If you’re following Theta Lake on social media, via our collateral or newswire you may have heard about “Smart Capture” for communication compliance, archiving, and record keeping and wondered, what is this, what does it do, and do I need it? Before we answer these questions and define what we mean by “smart” it's important to understand the roots of compliance capture for communications and the historical context.
With our latest release, Theta Lake is fully supporting Microsoft's Viva Engage platform through capture of content, AI-based detections for risk and policy violations and archiving support. Microsoft Viva Engage (formerly Yammer) is a widely used digital experience platform designed to help employees feel more connected to their work environment, improve collaboration, and increase productivity.
The UK Prudential Regulation Authority has censured a bank for wide-ranging significant regulatory failings between December 2016 and May 2020, which spanned breaches relating to large exposure limits, capital reporting, governance and risk controls and PRA Own Initiative Requirements (OIREQs) and, for the first time, failure to capture and retain WhatsApp messages. The seriousness of the breaches justified a fine of £8,515,000, however, since the bank is in wind-down the PRA imposed a public censure as a warning shot to the industry more broadly.
When is a rocket ship not a rocket ship? When it is cited in a legal casealleging a firm and its control person violated U.S. securities laws by offering for sale to the public certain non-fungible tokens (“NFTs”) without filing the required registration statement with the Securities and Exchange Commission (the “SEC”).
The use of emojis was specifically called out as meaning there was an expectation of profit for the NFT issuance, which was then deemed to be an investment contract (*known as the Howey Test). Although the literal word “profit” was not used in any of the organization's Tweets, the “rocket ship” emoji, “stock chart” emoji, and “money bags” emoji were included and, objectively, mean one thing: a financial return on investment.
With Spring comes the arrival of a long slate of in person events for Theta Lake. Last week we attended Enterprise Connect 23in Orlando, FL, the preeminent event for unified communications users, providers and partners. We had a memorable event meeting many new and familiar faces and made some news of our own at the event. Many of our discussions were variations on “I didn't know Theta Lake supported all of these modalities” and “we have had to turn off UC features for compliance reasons and would like to understand how we can compliantly turn them on”. These are discussions we were glad to have. Here’s a rundown of some of the trends and happenings at this year’s show:
For some time, financial services firms have encountered challenges in achieving a balance between productivity and regulatory compliance, particularly with regard to drawing the line on whether to adopt cutting-edge collaboration technologies or adhere to strict regulatory mandates, such as retaining and supervising electronic communications. As modern collaboration rapidly evolves to new paradigms of richer media, specifically dynamic whiteboarding content like those from Mural, remaining compliant remains a constant challenge. Research has shown that almost 40 percent of organizations use virtual whiteboard apps with another 32 percent planning to adopt them. Regulated industries, such as financial services, are also adopting these platforms at a rapid rate, yearning to embrace new ways of engaging clients and collaborating internally while striking a balance between innovation and compliance.
In late-2022, the Financial Conduct Authority and Prudential Regulation Authority (the “Regulators”) jointly issued Discussion Paper DP5/22(the “Paper”) soliciting feedback on the use of artificial intelligence and machine learning in financial services. In particular, the Regulators requested information about the potential benefits and risks of AI, regulatory considerations, and the use of standards in the development of AI. Theta Lake submitted a response to the Paper to outline its unique approach to AI and thoughts on appropriate application to compliance together with organizational and security controls.
| At a Glance Both the SECand FINRAhave announced their examination priorities for 2023 giving investment advisers and broker dealers important insight into the areas to include in their compliance monitoring plans. For those tasked with maintaining compliance, security and data privacy across an organization’s unified communications there are specific areas to focus on to ensure the continuing deployment and use of platforms meet regulatory expectations, including: |
Data protectionis now more important than ever. Given the new ways of working and communicating there are increasing amounts of personally identifiable information (PII) and personal health information (PHI) data shared across communication platforms and firms are expected to be able to capture and retain safely as well as retrieve and delete personal data. Critical issues that should take center stage in data privacy week.
The last quarter of 2022 saw FINRA continue its focus on communications compliance. Four brokers and a compliance officer faced disciplinary action for a range of breaches of their approach to supervision and an inability to retrieve phone records.
For the key lessons to be learnt together with more detail of the enforcement please click here.
At a high level the disciplinary actions resulted in censures, a 40 day prohibition, fines totalling over $2m, restitution of nearly $50,000 and wide ranging remedial actions.