if the rules definitions are not refined enough, people in charge may easily get swamped by false positives.

THE MISSING LINK: THE IMPORTANCE OF E- COMMUNICATIONS MONITORING Some of the most dangerous behaviors conducted via e-communication are market abuse, insider trading, and use of inappropriate language—all of which can result in regulatory sanctions or other legal action; if the offense is serious enough or involves large sums of money, the consequences can include heavy fines, severe reputational damage, or even cessation of operations.

Under MiFID II, firms are required to record communications throughout the entire trade life cycle, regardless of the execution method for client orders and whether the execution actually happens. The purpose is not only to identify engagement in criminal activities but also to establish the intention of doing so. In the United States and Europe, enforcement of market abuse, insider trading, and corruption cases can hinge on the ability to show intent of wrongdoing as opposed to an innocent mistake.

The next logical step has been the addition of communications into the data mix to understand trading behaviors and to identify intent. Natural language processing techniques fit well in the toolbox of communications analytics due to the technology’s ability to interpret not just text but also further depth, such as ambiguity, emotions, or sentiment. In some solutions, these techniques can also be applied directly to audio recordings in addition to or instead of textual transcript analysis. If properly done, combining both structured and communications data should enrich the depth of the alerts, reducing the number of false positives and giving further insight into a potential case of criminal behaviors.

FILLING THE TECHNOLOGY GAP Despite the recent attention to e-communications monitoring, many firms lack the ability to integrate e-communication surveillance with other alert systems. While many firms employ some form of systematic e-communication surveillance, approximately half of firms interviewed and surveyed by Aite Group during the past two years are still processing e-communications alerts independently of their trade surveillance platforms; moreover, firms employing stand- alone e-communications monitoring systems are much more likely to still be using rudimentary techniques, such as manual review of lexicon-based alerts. While some firms have progressed to

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018 more sophisticated alert generation and automated processing, relatively few firms are set up to integrate e-commerce reviews and related alerts with their master trade surveillance platform and review process. The lack of development in this area can be read as an opportunity for future improvement, however; recent studies indicate that the majority of firms acknowledge the challenges they face in their e-communications monitoring workflow (Figure 8).

Figure 8: Respondent Firms’ E-Communications Monitoring Models

Q. To what extent are these areas of compliance facing workflow challenges? (n=105) Cybersecurity 13% 23% 50% 10% 5%

Trade surveillance 7% 17% 37% 27% 12% E-communications 6% 13% 41% 25% 15% surveillance Trade supervision 5% 18% 31% 31% 15%

AML 9% 40% 43% 6%

Regulatory alerts 20% 51% 27%

Noncompliance issue tracking 11% 44% 37% 6%

KYC requirements 10% 41% 44% 4%

Employee trade compliance 6% 37% 51% 4%

Extremely Very Somewhat Not challenging Don't know/ challenging challenging challenging at all not applicable

Source: Aite Group survey of 120 capital markets firms, Q4 2017

This dependence on legacy surveillance ecosystems results in a significant shortfall from the level of holistic integration required for efficient and proactive compliance. Even more disturbing, over one-third of respondent firms use neither a stand-alone model nor an integrated review. In consideration of the high levels of automation reportedly used in firms’ overall trade surveillance processes, these generally low levels of development with e- communications surveillance technology reveal a significant weak spot—one that should be addressed sooner rather than later.

Ironically, the e-communications technology weak link holds particularly true among buy-side respondents, in which over half of firms studied persist in employing a stand-alone e- communications review model. A top fear of buy-side compliance officers has always been the danger of insider trading—a violation that can shut down even a top asset manager if the infraction is severe enough. As communications surveillance is one of the most important tools—if not the most important tool—in detecting insider trading intentions, many buy-side firms are in dire need of an overhaul in the e-communications surveillance department. In the near future, it is likely that many buy-side firms will be replacing their outdated e- communications review systems with an updated and (hopefully) integrated approach.

The move toward preventive surveillance has the potential to shift the attention away from rote alert monitoring and toward human-centric, or individualistic, surveillance. By profiling individual employees in various ways, with the support of extensive data sources to establish

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018 behavioral analytics practices, financial institutions would have the insights to better understand participants, risk-taking behaviors, and the ulterior motives behind certain actions. By leveraging these advanced capabilities in the marketplace (i.e., natural language processing and behavioral analysis algorithms), engagement in illegal trading activities could be more easily identified and predicted. Perhaps the most important impact of these upgraded technological capabilities is on intent detection; in this functionality, factors such as communication content and meaning, motivations, and trading data can be combined to flag intent. When integrated with the overall trade surveillance architecture, a fortified e-communications surveillance system will have a marked effect on the firm’s success and efficiency in the trade monitoring arena.

