White Paper- Multimedia Recording & Legislation - Insightful Technology

White Paper- Multimedia Recording & Legislation

Private and confidential.

© Insightful Technology 2016. All rights reserved.

White Paper- Multimedia Recording & Legislation Executive Summary The volume of business data that regulated companies are obliged to manage is staggering, and continuing to grow, with businesses facing an increasing number of operational, legal and compliance-based obligations. Privacy is the overriding concern for most companies, especially data-rich organisations such as financial services firms and healthcare providers. Those in the Financial Services sector are struggling to meet a broad range of trade-related investigatory demands. No longer just a regulatory or legal initiative, the ability to quickly and accurately reconstruct trade records and events is an essential requirement, particularly for multiple segments of financial services firms, including risk departments and operations. Efficient and comprehensive trade investigation involves gathering data, including any pre- and post-trade related communication, that has been generated using multiple platforms, specifically electronic modes such as voice, emails, instant messages, Bloomberg communication, files, and trade records and events. The purpose of this white paper is to highlight the necessary legislations from the regulatory bodies, regarding the recording of all communication between firms that work with transactions and sensitive data that requires monitoring.

Regulations In light of the 2008 global financial crisis, the Markets in Financial Instruments Directive (“MiFID”) was implemented on the 1st November 2007, as part of the European Single Market Program to reduce volatility and potential conflicts of interest between financial advisers. This legislation affects investment intermediaries that provide services to clients relating to shares, bonds, units in collective investment schemes and financial instruments. Due to the vastly growing complexity of technology and financial innovation, a revision to the MiFID II proposal was introduced in April 2014, in order to improve investor protection, increase market resilience, and reduce systematic risks of the transparency governing financial markets. It is estimated that there are now as many mobile phones in the world as there are people, with over 7 billion devices believed to be in use. This level of global domination has taken fewer than 20 years to occur and the growth is yet to slow down. Indeed, mobile phones are at the heart of the majority of businesses and the mandatory requirement for high-risk organisations to capture, index, archive and restore all phone activity is far-reaching. One of the planned requirements under MiFID II is to record all electronic communications, involving transactions that relate to the execution of clients’ orders, or conversations intended to result in an exchange of transaction. This will include telephone conversations, face-to-face meetings and all forms of messaging. Not all firms are affected by the revised MiFID II regulation, however many of them (including retail, financial advisers, insurance brokers, solicitors and loan companies) are using mobile voice recording software to support and provide evidence of advice they have offered. The risk of market abuse by corporate finance groups is deemed higher than other sectors as they have access to sensitive trading information.


The introduction of this legislation therefore protects consumers from any disputes between a client and a firm’s provision of service increasing transparency. Records of all data need to be kept for at least 5 years, depending on the country and their retention policies, and firms are also expected to respond to any client requests regarding copies of tapes.

Who does this consultation affect? According to FCA, the aforementioned consultation affects a wide range of firms, particularly: • Investment banks • Interdealer brokers • Firms engaging in algorithmic and high frequency trading • Trading venues including RMs, MTFs, and prospective OTFs • Prospective DRSPs • Investment managers The significant changes proposed in MiFID II are: • Commodity Derivatives • High frequency trading • Organisational requirements • Transparency • Market structure • Trade reporting • Transaction reporting

Regulations MIFID II (EU) Dodd-Frank Financial – A reform legislation that has set a new trade reconstruction requirement, stating swap dealers must generate a thorough reconstruction of a trade within 72 hours. BSI BIP 0008 - A Code of Practice concerning the Legal Admissibility of information stored in electronic document management systems. ISO TR 15801 - Electronic imaging - Information stored electronically. Covers the implementation and management of systems for storing digital data by ensuring the trustworthiness, integrity, reliability is maintained throughout the start to end of a system life cycle. BSI DISC PD 5000 - An international code of good practice for electronic documents and e-commerce transactions as legally admissible evidence; presented in five parts. Data Protection Act- 8 enforceable principles for personal data held by organisations. Freedom of Information Act- Public bodies/government agencies have to release details upon request of information they hold. Regulatory & Investigative Powers Act (RIPA)- Allows the Police to intercept emails and calls, and conduct forensic analysis of historic emails. Human Rights Act- Protects the rights of the individual to privacy. The employment Tribunal- Employer protection Court Action- Providing evidence in case


Timeline of significant cases In the past many global banks have been heavily fined for the misuse of conduct.

June 2012 On 27 June 2012, a major retail bank was fined $200m by the Commodity Futures Trading Commission, $160m by the United States Department of Justice and £59.5m by the Financial Conduct Authority.

Total fine

$450m

Total fine

February 2013 On 6 February 2013 the UK's Financial Conduct Authority issued a major UK bank with a fine of £87.5m. RBS also received a fine of $450m from US regulators and the US

Total fine

December 2012 19 December 2012, a global investment bank agreed to pay $1.2bn to the US Department of Justice and the Commodity Futures Trading Commission, £160m to the UK Financial Conduct Authority and CHF 60m to the Swiss Financial Market Supervisory Authority.

$570m

November 2014 On 12 November 2014 a UK high street bank agreed to pay £217m to the FCA and $290m to the US Commodity Futures Trading Commission over Foreign Exchange Market rigging.

Total fine

2009-2013

$1.5bn

$640m

According to the CCP Research Foundation, a global investment bank incurred costs for legal issues of £35bn between 2009 and 2013.

