The UK Financial Conduct Authority (FCA) has published a ten point checklist for firms to consider ahead of the Consumer Duty coming into force on July 31, 2023. The Consumer Duty is a significant shift in regulatory expectations and will apply to new and existing products and services that are open for sale or renewal.
Recordkeeping Expectations Rise with The Evolution of Supervisory Technology - ‘Suptech’
Regulators around the world already expect firms to have comprehensive policies and procedures for record keeping. That focus is set to increase as not only regulators are investing in technology and revamping their data strategies but also firms are expected to be able to preserve an ever widening range of content including emojis, GIFs, chat, etc. Given the expectations around retrieval and surveillance, the capture and preservation needs to be in the native context to allow, if need be, the content to be retrieved in its original state and surveilled.
Regulatory Conference Roundup - Gaps in Communications Recordkeeping Were a Key Theme on Both Sides of The Pond
Spring 2023 has seen a busy conference season with financial services practitioners getting together to discuss current compliance and security challenges. Theta Lake’s experts presented at multiple forums and locations alongside both regulators and other senior industry figures. From an exceedingly wide-ranging set of agendas with over a thousand attendees, a central thread of the need for complete communications records and oversight was highlighted.
Individual Accountability - Enforcement Gets Personal
What do the chief executive of a US online store, the chief information officer at a UK bank and multiple senior employees at a US bank all have in common? They have all faced individual enforcement action for failing to comply with compliance expectations around the use (or indeed abuse) of technology.
We are excited to be a part of this years, very real, in person (as well as visual) Cisco Live in Las Vegas June 4-8. If you’re not familiar with the event, Cisco Live delivers education and inspiration to technology innovators worldwide through large-scale events, as well as on-demand education. It is the premier destination for Cisco customers and partners to gain knowledge and to build community.
Always On Security: Theta Lake's Alignment with CISA's Emerging Software Cyber Principles
On April 13, the US Cybersecurity and Infrastructure Security Agency (“CISA”) and several other global cybersecurity agencies issued a practical roadmap for technology product design called “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default.” The document provides a clear articulation of CISA’s cybersecurity expectations, which signals a emerging paradigm shift noting that “[m]anufacturers are encouraged to take ownership of improving the security outcomes of their customers.” This transition finds CISA focusing more on software developers as responsible for consumer security as opposed to the governmental or private sector users of these applications.
Bard of The 21st Century: Risks and Opportunities For Generative AI
Generative AI refers to a set of technologies that produce new data based on the information they have been trained on–these applications “generate” new information like text or images based on their training data, hence the “generative” monniker. The most popular uses of generative AI, or “GAI,” have been as part of interactive chat applications like Open AI’s ChatGPT and Google’s Bard, image generating applications like Stable Diffusion, Midjourney, and DALL-E, and code generating systems like Copilot.
More Firms Are Fined for the ‘Widespread and Longstanding’ Use of Unmonitored Communications Channels
The U.S. Securities and Exchange Commission (SEC) and the Commodities Futures Trading Commission (CFTC) have fined three firms, two in the same group for ‘widespread and longstanding’ failures by the firms and their employees to maintain and preserve electronic communications. To settle the SEC charges, both firms acknowledged that their conduct violated recordkeeping provisions and agreed to pay penalties of $15 million and $7.5m, respectively. In related actions, the CFTC brought cases against two firms in the same group for failing to maintain, preserve, or produce records, and failing to diligently supervise matters related to their businesses. The firms were fined $15 million. The CFTC also fined a firm $30 million regarding recordkeeping and supervision failures for the widespread use of unapproved communication methods.
Work Management Is a Part of Modern Communications and Requires Compliance Protection
We’ve been on an innovation roll lately at Theta Lake and it's exciting to announce that we now support Asana, the work management tool used by millions around the world. With this new integration, Theta Lake and Asana joint customers will be able to streamline their workflows, manage tasks more effectively and ensure their compliance needs are met.
The Crypto Winter Is Spotlighting The Use Of Chat
The demise of multiple crypto firms has prompted regulators around the world to undertake in depth investigations into the governance, risk management and compliance arrangements in place at firms such as Binance.