Regulatory uses for voice analysis - we talk to an expert
Chris Hamblin, Editor, London, 24 May 2019
Transaction monitoring covers not only the things that people at a private bank do but also the things that they say. In this disquisition, Compliance Matters speaks to Nick Child, the head of the product advisory board at Fonetic, the compliance software vendor. The article takes the form of a question-and-answer session.
Q: Can you tell us about yourself and your firm?
A: Although I now work for Fonetic, a Spanish technology company, that’s not my background. For many years, I was a compliance officer at a number of US and European Investment Banks – among our clients were hedge funds, private banks, family companies and pension funds. Fonetic has a history of providing technology solutions across the financial sector for more than ten years, mainly in the Spanish banking community. BBVA and Banco Santander are among our Spanish clients. Fonetic’s primary focus is voice record analytics – these are always the hardest details to track and analyse because they are so different from one another. Even if records are all in English, each conversation is unique due to the different way people speak. ‘Voice,’ as it is called, has been a poor relation in the financial crime detection market. Banks tend to focus on trade records and e-communications which are more readily available and more homogenous.
Q: What does ‘voice’ have to do with transaction monitoring?
A: Transaction monitoring needs to cover not only the things that people do but also the things that people say, especially on the phone and in emails. It has been very difficult in the past to find software to detect wrongdoing in such communications, so compliance department members have had to spend hours listening to tape records, trying to work out what’s being said, getting the speakers of other languages involved when people switch language. It is an absolute nightmare of a task. Fonetic provides technology to deal with all of those issues, and more. One often has to unpick a situation in which a number of different sales people are talking to a client – for example, Fidelity Investments – about a number of different transactions. A conversation can be 90% gibberish and/or gossip. The skill lies in picking out the salient points. It’s always going to be an ex-post process as it is impossible to be proactive about detection; we are always analysing conversations that happened in the past, after the fact. So the software one uses has to be powerful.
Q: I suppose that there is going to be more need for voice analysis when the Senior Managers and Certification Regime is applied to all financial services and every phone conversation always has to be recorded and kept in a vault for six years.
A: Yes, although firms have had the obligation to store conversations for a number of years. The financial crisis and in particular, events at RBS were was the genesis of greater need for surveillance software from a regulatory point of view. In the aftermath of 2008, the former Financial Services Authority found that its existing regulations were insufficiently robust to enable it to take action against senior management for failures to manage. The SM&CR is meant to bridge that gap: amongst other things, it requires clear documentation setting out job descriptions and, importantly, evidence that supervisory duties have been carried out.
Q: So voice analysis is important because it allows the compliance officer to check to see if people are doing their jobs properly, but the other half of it – in the case of a regulatory query – is to detect who knew what.
A: Yes. Managers and compliance officers need to do that. Also, when you listen to clients’ phone conversations regarding transactions, you need to know what they were talking about, what they’re interested in. This is for two reasons: to keep up with your regulatory ‘advice’ obligations to clients and to find out if they are up to no good. It’s a bit of both.
Q: What about traders? Every market-facing private bank has them.
A: Well, there are fewer traders than there used to be. There’s more electronic trading now and more passive trading. However, there are still markets out there that require human intervention. Whenever there are people trading, they need to be careful about how they conduct their activity. Naturally, Traders don’t want to show their hand and reveal themselves. If they can, they want to hide what their intentions are. They may use WhatsApp or other applications to try to ensure that their conversations cannot be tracked. The challenge for management and regulated firms is discerning the legitimate from the inappropriate and criminal. You cannot stop people from doing bad things. You can educate, you can train but you must review. So, you need the ability to monitor what is being said, what is being communicated. That means you have to know what apps people are using, which technology. There are a number of tools used by firms, in addition, some firms have technology on the trading floors that block mobiles, but not all do.
Q: Does the British regulator insist on firms blocking mobiles?
