Skip to main content
Capture is hard, surveillance is easy
)
It seems pretty clear that the size of the fines levied by US regulators for comms capture failures reflects frustration at the scale of the failure, the seniority of the staff using uncaptured channels and also the fact that banks had policies in place to prohibit much of this communication but the policies were not enforced.
This has led some banks to conclude that the problem is policy enforcement and the impossibility of monitoring unauthorised channels. This is a dangerous reading of the enforcement.
The core message of these huge fines is not that banks are expected to be able to cover all channels. It is that failure to give staff the tools they need to do business in modern markets is almost certain to result in communications via unauthorised channels that are hard or impossible to monitor (and which, in any case, will not be monitored precisely because they are unauthorised).
Policy is neither an effective counter to this nor will the existence of policy, training and attestation allow banks to avoid basic books and record keeping obligations. So simply banning channels won’t work.
More importantly, failure to capture data is seen by regulators as directly undermining their ability to carry out investigations. The recent enforcement is partly as a result of banks being unable to provide regulators with data they requested.
For large banks at least, it is past time to acknowledge that current data capture processes are not fit for purpose. It’s not simply that whole channels are omitted, or that multiple archives exist with data then having to be copied into surveillance systems, it’s that captured data is not recorded in a way that makes it truly useful for monitoring.
As one data capture specialist told 1LoD. “Around 30% of the false positives generated by surveillance systems arise because [trader / counterparty] identity is not captured in a consistent format.” This specialist estimates that if communications and trade data were captured correctly, with a consistent data model and directory services, up to 70% of false positives would disappear.
So, is $200 million in fines and 70% of analysts’ time wasted a good enough reason to bite the bullet on data capture? We shall see. But as one surveillance chief said to 1LoD this week, “Surveillance is the easy bit. There are lots of really good solutions out there to analyse trade and comms data – and we are getting to the point where those datasets can start to be worked on together. It’s the data capture that’s the hard bit.”