Last week, SteelEye attended XLoD London 2023, which brought together top global financial institutions and regulators to discuss the future of non-financial risk and control. The event focused on the continually changing landscape of non-financial risks on an enterprise-wide scale with senior leaders in the financial services sector examining the most recent challenges and best practices across the 3 lines of defence.
Throughout 2023, financial firms have found themselves under heightened regulatory scrutiny, facing substantial fines. The Financial Conduct Authority (FCA) has been robust in its enforcement actions, holding companies accountable for compliance lapses and imposing notable financial penalties. In response to this challenging environment, a senior director at the FCA stressed the importance of risk management in maintaining high organizational standards. They cautioned against making hasty decisions about risk due to financial pressure, as this could result in lower operational standards. The director also emphasized the need for a culture of courage that encourages employees to voice their concerns and receive support from their employers. Additionally, they highlighted the importance of creating a diverse, fair, and inclusive work environment as the foundation of a strong organization.
The main takeaway from the speech was that the 3 lines of defence - management control, risk management, and internal audit - should remain separate but collaborate to strengthen the organization against potential threats. The director also underscored that risk culture is fundamental to an organization's core purpose and should not be treated as an afterthought. In conclusion, the director emphasized that companies should not cut corners or compromise essential processes, even in challenging financial times. They reiterated that maintaining high conduct standards is crucial, particularly during difficult periods.
Compliance officers in the financial services sector are currently facing heightened pressures. The 2023 Annual Health Check Report by SteelEye underscores this challenge, revealing a significant 76% increase in compliance expenditures over the past year, highlighting the complexity and the demands associated with regulatory adherence. Despite this surge, experts at XLoD have emphasized that compliance budgets are expected to remain stagnant or even decrease due to economic and political uncertainties. Several panel discussions also highlighted the anticipation of numerous democratic elections in 2024, contributing to the prevailing uncertainty.
This financial constraint poses a significant challenge for compliance officers, who grapple with an increasing workload. The continual evolution of regulations and standards, combined with the increasing volume and complexity of financial transactions, intensifies the demands on compliance officers. Their responsibility extends beyond merely meeting existing compliance standards to proactively adapting to emerging regulatory requirements.
This puts increased pressure on financial firms as they must find ways to enhance operational efficiency, adopt cost-effective technologies, and streamline processes to accommodate the expanding scope of their responsibilities within the constraints of limited budgets.
Following the recent enforcement actions taken by the SEC and CFTC, resulting in substantial fines totaling $549 million imposed on 13 Wall Street firms for utilizing unauthorized messaging platforms such as WhatsApp, iMessage, and Signal, it is imperative for companies to intensify efforts in monitoring and preventing the use of unapproved communication channels. This proactive approach is crucial to safeguard against potential future fines.
Conduct a thorough analysis of all communication channels to identify instances of unauthorized use. This includes scrutinizing both traditional and digital channels to ensure a comprehensive understanding of how information is being disseminated within the organization.
Assemble a diverse team comprising individuals from different age groups. This diverse perspective aids in understanding generational nuances in communication, ensuring that monitoring strategies can detect the various ways different demographic groups interact.
Evaluate and prioritize communication channels based on their potential risk and impact on the organization. This involves gathering information on each channel and assessing the benefits of surveillance, helping organizations allocate resources effectively.
Foster an organizational culture that encourages open and honest dialogue between the first and second lines of defence. Creating an environment where employees feel comfortable reporting and discussing communication concerns is crucial for early detection and prevention.
Senior leaders should demonstrate a commitment to ethical communication practices, reinforcing the importance of compliance. This involves both leading by example and enforcing consequences for non-compliance.
Provide employees with dedicated work phones to streamline official communication. This not only ensures that employees have a sanctioned means of communication but also makes the use of unapproved channels a conscious decision, as the provision of work phones sets clear expectations.
A key concern among firms is how they can motivate staff to use authorized communication channels. Senior leaders strongly emphasized that adherence to these authorized channels should be considered a standard expectation.
In 2023, Artificial Intelligence (AI) emerged as a prominent focal point, earning recognition as the most noteworthy word of the year according to Collins' Dictionary. The integration of AI into our daily lives is growing and the utilization of AI in communication surveillance is on the rise, encompassing transcription, voice analysis, and machine learning. This brings numerous advantages, such as enhanced risk identification, improved accuracy, and greater efficiency in monitoring communication activities. However, there has been apprehension among many firms when implementing AI into surveillance as there is still concern among compliance officers that the introduction of AI in surveillance will replace human roles.
It was emphasized by the experts at XLoD that AI is viewed as a complementary tool that enhances the capabilities of compliance officers rather than a replacement. The senior compliance leaders highlighted the importance of maintaining a balance between AI capabilities and human expertise. While AI brings efficiency and scalability to the surveillance process, human intervention remains a critical component in ensuring nuanced judgment, contextual understanding, and the ability to navigate complex situations that may arise in the realm of compliance.
Senior leaders underscored that despite the positive impact AI is beginning to have on surveillance, we are currently in a transitional phase where complete reliance on AI remains unrealistic due to high false positives and low accuracy of predictive scoring. However, the panel believed that in the next 2-4 years AI will have a transformative effect on the industry and we will be able to fully rely on AI in surveillance.
These are SteelEye's key takeaways from XLod London 2023:
An AI-driven tool Designed for today's compliance challenges. Contact our compliance experts to see how Compliance CoPilot enables the automation of surveillance processes and reduces compliance fatigue at your firm.
About
LOCATIONS
United Kingdom - 5th Floor, 55 Strand, London, WC2N 5LR
United States - 600 Fifth Avenue, New York, NY 10020
Singapore - 600 North Bridge Road #23-01 Parkview Square Singapore 188778
Portugal - Av. da Liberdade 747 1ºD, 4710-251 Braga
India - No. 613, 12th Main, HAL 2nd Stage, Bangalore - 560008
STEELEYE LIMITED, A COMPANY REGISTERED IN ENGLAND AND WALES WITH COMPANY NUMBER: 10581067, VAT NUMBER: 260818307 AND REGISTERED ADDRESS AT 55 STRAND, LONDON, WC2N 5LR.