THE NEXT GENERATION: INDIVIDUALISTIC SURVEILLANCE These developments in e-communications monitoring carry several key implications for the overall trade surveillance landscape. Alert-centric surveillance is shifting toward proactive, employee-focused compliance. Profiling employees with the support of extensive data sources and data analysis techniques, financial institutions would be able to establish behavioral analytics practices. The importance of this comes from understanding market participants, risk- taking behaviors, and intentions in actions. In addition, by quantifying a set of employee information, the financial institution would be able to aggregate employee information to look holistically at firm-wide employee risk, establish best practices, and analyze behaviors across departments or teams. Overall, surveillance would move from a box-ticking exercise to an effort to gain intuitive insights of the organization.

The positioning of human-centric approaches is something surveillance leaders continue to investigate and evaluate. From a technological standpoint, this approach poses the challenge of integration and holistic coverage, as multiple data sources might be required to develop a comprehensive profile of the employee. Next-generation technology, such as artificial intelligence (AI)-based tools, may be the key to improving the quality of the insights even more, but technology stacks still need to mature before AI can be fully implemented. However, several components of surveillance technology have flirted with the AI space for several years in the forms of dynamically adjusting parameters and algos, machine learning from historical analysis, and natural language processing tools. With each step toward more advanced technology, the trade surveillance world moves closer to normalizing AI-related components.

Of course, with technology advancements come questions of privacy and boundaries. Those wary of rapid new technology implementation might raise questions regarding how the data collected from employee activities and communications is used in the internal governance and enforcement of compliance policies. Profiling riskier employees and providing scores as a way to prevent malicious behavior and detect intention is undoubtedly useful in the name of protecting the firm—and the employees themselves. However, there is often a murky border between preventive surveillance and privacy invasion. To address these concerns and maintain an acceptable balance between effective monitoring and full-on spying, firms will need to carefully consider updated policies and procedures to complement advanced technology implementation.

Overall, if applied correctly, technology should enable compliance teams to focus on their core day-to-day responsibilities while reducing the amount of data necessitating processing and

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018 analysis. AI and AI-related solutions are additive tools that enable better management of surveillance data, from collecting to sifting to analyzing, and thus facilitate better decision- making on the part of the compliance officer. The addition of context and information on which to base governance and enforcement decisions should allow senior compliance team members to move away from a never-ending list of low-end tasks and toward a more proactive and efficient functional surveillance approach.

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

CONCLUSION

 Firms need to seriously assess their use of technology for surveillance. The diversity, complexity, and volume of manual processes involved in the trade surveillance function, particularly conduct surveillance, are not sustainable in the long term. Identifying breaches is more challenging than ever before, as malicious behaviors are becoming increasingly sophisticated. Without the appropriate tools, urgent tasks are more difficult to differentiate from the day-to-day tasks of a compliance team, and although specialized technology is used in certain areas by some firms, it is not being used to its full potential. In the e-communications space, firms are also behind in adoption, considering the sophistication of the available technology.

 Focus on prevention and identification of intent. The traditional focus on monitoring an array of behavioral aspects, such as logins, timings, trading volume, and access, in a siloed manner using rules and manual auditing of flagged events is under pressure. Ultimately, this reactive model is not enough to identify intent in the engagement and to proactively stop market abuse or minimize its occurrence— which is regulators’ ultimate goal.

 Look at next-generation technology, such as AI-based tools. Natural language processing techniques can provide extra insight to communications analysis by examining potential ambiguity, emotions, or sentiment. If done properly, structured data sets combined with unstructured communications data should enrich the depth of the alerts, consequently reducing the number of false positives and giving further insight to a potential case of criminal behavior.

 The employee should be at the heart of the monitoring process. There is a shift taking place from alert-centric to proactive, human-centric compliance focused on employees. This means that financial institutions would be able to establish behavioral analytics practices and understand market participants’ risk-taking behaviors and intentions. In addition, information can be aggregated to obtain a holistic view of the firm’s employee risk, establish best practices, and analyze behaviors across departments or teams.

 Firms should strive to leverage available technologies while balancing the use of human intelligence. While supporting technologies are key to streamlining effective surveillance alerts, firms should use them in conjunction with expert review. The key to this balance is adoption and integration of systems designed to reduce false positives and improve the effectiveness of the alert process, such as natural language processing and advanced data source integration.

Conduct Surveillance: Intelligence Lies at the Heart of Every Good Defense Strategy Strategy OCTOBER 2018

ABOUT AITE GROUP

Aite Group is a global research and advisory firm delivering comprehensive, actionable advice on business, technology, and regulatory issues and their impact on the financial services industry. With expertise in banking, payments, insurance, wealth management, and the capital markets, we guide financial institutions, technology providers, and consulting firms worldwide. We partner with our clients, revealing their blind spots and delivering insights to make their businesses smarter and stronger. Visit us on the web and connect with us on Twitter and LinkedIn.

AUTHOR INFORMATION Danielle Tierney +1.617.261.2409 [email protected]

CONTACT For more information on research and consulting services, please contact:

Aite Group Sales +1.617.338.6050 [email protected]

For all press and conference inquiries, please contact:

Aite Group PR +1.617.398.5048 [email protected]

For all other inquiries, please contact: [email protected]