Nearly 40 surveillance professionals, representing various sides of the industry including major banks, consultancies and technology vendors, gathered at The Pierre in New York on October 16 to participate in two consecutive hour-long debates on the most pressing issues surrounding e-communications surveillance and holistic surveillance solutions. The inaugural 1LoD conduct surveillance summit was held in London in July.
“I’d say false positives account for 98– 99% of our e-communications alerts, and so it’s difficult for supervisors in the front line to give their full attention to them,” commented one control professional, voicing familiar and shared worries.
He added that as a consequence of this crushing logistical burden, responsibility for e-comms surveillance at his bank rests within the 2nd line of defence – despite the general acknowledgment in the industry that the 1st line should be accountable for conduct risk.
“Once we get from 99% false positives to a better number, then we can reintroduce samples to the front office. There is a need to keep the front office engaged but until we have the right tools and the right technology in place, we need to rethink what we’re putting in front of supervisors.
Another senior control manager from a global institution agreed that responsibility for surveillance must at the moment sit in the second line, as the first line simply hasn’t got time to deal with the workload, adding wryly: “In the future, I’d be happy with 98% false positives, to be honest. Our false positives are way higher.” The way forward is through better machine learning, he suggested.
But Jonathan Frieder, compliance technology lead for Accenture’s North America regulatory compliance group, stressed that it is absolutely critical that the business function and the technology division at any major bank enjoy a harmonious understanding, with each appreciating the needs of the other. “The technology teams need to be aware what the business objectives are. Without that, you’re just going through the motions, and for them it’s just another technology job,” he said.
Yet, while better tools with enhanced machine learning capability are needed to reduce the false positives, attendees were worried that regulators would be unhappy with any type of black box technology that did not allow full and unmitigated transparency of operation.
One attendee admitted that it was far easier to explain to regulators that his bank had a long list of trigger words in a lexicon-based system, even if they are applied to “meaningless” situations, rather than more opaque machine learning-led systems.
Tim Estes, president and founder of Digital Reasoning, the leading provider of AI tools to financial firms, said: “I know all of you are trying to figure out how to satisfy the regulatory and audit needs but then create enough yield change in terms of lower false positives.”
The secret to creating better communications surveillance tools is to have a “learning loop”, Estes added, so that the professional expertise that is put to use whenever a supervisor examines any item of suspicious email or trade is captured and absorbed within the system. At the moment, this critical knowledge is not stored for future usage.
The urgent need for better tools creates an unusual opportunity for banks to co-operate to share their data and experience, he said. “Can we make the journey from legacy technology to something that adds value?” Estes asked. A representative of a European bank said that in the past, collaboration within the industry had waned as participants lose interest or are sidetracked by other concerns.
However, Frieder stressed that often a superfluity of false positives is the result of poor data input rather than system inadequacies per se. “One of the biggest challenges around e-comms surveillance is the quality of data; in this case, accuracy of transcriptions or a technology capable of deciphering what it ‘hears’. I can tell you there are tools out there now, and others that continue to emerge, that do a better job of transcription, as well as a new breed of tools that use AI and machine learning concepts.”
Further, he added, a combination of different factors, such as budgetary constraints, the lack of the right expertise and, particularly, organisational barriers to decisive action hold banks back from making the right choices. “The organisational model is the biggest impediment. A lot of times, it is the fear of making the wrong decision that leads to inaction or no decision on a tool, as that is seen as the ‘safer’ bet for the organisation,” he said.
Tom Hardin, the lead FBI informant in the Galleon Group insider trading prosecution, recalled in a short address that he conducted many of the conversations surrounding his illegal trades on the office landline, which at the time – over ten years ago – was not recorded.
If he had been forced to buy a burner phone, and thus forced into unambiguously nefarious behaviour, he might have thought twice about continuing, he said, thus underlying the importance of surveillance of communications as a key deterrent to wrongdoing.
Considering holistic surveillance systems, David Hesketh, chief operating officer of regtech firm TradingHub, said the required regulatory support needed for banks to migrate from a rules-based surveillance system to risk-based models is now in place. He added that regulators are happy with new tools that reduce false positives, if they can be shown these tools are not opaque but are explicable and underpinned by sound methodology.
Contributors to this article
Tim Estes, founder and president, Digital Reasoning
David Hesketh, chief operating officer, TradingHub
Jonathan Frieder, compliance technology lead, U.S. regulatory compliance practice, finance & risk practice, Accenture