The world has gone through a tough time this past year. The Covid-19 pandemic has surely made an impact on businesses as well as the lives of people around the globe. Despite the fact that the coronavirus had stomped the brakes on the wheels of mankind for the first couple of months since its outburst in December 2019, people have now learned to adjust and adapt to the situation for their survival. It is this intellect that has helped us, humans, sustain our existence on this planet for thousands of years.
The previous statement holds true in the case of companies also. If we look to see which companies have survived the pandemic, we can note that the ones that managed to adapt to the changing scenarios of remote working and monitoring survived, and the rest suffered. This shows that adaptability and resilience are still the right tools to overcome a hard-hit situation.
The pandemic has forced financial firms to discard conventional practices and adopt new ways of working. Brokers and traders now routinely work from a remote location; a change that was not anticipated a year ago. Along with the remote working practice new methods of communication were also adopted along the way. Employees in regulated firms were watched over by compliance programs that restricted them from using unmonitored channels of communication. Since the employees are no longer working from their offices, the burden of trade surveillance has thus increased significantly.
The growing affinity for WhatsApp and WeChat
The new modes of communication being used by employees have surged along with an increased volume of transactions to be monitored by financial firms. The use of mobile phones has continued to increase during the pandemic onslaught and regulators have addressed the situation through regulatory notices. Mobile Instant Messaging (IM) applications like WhatsApp and WeChat are being used by employees to send and receive trade-related information. WhatsApp Web, the desktop version of WhatsApp allows employees to have conversations with their clients using their desktop or laptop computers. Features like these offer a hassle-free experience for the user and this is what attracts employees to use mobile chat applications. Although these mobile messaging applications are convenient to use the compliance risks that they pose are multi-faceted.
Before the Covid-19 pandemic had struck the world financial firms had set up surveillance methods to monitor their employees. But as employees are not working from their offices only anymore these methods are no longer sufficient to keep a track of them. WhatsApp trading has become more common in recent times. Brokers and traders find it easier to communicate with their clients using WhatsApp and WeChat. Clients had always required brokers to communicate with them via mobile messaging applications, owing to the ease of communication. Employees in financial firms now send trade-related advice to their clients using WhatsApp and WeChat. In fact, adopting WhatsApp for business communication can be an advantage for financial firms provided that proper surveillance methods are put in place.
TeleMessage provides solutions for regulated financial firms to record mobile text messages and capture voice calls that are compliant with FCA, ESMA, SEC, FINRA, IIROC, HKMA, MAS, etc. The WhatsApp Archiver and WeChat Archiver are secure instant messaging solutions from TeleMessage that provide regulated financial firms with services like WhatsApp recording, WhatsApp archiving, WeChat recording, and WeChat archiving.
Trade surveillance requirements from financial regulators
The work-from-home culture brought some confusion in the beginning as it was not a normal practice in the financial sector. Recently, the FCA reiterated the compliance requirements that they expect from regulated financial firms, and serious consideration was given to trade surveillance. Even though different financial regulators watch over trade-related activities all over the globe, the requirements of trade surveillance by all of them are almost the same, as per the following:
Dodd-Frank Act – The Dodd-Frank Wall Street Reform and Consumer Protection Act (United States of America) of 2010, or better known as the Dodd-Frank Act was introduced in the aftermath of the 2008 financial crisis. This act requires financial firms to record, monitor, and archive data related to trade and communications for preventing any sort of market abuse.
Market Abuse Regulation (MAR) – The MAR in the European Union (EU) also requires financial firms to record, monitor, and archive trade-related information. The information must be captured and monitored, even if the transaction took place or not. The MAR requires firms to analyze all their trade-related data to detect the occurrence of market abuse. In the event of potential market abuse (in the UK), firms must inform the regulator using a STOR report.
Markets in Financial Instruments Directive II (MiFID II) – Article 16(6) of MiFID requires financial firms to record and archive trade-related data, including communications. Proof of conversation must be maintained by the firm for all transactions, even if a transaction did not take place. The firms must also be able to reconstruct the scene of a trade or order, upon a request from the regulator.
