Data Privacy and Security

The Renaissance of Compliance

Recent events such as the LIBOR scandal in the UK, the malfeasance of Bernie Madoff and others on Wall Street and mortgage meltdown of a few years ago has the financial services industry (FSI) on the ropes. While these events keep us glued to our newspapers, financial advisors are using social networks in growing numbers to conduct business. In pace with these events, industry watchdogs such as FINRA, as well as the FCA/PRA in the UK, have brought new, stringent guidelines to FSIs.  

The aftermath of this perfect storm is a new day for compliance, and the financial sector would do well to embrace best practices of information governance to rebuild confidence among public and private investors. In doing so the FSI will set a positive example for all companies faced with increased regulation, a growing use of external social networks and the inevitable acts of human error and malfeasance.

In fact, would it not behoove the banks to champion their information governance and compliance standards to build confidence, and differentiate amongst their banking peers to attract and retain business? By leveraging the very best of information governance financial institutions are creating transparency and sending a message that they are capturing, scanning and retaining business records across all communication channels in real time; an important message in keeping employees engaged and compliant.

To achieve best practices of information governance organizations may wish to follow a recent model created by Deloitte. The construct addresses four critical components: structure, oversight and responsibilities, talent and culture, and technology infrastructure. 

Structure: Overall, organizations need to create a governance program that allows for open and consistent dialogue about compliance processes from the top down. The program should have a methodology of reporting and a committee that guides the program#

Oversights & Responsibilities: Outline the roles and responsibilities of the board and management and assign specific accountabilities for day-to-day management

Talent & Culture: A business-wide acceptance and understanding of governance has to be baked into the culture of the organization via leadership and talent training from the top down so that it becomes an accepted way of doing business and not an afterthought

Technology Infrastructure: This component should encompass a defined set of policies and procedures, standards for reporting and communication, and tools that align with internal governance and compliance.

Of all the aforementioned components, the technology infrastructure is the most important, (to my mind at least) as the number of communications channels has increased dramatically in past few years. Fifteen years ago we only had to worry about archiving and managing email records, today we must capture and store electronic messages across a wide range of channels.  Myriads of business records are created on Unified Communications, (MS Lync, Cisco IM and Presence), Enterprise Social Software, (IBM Connections, Jive), Community Networks, (Bloomberg, Bazaarvoice), Public Instant Messaging, (Google Talk, Skype) Social Networks, (Facebook, LinkedIn, Twitter) and more. The need to track conversations as they move from channel to channel in real time is the challenge for IT departments who need to meet the Compliance Officer’s demands. Just as you need one set of policies and rules to underscore your information governance program, you need one technology platform that can achieve complete records management across all communications channels.

To support an organization’s best practices of information governance, IT departments should choose a technology platform that achieves the following:

Keep an eye on your business

Monitor content in real-time so you can mitigate the risk of potential data leaks and the use of inappropriate language. Set policies that scan for, block, and alert on key words, phrases, and full regular expressions – even those within files transferred in IM chats posted to enterprise social software activities

Capture content intelligently

Control exactly how much and what kinds of content you need to capture, including: social conversations, profile updates, community activities, pictures, and even voice and video in context; while including edited and deleted content, which makes auditing and discovery easier and less costly

Search with precision

Your technology platform should make searching for relevant content easier, more efficient, and less costly for legal and compliance teams. Retrieve and audit stored content based on granular searches of keywords, users, networks, and date ranges. Even search your existing email archive for added flexibility

Keep everything safe and sound

Everything it captures should be stored in a centralized, tamper-proof environment to help make it easier to retrieve reliable information when you need it

The changes to business communications have been extraordinary over the past few years and have ushered in a renaissance of compliance. And, if we have learned anything, it’s that we will see more change and challenges. To meet these changes, and successfully mitigate risk, FSIs and enterprise, organizations must develop well thought out information governance policy supported by intelligent, robust technology platform infrastructure.


Scott Whitney is vice president of products at Actiance


« Why US Tech Firms in China Can Breathe Easy… For Now


Apple's iPad Gives Autistic Children a Voice in Canada »
Scott Whitney

Scott Whitney is vice president of products at Actiance

  • Mail

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies


Do you think your smartphone is making you a workaholic?