For some time, financial services firms have encountered challenges in achieving a balance between productivity and regulatory compliance, particularly with regard to drawing the line on whether to adopt cutting-edge collaboration technologies or adhere to strict regulatory mandates, such as retaining and supervising electronic communications. As modern collaboration rapidly evolves to new paradigms of richer media, specifically dynamic whiteboarding content like those from Mural, remaining compliant remains a constant challenge. Research has shown that almost 40 percent of organizations use virtual whiteboard apps with another 32 percent planning to adopt them. Regulated industries, such as financial services, are also adopting these platforms at a rapid rate, yearning to embrace new ways of engaging clients and collaborating internally while striking a balance between innovation and compliance.

In late-2022, the Financial Conduct Authority and Prudential Regulation Authority (the “Regulators”) jointly issued Discussion Paper DP5/22(the “Paper”) soliciting feedback on the use of artificial intelligence and machine learning in financial services. In particular, the Regulators requested information about the potential benefits and risks of AI, regulatory considerations, and the use of standards in the development of AI. Theta Lake submitted a response to the Paper to outline its unique approach to AI and thoughts on appropriate application to compliance together with organizational and security controls.

Data protectionis now more important than ever. Given the new ways of working and communicating there are increasing amounts of personally identifiable information (PII) and personal health information (PHI) data shared across communication platforms and firms are expected to be able to capture and retain safely as well as retrieve and delete personal data. Critical issues that should take center stage in data privacy week.

The last quarter of 2022 saw FINRA continue its focus on communications compliance. Four brokers and a compliance officer faced disciplinary action for a range of breaches of their approach to supervision and an inability to retrieve phone records.

For the key lessons to be learnt together with more detail of the enforcement please click here. 

At a high level the disciplinary actions resulted in censures, a 40 day prohibition, fines totalling over $2m, restitution of nearly $50,000 and wide ranging remedial actions.

Digital Transformation - Evergreen but Transformational

Digital transformation is a concept that has been around for a while, and one you’ve no doubt heard about.  Analysts, consultants and social media pundits love it- as it can be widely ascribed to any number of IT/business initiatives. 

Digital transformation is defined by Salesforce as the process of using digital technologies to create new — or modify existing — business processes, culture, and customer experiences to meet changing business and market requirements. Digital transformation benefits to an organization include the potential to accelerate corporate growth, change and reinvention through new market opportunities. 

UK regulator fines a trio of brokers almost £5m for failing to have appropriate communications compliance processes in place to fulfil market abuse obligations

With the rapid adoption of virtual meeting platforms like Zoom over the past few years, the way we work has been transformed. These platforms are much more than a way to have a discussion and go beyond replacing phone conversations, users can share content, collaborate with people outside of their organization and use chat in-meeting. While the early stages of pandemic adoption were all about enabling workers and maintaining productivity, organizations are beginning to settle in and make streamlined decisions about which platforms to retain and how to secure them. The risk of insider threats and potential data loss, in addition to human error and carelessness can lead to any number of possible bad outcomes- data breaches, loss of intellectual property, and more.

When it comes to dynamic messaging content from collaboration tools like Webex, Zoom, Slack, and Microsoft Teams as well as SMS, mobile messaging, and consumer applications like WhatsApp, the SEC’s updated recordkeeping Rule 17a-4 announced on October 12, 2022 signals a sea change for broker-dealers. The SEC replaced its antiquated “non-erasable, non-rewritable” electronic recordkeeping requirement in place since the late-90s with a technology-neutral approach centered around audit trail data, which provides far greater flexibility in implementation.

At Theta Lake, we welcome the modernization of Rule 17a-4 as it allows our financial services customers to more easily manage archiving controls for SEC-regulated electronic communications records.  In addition, the spirit and letter of the revised Rule aligns with Theta Lake’s modern approach to the capture, retention, and supervision of complex, interactive video, voice, chat, and email conversation data.

As we noted in our 2022 Modern Communications Security and Compliance Report, 97% of firms are using two or more communication tools, so the ability to seamlessly and compliantly capture dynamic data across a range of platforms is key.  With over 100+ platform integrations, Theta Lake enables easy and effective compliance with the SEC’s new recordkeeping requirements.

For customers, the updated Rule 17a-4(f) offers a flexible, audit trail-based option that makes it easier to retain dynamic data from electronic communications to databases and beyond.  The revised Rule 17a-4(f)(2)(i)(A) allows broker-dealers to: