A Busy Summer at the SEC Puts the Focus on Compliance and Advanced Technology
While summer has traditionally meant vacation time, winding down and casual work attire, for some in the capital markets industry, the summer of 2024 didn’t follow that script. The U.S. Securities and Exchange Commission (SEC) stayed busier than ever, defying the laid-back season with a wave of enforcement actions that continues to be felt well into the fall.
On August 14, 2024, the SEC announced charges against 26 broker-dealers, investment advisors and dually registered broker-dealers, resulting in $393 million in fines for record-keeping violations. The cause? The use of unapproved messaging apps for business communications—echoing similar issues that major banks have faced in recent years.
Enforcement Actions Prompt Firms to Consider Changes
The use of WhatsApp and other “off-channel” communication methods have been the focal point of regulatory probes ever since they emerged as fast and convenient ways to communicate during the pandemic lockdown. While they’ve have created quite a stir in the industry, the apps themselves aren’t the root issue. The real problem lies in the widespread use of off-channel communication without proper recordkeeping measures in place to ensure compliance.
Compliance teams have been hard at work righting past wrongs, but there is still more to do:
- For starters, compliance teams need the right tools to keep pace with rapid technological changes. As the number of communication channels and modalities that regulated employees use continues to expand, legacy tools for capturing and storing data are becoming obsolete. Compliance professionals require solutions that not only safeguard the firm’s reputation and mitigate fines, but also enhance the overall surveillance process.
- Firms must develop clear policies and procedures for managing digital records. Compliance teams are responsible for keeping up with regulatory requirements and incorporating any new rules into company policies and procedures. These policies must be regularly updated to reflect changes in record retention and destruction, especially as newer forms of digital data continue to emerge.
- Disparate platforms for record-keeping and other compliance silos need a unified solution. Data often comes from multiple sources in many different formats and is used in several departments throughout the firm for a wide range of functions throughout the entire trade life cycle. Modern business requirements include a centralized system that can store and manage hundreds of enterprise data types in a single, standardized format and location.
- Once data is centralized, advanced technology can be fully leveraged. Compliance teams can then take the next steps to create more effective and accurate risk-detection solutions, such as smarter communications and trade-surveillance tools. The use of generative AI (gen AI), machine learning (ML) and natural language processing (NLP) will help staff enhance their workflows and eliminate many error-prone manual tasks.
- Finally, firms should seek out solutions from vendors with deep expertise in compliance technology who offer end-to-end solutions for capturing, archiving and surveilling communications across all new and emerging modalities. Partnering with a vendor that understands the complexities of regulatory requirements, data management and emerging technologies ensures that the solutions provided are both robust and adaptable. Expertise in this space is crucial to deploying systems that can keep up with evolving regulations, scale with growing data needs and offer the advanced tools—like gen AI and ML— that compliance teams rely on for risk mitigation and operational efficiency. In-house builds are increasingly rare for good reason.
How Does Gen AI/ML Enter the Picture?
Advanced technology will transform the future of compliance by addressing some of these key challenges. Compliance officers at both buy-side and sell-side firms are investing in more effective tools to manage and understand vast datasets, allowing them to identify potential issues before they arise.
Data normalization is a key area where the influence of advanced technology can help humans make better and more timely decisions. With data coming from both internal (e.g., employee data) and external (e.g., client and market data) sources, the process of aggregating and standardizing can be daunting. Integrated surveillance systems that combine audio and electronic communications (aComms, eComms) and trading data require advanced normalization techniques to efficiently analyze exception alerts and reconstruct activities.
The use of gen AI/NLP can reduce false positives that often drain compliance resources. Advanced technology can be put to work to proactively detect patterns and develop workflows to flag more risky activities. Additionally, gen AI models can be integrated into existing archives to unlock invaluable insights that may otherwise remain unused until an audit. The combination of more comprehensive data and automated processing significantly elevates compliance practices.
As more firms continue to invest in advanced technology, areas like predictive analytics and document analysis using NLP are becoming increasingly desirable. Predictive tools help forecast behavioral or risk patterns, while NLP allows for rapid document scanning and querying of legal and compliance documents. Gen AI also supports the push toward real-time surveillance by underpinning systems that continuously monitor and analyze sets of data from numerous sources, enabling firms to stay ahead of emerging risks, automatically elevate certain alerts to the right people and dramatically reduce false positives.
Conclusion
While regulatory compliance remains a critical priority for compliance professionals—especially following the SEC’s latest wave of fines—firms are actively investing in ways to improve compliance practices. Key areas of focus include data normalization tools, integration of disparate datasets and leveraging previously overlooked archived data.
As advanced technology like gen AI, ML and NLP are further developed for compliance purposes, we expect to see a reduction in fines, as these innovations will allow compliance teams to automate routine tasks and instead concentrate on high-risk activities. The future of compliance is shifting toward smarter and more proactive risk management, and financial services firms with regulated employees need to ensure they don’t get left behind.
