UK regulator fines a trio of brokers almost £5m for failing to have appropriate communications compliance processes in place to fulfil market abuse obligations
At a Glance
The Enforcement Findings
The FCA found that the brokers had failed to properly implement the Market Abuse Regulation (MAR) trade surveillance requirements. This meant there was an increased risk that potentially suspicious trading would go undetected.
Considerations for Communications Compliance
The firms are inter-dealer brokers specializing in broking exchange listed and over-the-counter financial products and related derivative products. The UK regulator considers it is “of fundamental importance to the integrity of the market that brokers have effective market abuse surveillance systems in place.” That effectiveness includes the need for robust communications surveillance. The takeaways include:
Ensure there are no gaps in communications monitoring either in terms of the type of communication or its consistent capture. This may require a comprehensive review of a firm’s approach but in an increasingly unified communications world, communications capture and oversight needs to cover voice, chat, video and mobile messaging and the transition between channels.
Ensure sampling is effective - the growing volumes of communications requires the representative sample sizes to keep pace, which in turn increases the burden on compliance reviewers. Enabling reviewers to focus on the communications identified as having a potentially high risk of market abuse, alongside a sample of all other communications will facilitate the demonstration of a risk based approach and evidence a compliant approach to the required oversight.
Don't delay implementing critical systems - in the final notice it is clear that the inter-dealer brokers were aware of the serious issues with the three firms ability to capture and surveil the relevant communications. A point made in March 2017 when a senior manager stated that the systems were “not currently fully fit for purpose” and that a new automated system would replace the existing one. Even with the recognition that the legacy systems were inadequate the proposed new automated system took almost another 2 years to be fully implemented.
Ensure voice communications tools are effective in the modern workplace. Whilst the FCA has stated that the systems and controls have been enhanced, the solution put in place by BGC/GFI which involved an external consultant and a weekly review of e-communications would need to have been comprehensively reconsidered in the wake of the pandemic. The capacity to capture voice (and other communications) would need to be expressly extended to cover not only the office but also remote and mobile working.
Ensure risk detection is effective. The modern approach to the supervision of voice needs the deployment of AI enabled solutions. Not only will that be far more efficient and effective than searching through transcripts it will also substantially reduce the potential for false positives. The use of AI for risk detection can dramatically reduce the levels of human oversight needed to manually review communications. Word searches are highly manual and technically simplistic – they do not incorporate modern AI-based computing techniques, and therefore cannot account for word lookalikes, soundalikes, or the context of conversations. AI provides clear benefits through its ability to understand risks in context, overcoming the limitations of traditional word searches by considering the wider conversation. Indeed having a smart modern solution to capture and monitor all relevant communications may well mean that firms can bring compliance monitoring back in-house saving the costs of the external consultant whilst having enhanced line of sight to potential risks.
How Theta Lake can Help
Theta Lake’s multi-award winning product suite provides patented compliance and security for modern communications utilizing over 100 frictionless partner integrations that include RingCentral, Webex by Cisco, Microsoft Teams, Slack, Zoom, Movius and more. Here’s some of the ways Theta Lake can help you align with the better practices expected in the FCA enforcement action:
Theta Lake captures and compliantly archives communications including videos, voice, chat, screen share and file transfer from mobile messaging platforms to SMS and WhatsApp to enable compliance with the relevant MAR and other requirements. It also acts as an archive connector, enabling existing archives and data storage to be utilized without disruption.
- AI-enabled automated detection of potential market abuse or other misconduct requiring reporting to the risk committee or regulator. Identified risks are surfaced in an AI-assisted review workflow providing an efficient and effective review process for compliance teams. Theta Lake has more than 85 risk detections which are pre-trained and ready for customer use with customers able to provide feedback and training on the classifiers.
- There’s complete flexibility to set retention periods to suit your needs.
The ability to ensure that all aspects of messaging can be preserved, and a full audit trail provided to supervisors, regulators or prosecutors. For example, chat messages can be viewed in their native format over the entire history of the conversation with full context retained together with in-meeting communications and images, GIFs, emojis or reactions that change meaning and context.
The ability to enforce information barriers across unified communications platforms.
- Theta Lake’s suite is SOC2, Type II audited and maps controls to ISO 27001 so confidential, privileged or sensitive data can be automatically redacted to meet data privacy and other legal obligations.