Telecommuting will be one of the lasting legacies of the pandemic. Whether that means workers go fully remote or come in a couple of days a week, no one knows for sure. But it’s safe to say that the era of everyone gathering in an office Monday through Friday is mostly over.
For regulated industries like financial services, work-from-anywhere models present an influx of new compliance challenges. The critical issue: How to maintain controls when people could be scattered across many time zones and are likely to be using a diverse range of new communications tools.
Complicating matters further is the fact that many such tools will be unapproved. Indeed, just as many professionals for years communicated with clients or their peers via text message when they weren’t supposed to, they will use prohibited messaging platforms for the same purpose in the future, if they aren’t already.
How businesses deal with these challenges will be one of the defining stories shaping the RegTech space in the year to come. And, as with many things in wealth management and banking, the determining factor will be resources.
FINDING A NEEDLE IN A HAYSTACK GETS MORE COMPLICATED
Most RIAs and broker-dealers, for instance, don’t have an unlimited budget to expand their compliance capabilities – even as the responsibilities have become more intense. So, they will have to find other ways to cope.
While this task was far from easy when email was the primary form of communication, it was easier. The data was simpler to wade through, limited to a sender, perhaps a few recipients, a subject line and the body.
Now, dozens and dozens of potential platforms exist, some of which are video-based (which presents an entirely new set of issues), while chats on tools like Slack can include 35 participants and last for months.
If in the past spotlighting risk was like trying to find a needle in a haystack, now it’s like trying to find a needle in a cluster of them. Under these circumstances, it’s easy to see how most RIAs and broker-dealers will be strained to create adequate internal controls, whether an individual is in an office, at home, in a coffee shop or even on a beach in Maui.
THE EMERGENCE OF THE CLOUD, AI, and NLP
Meanwhile, with remote work creating more data sets than ever before, large global institutions will also have to expand their compliance perimeter. The difference, of course, is that such firms not only produce infinitely more data but have greater resources at their disposal to manage the potential fallout.
The combination of these factors will accelerate the shift to the cloud. Until recently, some large firms have been hesitant to go in this direction, conscious of the privacy issues involved and reluctant to hand over their data to a third party.
But many of the existing legacy, on-premise systems are neither a sustainable nor effective way to cope with the magnitude of the current challenge. Therefore, expect to more large, institutional businesses to embrace the cloud – a luxury that many other smaller firms with fewer resources will not have.
If this happens, there will be a domino effect, with those same firms eventually adopting artificial intelligence and natural language processing tools. In part, advances in this area within financial services have been limited because it is hard to create accurate models and algorithms without having access to organized data sets – a problem that storing that information in the cloud helps to solve.
Given the number of data sources – spanning everything from Slack to WhatsApp to Reddit to Teams – we are at the point where no human can collect, preserve and monitor those communications without assistance. AI and NLP will step in, create the necessary scale to allow firms to protect themselves, and down the line, provide them with a gold mine of information that, if leveraged correctly, will drive more business opportunities and improve internal processes.
With Gary Gensler at the helm, the SEC has made it clear that digital communications are an area of focus, while FINRA has made similar pronouncements. Not only are the regulators concerned that these tools could fuel unauthorized outside business activities, but they also believe they are ripe with fraud and vulnerable to cybersecurity threats.
Meanwhile, the volume, variety and velocity of these communications will only increase with time as remote work becomes less of a trend and more of the norm. So, the stakes are high, and the different ways firms large and small cope with the new landscape will be one of the defining features of RegTech in 2022.
Brian Cramer is the Chief Executive Officer at Smarsh, which provides digital communications compliance technology to financial services firms.