Spotting disasters before they happen is the prime directive of compliance officers. But the growing complexity of corporate communication channels makes the compliance officer’s job increasingly difficult.
For example, staff may be moving between fixed-line phones and mobiles to Skype, instant messenger, WhatsApp and Viber. Tracking conversations that flit between multiple channels can be challenging.
And as we know, malefactors don’t blurt out their plans, but rather cover their tracks, using code words and euphemisms.
To cope with these challenges, compliance officers are arming themselves with more powerful tools and sophisticated techniques, including those drawn from the world of electronic disclosure or e-disclosure.
E-disclosure is a legal field that deals with the exchange of documents and information during litigation. An investigation may start with tens of millions of documents and thousands of hours of phone calls, but advanced technologies and e-disclosure processes can filter the document pool down to a manageable subset of relevant materials.
Experts in e-disclosure have spent decades learning to find hidden correlations in conversations. For example, keywords are scored and sorted by relevance, allowing litigators to quickly zero in on vital case information.
“The key is to give compliance officers an integrated view of all information,” says Duncan Gardiner, Epiq’s director of forensic services. “The problem is they often use a variety of tools in isolation. They have something to record and transcribe phone calls, something else to examine e-mails. That approach is unproductive.”
Worse, there is a time lag caused by poor process flow. Typically, compliance officers put in an IT request for a set of documents. These documents are then exported and may be sent to a third party for processing, which adds a security risk. IT then runs a few searches and hands the data back to the compliance team. This process is crude, time-consuming and disjointed.
The solution to this inefficient and risky approach begins with an appraisal of a company’s existing infrastructure. Only then can the right e-disclosure solution be implemented. “There’s no one-size-fits-all black-box approach,” warns Mr Gardiner. “Some companies may already have tools which they aren’t using properly. Others have unique requirements. It is vital that a thorough survey of the landscape is conducted before any conclusions are drawn.”
The goal is to give compliance officers total control of the data, no matter its source. They should be able to pull up e-mails and directly cross-check them with phone transcripts without outsourcing the job to IT. Automated scanning can flag early warning signs of suspicious activity.
With the data at their fingertips, compliance officers can now be vigilant for emerging threats. Mr Gardiner explains how a plot might be detected: “Traders might use codewords to get around a ban on trading in certain equities. ‘Sunny’ means buy, ‘rainy’ means sell. In isolation these words are meaningless. But track them against trades over time and they become red flags.”
When clients work with Epiq, they find the burden on IT is significantly reduced and capital expenditure is kept low
This approach is mainstream in e-disclosure and is only now being adopted by compliance officers. The pressure of the European Union’s Markets in Financial Instruments Directive II and General Data Protection Regulation means compliance officers have no choice but to seek out industry-leading methods.
The track record of companies such as Epiq means the adoption can be done confidently. The world’s top legal and IT teams already know and trust Epiq, and Epiq also works with compliance teams on their budgets and internal stakeholder management to ensure all parties are supportive. When a chief executive realises his e-mails and phone calls will be monitored, trust becomes a crucial consideration. Only a reliable partner will do.
When clients work with Epiq, they find the burden on IT is significantly reduced and capital expenditure is kept low.
“Compliance officers are now expected to detect events before they get out of control,” says Mr Gardiner. “Fortunately, they can draw on tools and processes which have been proven to be effective again and again in the most demanding of arenas. Draw on that expertise and compliance can become incredibly effective.”
For more information go to epiqsystems.co.uk