10:00 AM
Julio Gómez
Julio Gómez
Connect Directly

Next-Generation E-Communications Surveillance Starts Now

Monitoring every single email, voice call, text, or chat for compliance is a daunting challenge, but analytics technology is improving.

You have to read every single policy. You have to read every single email that comes in and goes out of your business. You have to follow every single chat session that every single employee opens. And you have to correlate them all to find patterns that indicate risks and violations.

Now, that’s a regulatory burden for you. Oh, and the new rules go into effect December 1.

Whether you are the head of a desk and carry supervisory responsibilities, the CCO that needs to make sure that compliance happens across the entire firm, or the IT executive who has to build a smart way to deal with this problem, the task at hand seems an impossible one. The fact is that firms are doing what they can to appear to comply, and regulators are doing what they can to help guide firms. But the complete solution is going to require advanced analytic technology that can handle words, sentiment, entities, relationships, and multisource behavioral profiling. Cave-man tools won’t fix this space-age problem.

There are three levels of e-communications surveillance that firms are going to deploy over the next year. Only one of them is both strategic and future-proof. Executives have a rare opportunity to reduce cost and complexity, while increasing visibility and accountability. How? By leveraging advanced text analytics that can look across information sources and types. Let’s look at the three stages of building a next-generation e-communications surveillance solution.

Level 1: Lexicon-based reviews
Most firms today have rudimentary systems that will do simple character matching against bodies of text found in emails and chat transcripts, looking for indicators of violations, such as words (“call me later”) or phrases (“heat tickets”). In the 1960’s Regular Expressions System became popular and is still used today to do “character matching,” but that really should be “Level 0” surveillance.

These systems are helping with compliance, and many firms rely on them considerably today. This is because back in 2007, when FINRA issued its guidance on surveillance compliance, advanced text analytics was only used in the realm of computer science academia. What firms are using now is essentially a cluster-bomb way to catch everything that is suspect. In other words, it identifies a bunch of text that shouldn’t be suspect (creating false positives), in the same way a cluster bomb damages everything it comes near. The problem is there is a vast amount of benign communication being caught in the net, along with the potentially problematic ones. That’s where it gets expensive. That’s where Level 2 surveillance comes in.

Level 2: Advanced text analytics
Level 2 of a next-generation e-communications surveillance solution requires intelligence to be added to the screening process with the goal of reducing “false positives.” The system needs to do more than match characters. To gain a higher confidence rating on matches, the system must be capable of understanding that certain concepts communicated between two certain individuals within a certain geographical area are significant.  That means the system must have advanced text analytics capabilities that support entity extraction (people, places, organizations), key phrase extraction, and neural net for sentiment detection. This is easy to map out but difficult to execute at a high level.

The Level 2 system must also be aware of the context of entities and phrases in relation to each other. The system must have an elegant language to succinctly express and build intelligent and dynamic linguistic traps. This kind of optimization of language analysis is a meaningful increase in the value of the system and will significantly reduce costly manual intervention required to investigate the false positives generated by systems of yesterday. Better, yes -- but good enough? Not by a long shot. The next-generation e-communications solution must support statistical approaches to analyzing the text characteristics that matter most.

Level 3: Statistical analysis
The 250 largest financial firms in the Americas are the ones that truly need to craft a Level 3 system. They have the same requirement as smaller firms: Monitor every single communication and check for policy violations. But the larger firms have such a high volume and complexity of communications and communications platforms that only the most robust technology solution will deliver the desired combination of compliance confidence and cost effectiveness. Some examples of the kinds of statistical approaches supported by the next-generation e-communications solution:

  • Concentration – What are the statistically significant occurrences of communications with regard to counterparties?
  • Volume – Are there significant deviations from the normal volume of communications? Are there new risky linguistic concepts?
  • Profiles – How do the communications vary relative to “peers”?
  • Network – Are new counterparties exposing new risks based on the social network of those counterparties?
  • Predictive analytics – Over 60 percent of fraud is done in collusion. How to find colluding perpetrators with a “more like this” style of behavior analysis?

All this amounts to a high-tech way to evolve surveillance from rudimentary character-matching to screening that is intelligent and risk-aware. Now, if you can connect to a variety of sources (Sharepoint for policies, chat logs from multiple vendors, exchange or other email systems) and give operators the flexibility to create and change parameters, while supporting real-time feed to any system, report, or dashboard, then you have it: the next-generation e-communications surveillance solution. 

And it is in development at several firms today.

Julio Gomez is Industry Strategy Partner for Knowledgent, where he leads efforts to help global financial services enterprises solve their most difficult data problems to power game-changing solutions. Time Magazine listed him among the "Fifty Most Influential People Shaping ... View Full Bio
Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
Greg MacSweeney
Greg MacSweeney,
User Rank: Author
5/30/2014 | 7:26:17 AM
Is there any other way?
I guess financial firms could continue to use existing surveillance processes, but with all of the different types of communications now, that will be quickly become overwhelming.

in addition to the compliance application you outlined, can firms simultaneously use the surveillance technology for analytics on other things? The surveillance technology is collecting so much data and "connecting the dots" between the different forms of communications. Can a firm apply additional analytics to the data to determine other things, such as a trader's performance, best practices, or other things?
Becca L
Becca L,
User Rank: Author
5/30/2014 | 3:54:17 PM
Re: Is there any other way?
Great article, Julio. Excellent points about the tiers of surveillance and what that can mean in detecting risk.

The level 3 communications seem critical to catching the majority of security breaches, let alone internal compliance. Often times someone's "profile" is hacked to send unusually high "volume" of sensitive data out of the "network" - it's important these departments - security and compliance, work closely together to detect unusual behaviors

User Rank: Author
5/31/2014 | 10:55:30 AM
Can small firms tackle surveillance demands?
Very interesting article, Julio, laying out the three levels of surveillance and anlytics needed to examine all levels of communications for policy violations.  While you say the 250 largest financial firms need to implement this type of analysis, how can smaller firms (with the same compliance/risk requirements)  be expected to conduct lexicon or language based analytics? This seems to be a skill set that will be in demand or rather, firms will seek external advisers and consultants to bring the expertise.
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - Elite 8, October 2014
The in-depth profiles of this year's Elite 8 honorees focus on leadership, talent recruitment, big data, analytics, mobile, and more.
Stressed Out by Compliance, Reputational Damage & Fines?
Stressed Out by Compliance, Reputational Damage & Fines?
Financial services executives are living in a "regulatory pressure cooker." Here's how executives are preparing for the new compliance requirements.