Why surveillance programs will operate more collaboratively and effectively in a post-pandemic environment
by Steve Livermore
Monitoring & Surveillance programs are under intense scrutiny today
A generation from now, when our successors look back at the events of 2020, they will likely identify COVID-19 as the catalyst for profound change in the financial services industry. Our generation has witnessed major changes since the 2008 financial crisis and the subsequent Benchmarks and FX scandals. With each of these has come significant global regulatory enhancements causing institutions to make major financial commitments to improve and upgrade their systems and processes, with varying levels of success.
Despite the PwC Market Abuse Surveillance Survey 2019* showing that 15 participating banks had spent over $730m in the preceding two years, the ongoing levy of fines and remediation programs reinforces that the financial industry has not yet managed to master the design and delivery of fully effective surveillance programs. Many institutions suffer from one or more of the following issues: a lack of mature technology, a lack of understanding around how to best use such technology, a lack of regulatory guidance and/or limited budgets to ensure full compliance, particularly in times when financial institutions’ share prices have suffered.
The Market Abuse Regulations (MAR) has certainly raised the ante for broader and more effective monitoring. In attempting to conform to MAR, banks have been key drivers of determining what measures are most appropriate for meeting their specific obligations. Regulators, however, are certainly showing their teeth where banks are coming up short. Repeated reminders in FCA’s Market Watch 56-58 and 60 have resulted in direct sanctions when not heeded. Any approach to apply ‘out of the box’ rules to surveillance capabilities or ‘peer average parameters’ has been rightly criticised. Banks must design bespoke solutions that address the risks their business models pose.
The industry has widely reported its quick and efficient adaptation to current remote working conditions. This has no doubt been a fantastic achievement, and as the dust settles, it will undoubtedly lead to permanent changes. Barclays CEO Jes Staley recently commented, “Having thousands of bank workers in big, expensive city offices may be a thing of the past.” We may never return to the big city office model. So, as the way people work evolves, surveillance teams must adapt quickly to roll out new processes that mitigate existing and emerging risks.
Surveillance leads are facing significant challenges
Volatility in global markets during March and April 2020 presented surveillance teams with significant challenges. The huge increase in trade flows resulted in rules-based surveillance tools buckling under the pressure. Processing of daily order and trade data was taking longer than the time required for subsequent analysis, with the resulting numbers of generated alerts exceeding 500% of normal levels in some cases. Communications data levels increased dramatically as first-line teams found themselves working from home and needing to use email and chat channels more regularly.
Surveillance teams operating remotely, often across various jurisdictions, created an unprecedented set of difficulties, and decisions had to be made quickly as to how to cope and adapt. Prioritizing reviews, led risk and compliance teams to consider which products, assets, desks, groups and individuals to focus on and which alerts to defer to a later date or even dismiss. Clearly, this is not a viable way to run a compliance program over the long term. This pandemic may be what tips the scale for strategic change across the board.
How COVID-19 may impact existing and future investment strategies for surveillance programs
A year has passed since the PwC Market Abuse Surveillance survey was published. It showed that in addition to the $737m already invested, survey participants were anticipating a further $360m spend over the coming 12-18 months and that over 85% of the respondents confirmed that there “was an appetite for continued investment.” The impact of COVID-19 will no doubt impose pressures on the ability of banks to make those investments, as well as the products and markets they will choose to operate in going forward.
Surveillance teams will need to react to any changes these challenges present and operate strategically to deliver solutions that are fit for purpose and operate as efficiently as possible. Leaders will need to test their operating plans to ensure they are getting the best from their people, their data, their technologies, and their processes. They will need to do so whilst dynamically focusing on the new and evolving risks and ensuring that technologies can be adapted quickly to meet new concerns and any extended regulatory demands.
The recent ‘spike’ in market activity appears to have passed for now and we have returned to more normal levels. With this comes some relief for surveillance teams as they clear backlogs and bring programs back under control. The markets, however, will not stand still. Consider that over the past two years, we have seen huge growth in algorithmic trading volumes with some engines generating many millions of orders each day.
As we sit at the cusp of quantum computing and the potential for the next generation of algorithmic trading, the levels of data flow will only increase and as it does, the threats for surveillance technology not keeping up will also grow.
Surveillance teams must continue to link with their internal colleagues in the front office to identify changes at the earliest stage and work with their technology partners to develop surveillance capabilities that put appropriate controls in place. Further, they must consider whether the volatility caused during this pandemic and the impact on surveillance alerts is manageable if such heightened levels became the norm.
Surveillance programs must combine existing strengths with new solutions to remain relevant
We should not be thwarted by the challenges but, instead, evolve and get smarter in how we perform surveillance. In recent years, many banks have been developing integrated solutions with a focus on conduct and behaviour. Although in production at some banks, holistic monitoring is still in its infancy and the return on investment, both on finances and resources, suggests that other avenues provide a more immediate impact.