Benchmark Regulation – The benchmark regulation in the EU was proposed by the ESMA with an aim to standardize benchmark administrators, who are responsible for ensuring the accuracy and integrity of benchmarks. As per this regulation financial firms who contribute data to benchmarks must provide surveillance to determine the occurrence of a suspicious trade input.
The need for operational resilience
Operational resilience could have been the most discussed topic in almost all companies, and financial firms in particular, over the last couple of months. Operational resilience is the ability of a firm to adapt and adjust to a crisis that can impact the business. Even though financial regulators had authorized relaxations in the initial days of the pandemic, they now expect firms to be compliant irrespective of the type of risk at hand, as regulators believe that firms have had adequate time to update their policies to adapt to the current situation. The consultation paper CP19/32 issued by the FCA in December 2019 requires firms to demonstrate their operation resilience capability . We can expect the new rules to be published soon. These new rules will surely raise the level of compliance complexity, with financial firms certain to feel additional regulatory requirements.
Business Continuity Plan (BCP) is the primary tool that companies look out for, in the event of a crisis. But an opinion poll conducted in a recent webinar showed that 60% of the participants have not reviewed their BCP in the past 6 months, and 30% of the people have not reviewed the BCP within the past year. BCPs must be reviewed at least once a year. Considering the current situation that firms are going through, it is better to review BCPs more frequently as they are the first line of defense during an unprecedented situation.
Operational resilience must not be confused with BCP. Even though they are comparable, the essence of both the ideas is not alike. BCP helps companies to run their business even in a crisis. Operational resilience on the other hand requires much more commitment. Firms must not only continue to run their business but also succeed in meeting the client’s requirements and expectations.
In 2018 the CEO of GAM Investments lost his job due to a 60% decline in the company’s share price. The unfortunate incident took place after GAM announced that their fund manager had used his personal email for business communication, failing to comply with the regulatory requirements. The company was conducting an internal investigation to evaluate its risk management and record-keeping capabilities. The incident shows that poor communication within the organization aggravated the issue, and is an example of the importance of operational resilience in financial firms.
Incorporating technology into the business for ensuring operational resilience cannot alone be an answer for safeguarding the business. A crisis management team that comprises people with the right training is inevitable irrespective of whatever measures have been adopted in the firm. Only a well-equipped and regularly exercised crisis management team can help the firm overcome the struggle with minimal impact. Even though the importance of a crisis management team is known, it is alarming that 62% of the opinion poll respondents admitted that their firms have not put their crisis management team to action within the past 6 months. Crisis management is an important factor that determines the effectiveness of operational resilience in financial firms, and hence it should also be activated at least every 6 months.
Learning lessons from previous experiences is one thing that will help firms survive similar crises in the future. A review of the current measures adopted and their impact on the business will aid the policymakers and top-level management churn out a foolproof plan to run the business around any roadblocks. Despite the fact that the pandemic has put firms in supply-chain difficulties all over the world, it is surprising to see that 53% of respondents in the poll say their firms have not conducted a post-pandemic review to assess the decisions made during the pandemic.
It is high time that firms started focusing on their surveillance capabilities and give importance to operational resilience. Only through these activities can firms ensure regulatory compliance and bring down risks like market abuse and insider trading.
About TeleMessage
TeleMessage captures and retains mobile content, including mobile SMS messages, voice calls, and WeChat and WhatsApp conversations from corporate or BYOD mobile phones to ensure compliance with various data protection regulations. The messages are securely and reliably retained within TeleMessage servers or forwarded to your choice archiving data storage vendor.
Our mobile archiving products securely record content from mobile carriers and mobile devices for various ownership models (BYOD, CYOD, and employer-issued). With our multiple archiving solutions, you can always find the right tools or blend for your requirements:
- Network Archiver
- Enterprise Number Archiver
- Android Archiver
- WhatsApp Archiver
- WeChat Archiver
- Signal Archiver
- Telegram Archiver
TeleMessage offers cross-carrier and international mobile text & calls archiving for corporate and BYOD phones. Visit our website at www.telemessage.com to learn more about our mobile archiving products.
