Surveillance 2021: What Firms Are Doing Today, What’s on the Horizon
Looking back on 2020, it was certainly an unprecedented year, full of roller coaster twists and turns, both on a personal and professional level. COVID-19 and remote work changed the way we approached many things in life.
The rapid, unpredictable changes caught many of our customers by surprise too. For me personally, as the product manager for NICE Actimize’s surveillance platform, I spent a lot of time in 2020 speaking with customers in the financial compliance space who were looking to retool, rebuild and recalibrate their surveillance programs and platforms. Not surprisingly, these conversations cut across all regions, shapes and sizes of firms, including everything from small buy-side firms, to some of the largest wealth management firms in the world, and even top 5 global banks.
Our discussions mostly centered on priorities for the coming six to nine months. Many firms had shelved their multi—year plans and couldn’t look beyond that time horizon given the uncertainty looming in the markets. One thing they all wanted to know was – "What are my peers doing to prepare for the future?"
As I reflect on these conversations now, four key areas stand out. Perhaps these are things your firm should consider as you refine your own surveillance plans for 2021.
- Where do firms stand on Cloud and PaaS adoption?
In past years, compliance and surveillance teams have largely remained cautious in terms of any broad, sweeping adoption of cloud, public cloud in particular. However, early in the pandemic, this trend took a different turn.
As firms were shifting employees to remote work, they needed more agile approaches to remain operational. Additionally by March of 2020, with the pandemic in full effect, stock market volatility was soaring as daily trade volumes increased by over 600% on average. These factors have shifted firms’ mindset around cloud adoption. In fact, at NICE Actimize, we’ve seen cloud surveillance adoption sky-rocket as firms are demanding anywhere access to data, and systems that can easily scale on-demand with spikes in trade volumes. Our numbers have proven this out. For example, among the new clients NICE Actimize onboarded in 2020, 100% were on the cloud, compared to only 63% in 2019.
Additionally with new compliance challenges popping up, there is a growing need to increase agility while being cost effective. These new requirements have led to a parallel increase in adoption of the compliance platform-as-a-service (PaaS). Compliance PaaS allows firms to leverage cloud native applications and services that can be scaled up and down as demands change.
An added benefit of the PaaS approach is that extended data connectivity is included as part of the service. Prior to 2020, our Tier 1 customers always insisted on acquiring, securing, and connecting to surveillance data on their own. In 2020 this changed as many Tier 1 firms started to seek out vendors that included data services (e.g. market data) as part of their offerings. Outsourcing management of this data helps firms reduce their time-to-value and costs, while also easing reconciliation requirements. - Self-Service analytics or off-the-shelf approach?
Surveillance analytics have never been one-size-fits all, and with the world around us changing fast, this is truer than ever. But while larger tier 1 financial firms have the IT bandwidth and budgets to support the development of custom analytics and applications, smaller buy-side and tier 2 firms often have to resort to less adaptable off-the-shelf solutions.
2020 saw a departure from this trend across all buy and sell side firms, regardless of their size. Why? Compliance analysts were demanding greater control, along with the ability to tailor analytics to their firms’ unique business needs. Several customers I spoke with specifically wanted to be able to create new analytic models from scratch (without vendor involvement) and without having to wait for these capabilities to be included in future product roadmaps.
For example, one FX broker-dealer specifically asked for the ability to change a static rule such as, "include trade order size greater than X value" to a dynamic rule like "include trade order size that is 2 standard deviations away from the average trade order per currency." The impetus behind being able to develop custom analytics to this level of granularity is to be able to reduce the false alerts. The bottom line is – firms want to be self-sufficient. They view being self-sufficient as a critical part of being future ready. And this doesn’t just apply to analytics, it applies to business intelligence and reporting as well. - Machine Learning and Natural Language Processing - is now the time?
In years past, Machine learning (ML) has gotten a bad rap for just being ’a buzz word.’ Most compliance officers raise their eyebrows and are skeptical of any solution that claims to use machine learning. The skepticism is understandable as many vendors make big claims about machine learning reducing false positives. But few go on to provide proof and real-life use cases. But with remote work and volumes of conversations increasing, firms are now taking a second look at ML as a way to increase precision detection and generate more meaningful alerts.
One example of ML that customers are adopting in growing numbers is Natural language processing (NLP). NLP is a machine learning-based technology that can automatically extract entities, trades, conversations, etc., from data, in order to understand the context and sentiment behind conversations. For example, In a conversation where people are chatting, an NLP engine can classify the conversation into business or non-business, extract a list of participants, and catch mentions of any company, dates, prices, as well as other financial data points. By putting this data in context, NLP analytics gives compliance officers unique insight into what regulated employees actually said and did, as well as their intent. This approach enables firms to identify suspicious communications with unprecedented accuracy. - What does proactive Conduct Surveillance looks like in 2021?
With more regulated employees now working from home, physical oversight is not as easy for financial services firms, and in many cases, not even possible. Additionally, remote work environments open up the door to more types of conduct risk. At the same time, regulations like the FCA’s SM&CR and Reg BI in the U.S. are putting the focus squarely on conduct and raising the bar on accountability.
In order to tackle this challenge and meet regulators’ expectations of maintaining robust controls, most firms that we’ve spoken with have accelerated their establishment of some form of conduct oversight and surveillance.
Conduct issues can be broad and sweeping. Furthermore, a person’s conduct isn’t defined necessarily by any single thing they do, but by behaviors across multiple criteria and dimensions. While everyone agrees that there is a need to monitor behaviors for misconduct, firms differ on their approach and coverage. For example some firms might want to monitor communications to understand if employees are expressing themselves or acting in an inappropriate manner due to a change in work environment. Firms might also want to monitor for behaviors like workplace gossip, insults, racists or sexists remarks.
Firms that are further along on the conduct surveillance journey have also deployed anomaly detection to identify conduct issues that might not otherwise come to light. Anomaly detection uses machine learning to establish benchmarks of normal behavior, and then compares this behavior to new trends in transactions and alerts to identify anomalies over time.
With the whirlwind of changes in 2020 and new challenges in 2021, firms continue to show incredible resilience as they reinvent and rethink their approaches to surveillance. As the dust settles, I expect we’ll likely continue to see more forward-thinking firms accelerate their plans to adopt new technologies and innovative approaches to surveillance, including the ones I’ve outlined above.