Banks may stand behind the successes that have been achieved through remote working and take the opportunity not only to change their operating models in the first line, but to consider a permanent move away from compliance surveillance teams being located in prime city centre offices. Significant savings from the fixed costs associated with physical buildings could be invested in restructuring compliance overall, upgrading technology and establishing fully resourced remote teams.
Utilising existing mature and embedded surveillance capabilities and combining them for a consolidated view across employee activities to identify patterns of risk at an early stage has proven effective but difficult to master. A single case management tool that can interface with all fragmented surveillance technologies is a less expensive alternative to a completely holistic approach and delivers quicker ‘bang for your buck.’ In addition to giving a consolidated view, it allows disparate sections of your surveillance team across different coverage types or regions to identify trends in alerts across topic, individual, and risk. It also presents feedback loops for the underlying surveillance solutions that can be further calibrated and tuned to be more effective and targeted to the specific risks of the Firm.
The revolution being introduced by RegTech firms providing AI and machine learning technology offers the potential for a paradigm shift for monitoring and surveillance teams. Either standalone or in conjunction with the aforementioned integrated model, surveillance can be designed in a dynamic way that supports an ever-changing risk portfolio. Although AI tools have made great progress across many industries, they remain lightly developed within surveillance programs. Most banks have at least undertaken pilots with such providers, but at this stage few are using them as a sole solution across their control framework.
Look to deploy next-generation capabilities, but only where it is right to do so
The results which AI tools can deliver are extraordinary. When they are deployed correctly, these tools allow the surveillance team to create programs that would previously have been out of the scope of traditional methods. Used strategically, they can fill gaps in programs that had previously been too difficult or too expensive to consider addressing. They can also offer different ways to cover existing known risks more efficiently. It must be stressed that AI tools do not offer a ‘plug and play’ solution and require a significant investment upfront to develop. Additionally, since the advent of model governance sitting squarely upon surveillance capabilities, the onus on proving the manner in which alerts are created, puts an extensive responsibility on the sponsor of the capability.
The effort, however, is certainly worth it and the initial investment in time and money delivers its rewards. This includes better quality alerting and the ability to focus on new areas or to surveil in a more effective manner. Furthermore, it empowers surveillance reviewers who can see their own input being better rewarded by directly impacting the ongoing calibration and evolution of the program. It is, therefore, important to acknowledge that AI technology does not directly replace people, who still have a critical role to play in the full process. In addition, acceptance from regulators globally is needed before AI is considered a true accompaniment to existing alerting tools, let alone a replacement.
Of course, there are savings to be made on resourcing, but that has become overdue as surveillance teams have grown rapidly over recent years. In many cases, this growth was needed to handle the large volume of low-quality alerts. This is neither an effective way to run a program nor motivational to a group of highly educated and well-trained individuals.
Strive for quality over quantity at all times and engage with our peers
In each of the surveillance approaches mentioned, there is an ongoing requirement to improve the quality of the alerts. The ‘false positive’ topic receives much attention from Senior Management and is often seen as an indication of inefficient programs. Reducing false positives alone is not a difficult step to take, but retaining the integrity of the program whilst doing so is much more challenging. Far-reaching programs, particularly in electronic communications surveillance, will generate large numbers of alerts. Calibration is essential to keep the program relevant and current and to ensure new risks are appropriately covered. The key aim of performing alert calibration is to improve quality and, by default, to increase the ratio of positive alerts to false hits.
The notion of banks’ Market Conduct Surveillance teams collaborating across the industry with their peers is less mature than with their Anti-Money Laundering colleagues, with industry leaders coming together to regularly share information and lessons learned. We are overdue for a more formal interaction between surveillance leads and we only need to see the impact collaboration has had on AML.
We will manage the impact of COVID-19 and work through the changes it has brought. We will deal with these and the broader set of challenges its impact is likely to have, whilst addressing existing and potential future surveillance capabilities. In order to continue to meet ongoing regulatory demand, the true way to accelerate this progress will be through collaboration.
Conclusion: a once-in-a-generation opportunity to make a real difference
As firms consider future models for their surveillance capabilities after this current pandemic, lessons will be learned from what 2020 has presented. Industry peers and technology partners must work together to accelerate the transition to enhanced surveillance solutions. In doing so they will be best placed to assess current AI offerings and identify the true areas where it is and is not appropriate to use them. Such engagement will win confidence with regulators and help to further validate the use of cognitive capabilities within surveillance.
Failing to take this opportunity will not only be detrimental to individual businesses but will suppress the ability for market participants to control existing and emerging conduct risks in an effective and efficient manner.
There is no downside in being willing to share the lessons of running surveillance programs through times of crisis. Out of the ashes we should aspire to develop best-in-class solutions that will deliver enhanced programs more widely and protect markets and its participants.
About the author: Steve Livermore is an independent management and compliance consultant with over thirty years of financial services regulatory experience. Most recently he spent over 10 years overseeing the design and development of the monitoring and surveillance program at a Tier 1 bank and has direct experience of managing the remediation programs post rogue trader, benchmark, and foreign exchange scandals.