Firms regulated by the Financial Services Authority (FSA) have typically recorded calls on fixed lines, while mobile calls and texts have been exempt in the past, in part due to the technical complexity involved.
All this has now changed with the introduction of the FSA’s Revised Policy Statement (10/17), which tightens up these requirements. From 14 November 2011, organisations covered by the legislation must record all relevant electronic communications in order to meet their regulatory obligations.
Now that the technical hurdles have been overcome, there are many in the industry who would argue that this is no more than a regulatory endorsement of what should already be considered as good governance or best practice, both in terms of protecting the business and ensuring a good customer experience.
A good example comes in the case of resolving disputes over instructions to carry out financial transactions. In the area of wealth management and private banking, relationship managers can frequently have ‘relevant conversations’ on mobile devices, which can include both the giving of financial advice and taking orders.
Unlike an equivalent fixed line call, until now there has been no regulatory requirement to record these dialogues. As a result, when mistakes are made, such as misinterpreting a customer’s order, the bank cannot adequately defend any claim. This means that they may bear the cost of any error or misunderstanding. Not only does recording protect the business in such a situation in terms of costs and reputational damage but, equally importantly, it improves customer service quality.
Unplanned business disruptions in recent times caused by extreme weather conditions, for example, has also forced providers of financial services to reconsider how to equip their employees to work away for the office. These disruptions have meant that financial institutions are now thinking the previously unthinkable in ensuring business continuity, such as managing transactions away from the trading floor.
To be fully effective, a mobile recording solution must be able to address a number of issues:
- Bearing in mind the highly sensitive nature of most financial data, from a security standpoint the data must always stay in the bank’s environment and not that of the carrier.
- The system must automatically record every interaction all of the time and not rely on the individual agent or trader to activate the recording process.
- The solution should be able to operate in any recording platform and be fully scalable.
- It should be truly global and take account of local regulatory compliance rules at all times.
This requires a true in-line recording solution, one that ensures that the recording platforms sit between the two parties on the call. In short, if the recording does not take place, there should be no call.
In addition, the chosen solution should integrate within the business’s existing fixed line recording platform. By doing this, all mobile and fixed line calls are recorded, stored and retrieved in an exactly similar way, irrespective of the communications channel used.
At the same time, by re-routing all calls and messages via the established corporate infrastructure, this has the additional benefit of minimising the impact on the customer.
From the individual employee’s perspective, it helps drive up productivity, by making enterprise mobility and flexible working a reality. Staff can transact business irrespective of location, in the certain knowledge that all customer mobile communications are secured and fully compliant in exactly the same way as controlled, fixed line environments.
Missing the Deadline
It may be tempting to think that, with a deadline of 14 November 2011, there is plenty of time to install a solution. Yet, this is a trap into which the industry as a whole risks falling if too many companies delay making a start.
Let us take a closer look at what needs to be done to meet the November deadline. First, any best practice organisation will want to allow at least one month’s contingency, to avoid missing the deadline.
Second, those large groups of users that are affected – typically 1,500-2,000 in most of the investment banks, for example – will need to have their devices configured. There will probably need to be a period of user acceptance and perhaps training. Most organisations will want to allow at least one month for this.
Third, most of the available solutions will demand some hardware integration in the customer’s environment, which will also require the ordering of new fixed links and possibly new voice recording platform licenses. Current estimates are that this will take around three months.
This already takes us to June 2011. But before any of this can happen, each organisation will need to factor in the extended process of supplier evaluations, undertake internal budget approval and sign supplier contracts, at the same time hoping that their chosen supplier has sufficient capacity to meet their requirements.
In order to complete a successful deployment in the required timeframe, therefore, it quickly becomes apparent that any regulated organisation that has not already started to act needs to do so very soon – and with some sense of urgency.
Regulation technology is fast gaining currency by transforming how financial institutions can tackle compliance in a swift, comprehensive and less expensive manner.
Many banks around the world, large and small, continue to experience major security failures. Biometric systems such as pay-by-selfie, iris scanners and vein pattern authentication can help.
The implementation date of Europe's revised Markets in Financial Instruments Directive, aka MiFID II, is fast approaching. Yet evidence suggests that awareness about the impact of Brexit on MiFID II is, at best, only patchy and there are some alarming misconceptions.
Despite all the automation and improvements that digital banking has the potential to achieve, customers and their needs still form the very core of the banking sector.