A: I’m not aware of the FCA saying “firms must block mobiles,” but for over 20 years there have been rules about the use of mobiles on trading floors. On many a trading floor there are notices that state “do not use personal mobiles” but actually, at the same time, you see people using mobiles anyway, because people have personal lives, we all use mobile devices incessantly now. So, again, management needs to have the tools to determine what’s valid use and what’s inappropriate. People use everything from recorded lines to unrecorded mobiles and there are technology providers that can capture all of that content, including even WhatsApp. Fonetic can interrogate that data and provide either comfort that nothing untoward has occurred or that worrying conversations have taken place.
Q: How far away are we from algorithms detecting traders using obviously dodgy code language, working out what they are saying, and sending someone to intercept them in the space of a mere two minutes?
A: How far away...I’m not sure you could ever do that. It is always difficult to predict things like that because technology changes so quickly and the language people use is also constantly changing. Firms need software that can work out when people are moving away from using jargon to make things work faster (which is very often the case) to doing it to mask your behaviour or activity. Even then, quite legitimately, if you’re a trader you don’t want people (i.e. competitors) to know everything you're doing.
Q: How does your software work?
A: We have two primary tools: voice data analytics – analysing voice conversations by means of AI-enabled policies that look not only at the words that people have used but also at the context in which they were using them. The second tool is trade reconstruction – marrying up all communications with relevant trading activity. Our software looks at an ‘alerted’ conversation and can automatically retrieve the transactions related to this… at the same time we are able to retrieve every conversation belonging to a trade. This ability to consider the whole context by looking at trades and conversations (chat, voice, email) makes us able to explain why a particular type of trading happened.
We can turn the data around on a t+1 basis. The term that everyone uses in this game is ‘holistic.’ Holistic surveillance uses technology that monitors all trade communications on the trading floor. With this software you can also learn from previous mistakes, which is a regulatory requirement.
Q: In your experience, how much transaction tracking does a compliance department do?
A: It varies, but I would estimate that about 10-15% of a compliance department’s activities relate to transaction tracking or investigations. This is about the same whether it’s a broker-dealer, a private bank, a hedge fund or a fund.
Q: Is voice recording analysis useful during section 166 visits?
A: Section 166 Financial Services and Markets Act (which covers reports that the regulator can demand from ‘skilled persons’) is the regulators’ nuclear option. Let me give you a basic explanation of the operation of s166. The FCA uses it in circumstances where it has determined that a firm’s processes and/or controls are insufficient or inappropriate. In those circumstances, the FCA is able, using s166, to require the firm to appoint an external body (a ‘skilled person’) to carry out an investigation into that area of the firm’s compliance with the FCA’s regulations. The results of that investigation, which the firm has to pay for, then enable the FCA to decide whether it has broken any rules to a significant degree and what fines and penalties to impose.
Voice records, their completeness and the firm’s access to them, could be a part of a s166 investigation. More frequently, firms receive enquiries from regulators, such as the FCA, asking for details of their trading activity and related communications including voice records. These requests can be about trading activity which took place the previous month or some years ago. They may cover just one transaction or a number of transactions in a particular company’s shares over a period of many months. It is an enormous task for a firm to amass that data and then analyse it before it sends it to the regulator to make sure that it is relevant, complete and accurate. It can involve the review of thousands of data points and millions of emails and voice communications. The cost and disruption involved in these exercises is enormous. Unless you have effective software and records management processes, you are at risk of incurring further investigation, as a result of supplying incorrect or incomplete information in response to the regulators request.
The main message that I would send to all managers and compliance officers to understand is that you must employ effective tools in the management of your businesses. This applies throughout the financial sector, whether you are a multi-national investment bank or a small family office or a private bank. You must be able to demonstrate to the regulators that you have complete records, whether those records are trade details, electronic communications or ‘voice.’ In addition, you must be able to show that you oversee those controls effectively and that you are using effective processes to review the content of those records in order to prevent financial criminals from using the firm’s products and systems.
Financial crime is very broadly defined now and includes, amongst other things, market abuse, insider dealing, money laundering and related activity. The penalties are harsh and apply not only to firms but also individuals as well. The FCA will take action against managers who fail to manage. It is therefore vital for compliance officers to be able to show the regulators the tools that they use and they need complete, accurate and relevant data to do that.
* Nick Child can be reached on +44 207 7968655