Total expense $54bn

As the consequences of breaking the regulations have increased dramatically, current systems for identifying and recovering recordings of trader telephone calls, and mapping trading books to Traders, were proved to be inadequate. TM

Solution- Soteria

Recording Platform

The SoteriaTM recording platform utilises clients’ data and securely captures, analyses and stores all business communications in real time, regardless of the source. This ensures customers are globally compliant while also helping to drive enterprise agility.

Regulatory Compliance For many companies, the sheer volume of regulations with which they must be compliant means that focus can be lost on doing core business. Technology and information systems are at the heart of many regulatory compliance mandates, with legal and IT teams working closely together to ensure any decisions are sufficient to be compliant.


For multinational organisations, there is often a need to be compliant with regulations in multiple jurisdictions, and it is vital for compliance managers to be able to manage their technology at both a macro and micro level. Some organisations may even be required to comply with regulations from multiple industries. TM

Features of Soteria Case Reconstruction

A case reconstruction enables the immediate search and retrieval of specific files and related communications, creating a complete dialogue history that complies with regulatory needs. Should compliance officers need to respond to an investigation, the capturing and archiving of all communications is vital. They may be faced with a request where communication records need to be provided within a specific timeframe; Soteria TM produces a case reconstruction within 24 hours.

Pro Active Alarms & Alerts SoteriaTM software allows compliance officers to set up keyword notifications, enabling them to react immediately when such keywords are mentioned in an electronic mode of communication, including voice calls. With so much data to record and capture, compliance officers can stay abreast of crucial developments as they happen, saving a significant amount of time. Administrators can set up as many keyword alerts as they like and can also choose where the alert is sent, e.g. ‘Bank of England’ can be set up as one of the alerts and when a communication exchange takes place quoting the ‘Bank of England an alert will be triggered and the communication will be sent to the compliance officer notifying them. The beauty of this technology is that it works in real-time, meaning that when a critical communication is received, it can be investigated and acted upon as soon as required.

Social Media Feed Recording The way in which people communicate has evolved over the last decade and emailing is now only one of the electronic channels that can be used to conduct business-related conversation. Indeed, it is estimated that one fifth of the world’s population have, at some stage, interacted via Facebook and, as a result, social media use must now be tracked and recorded as part of electronic communications regulations. Such regulations were introduced to capture voice calls and electronic communications (including social media correspondence) within the financial services industry, to enable full and accurate investigations into market abuse. While many social media interactions are likely to be of a personal nature, it is becoming more common for people to communicate about business-related matters through private social media accounts; these must also therefore be tracked and recorded to ensure regulatory compliance. Although many organisations permit the use of Twitter and LinkedIn at work via computers, tablets or mobile phones, only a fraction of these have the ability to archive such communication channels, even if they have a usage policy in place.

Mobile & Fixed Voice Recording In order to remain compliant with both local and international regulations, companies must therefore ensure that their mobile recording solution captures all calls and texts in an identical manner.


Through SoteriaTM, all calls are recorded and archived without reducing the quality of the call itself, or introducing delays between dialing and connection. Depending on the jurisdiction, there may also be requirements to deliver evidence relating to a case within a particular timeframe. It is imperative that the case reconstruction is conducted and presented within this allotted time to avoid heavy fines.

Secure Cloud Storage SoteriaTM provides a secure cloud-based storage solution, for any data type, architected to provide high levels of resilience and data integrity, and ensure data is available wherever and whenever required. Data can also be stored in multiple formats, from many different sources, and is fully searchable and retrievable.

Search & Locate SoteriaTM has a powerful search function within its administration panel, which is supported by call transcription and a full indexing of all communications. With potentially thousands of files, emails, messages and calls to navigate, customers can quickly and effectively search for keywords, knowing that relevant data will be located and presented within seconds

Email Archive & Capture Most business communications are still conducted by email. Whether internal or external, email is still at the epicentre of company correspondence, with billions being sent on a daily basis. For international organisations, online communication is often preferred to voice or traditional mail. It is also now a standard regulatory requirement for many industries including finance, law and pharmaceuticals, to capture, index and archive email communications. Only in the past decade has it been a legal requirement for some organisations to archive and have the ability to retrieve unaltered emails. The laws surrounding email archiving have recently been strengthened to accommodate new business practices. The legislation changes are as follows: • Knowledge of where emails are archived • Ensure archived communications are not altered in any way • Archive all header information, along with email content • Be able to retrieve communications on demand • Be able to meet data requests • Understand which communications are not subject to data requests An organisation’s inability to meet an information request as part of an investigation, within the necessary timeframe, is likely to lead to significant fines and possibly more severe punishments. It is therefore essential for an organisation to be able to capture, index, archive and restore all relevant communications with minimal effort, to avoid incurring significant costs and lost time. SoteriaTM provides organisations with the technology to effortlessly access, manage and present all manner of communications, including emails, in this way.


Soteria Multi Media Record and Store TM

TM

Benefits of Soteria

• Enables businesses to confidently comply with key regulations • Real-time policy management, archiving and data correlation analytics • Both internal and external investigations can be streamlined using SoteriaTM, providing a single point of contact for multimedia recording solutions • Integration with third parties – Pro-behavior analytics, transcribing, phonics fixed cost for on-premise and cloud options • One global view distributed across an enterprise • Active Analytics – Pro-active alarming SoteriaTM technology is currently being used by over 150 of the world’s top tier 1 and 2 global banks, as well as government agencies, legal institutions and pharmaceuticals, to strengthen their risk management strategies. If you are required to record all business-related calls and electronic communications, including social media platforms, request a free demo to find out how SoteriaTM meets regulatory legislations and saves businesses worldwide, time, money and resources.

insightfultechnology.com 020 7283 2090 [email protected] © Insightful Technology 2016. All rights reserved.