Regulators around the world already expect firms to have comprehensive policies and procedures for record keeping. That focus is set to increase as not only regulators are investing in technology and revamping their data strategies but also firms are expected to be able to preserve an ever widening range of content including emojis, GIFs, chat, etc. Given the expectations around retrieval and surveillance, the capture and preservation needs to be in the native context to allow, if need be, the content to be retrieved in its original state and surveilled.   

Spring 2023 has seen a busy conference season with financial services practitioners getting together to discuss current compliance and security challenges. Theta Lake’s experts presented at multiple forums and locations alongside both regulators and other senior industry figures. From an exceedingly wide-ranging set of agendas with over a thousand attendees, a central thread of the need for complete communications records and oversight was highlighted.

What do the chief executive of a US online store, the chief information officer at a UK bank and multiple senior employees at a US bank all have in common? They have all faced individual enforcement action for failing to comply with compliance expectations around the use (or indeed abuse) of technology. 

We are excited to be a part of this years, very real, in person (as well as visual) Cisco Live in Las Vegas June 4-8. If you’re not familiar with the event, Cisco Live delivers education and inspiration to technology innovators worldwide through large-scale events, as well as on-demand education. It is the premier destination for Cisco customers and partners to gain knowledge and to build community. 

On April 13, the US Cybersecurity and Infrastructure Security Agency (“CISA”) and several other global cybersecurity agencies issued a practical roadmap for technology product design called “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default.” The document provides a clear articulation of CISA’s cybersecurity expectations, which signals a emerging paradigm shift noting that “[m]anufacturers are encouraged to take ownership of improving the security outcomes of their customers.” This transition finds CISA focusing more on software developers as responsible for consumer security as opposed to the governmental or private sector users of these applications.  

Generative AI refers to a set of technologies that produce new data based on the information they have been trained on–these applications “generate” new information like text or images based on their training data, hence the “generative” monniker. The most popular uses of generative AI, or “GAI,” have been as part of interactive chat applications like Open AI’s ChatGPT and Google’s Bard, image generating applications like Stable Diffusion, Midjourney, and DALL-E, and code generating systems like Copilot. 

The U.S. Securities and Exchange Commission (SEC) and the Commodities Futures Trading Commission (CFTC) have fined three firms, two in the same group for ‘widespread and longstanding’ failures by the firms and their employees to maintain and preserve electronic communications. To settle the SEC charges, both firms acknowledged that their conduct violated recordkeeping provisions and agreed to pay penalties of $15 million and $7.5m, respectively. In related actions, the CFTC brought cases against two firms in the same group for failing to maintain, preserve, or produce records, and failing to diligently supervise matters related to their businesses. The firms were fined $15 million. The CFTC also fined a firm $30 million regarding recordkeeping and supervision failures for the widespread use of unapproved communication methods.

We’ve been on an innovation roll lately at Theta Lake and it's exciting to announce that we now support Asana, the work management tool used by millions around the world. With this new integration, Theta Lake and Asana joint customers will be able to streamline their workflows, manage tasks more effectively and ensure their compliance needs are met.

The demise of multiple crypto firms has prompted regulators around the world to undertake in depth investigations into the governance, risk management and compliance arrangements in place at firms such as Binance. 

If you’re following Theta Lake on social media, via our collateral or newswire you may have heard about “Smart Capture” for communication compliance, archiving, and record keeping and wondered, what is this, what does it do, and do I need it? Before we answer these questions and define what we mean by “smart” it's important to understand the roots of compliance capture for communications and the historical context.