Regulatory Compliance

Cross-border, multi-channel regulatory compliance through communication archiving.

"...Deutsche Bank’s systems for identifying and recovering recordings of Trader telephone calls and mapping trading books to Traders were inadequate. These failings directly impeded the Authority’s investigation of IBOR misconduct causing significant delays and difficulties to the process..."

Financial Conduct Authority on Deutsche Bank, £226,800,000 penalty for breaching regulations

For many organisations, the sheer volume of regulations with which they must be compliant means that focus can be lost on doing core business.

At the heart of many regulatory compliance mandates is technology and information systems, with legal teams working closely alongside IT teams to ensure that any decisions are sufficient enough to be compliant.

For multinational organisations, there is often a need to be compliant with regulations in multiple jurisdictions, and it is vital for compliance managers to be able to manage their technology at both a macro and micro level.

Some organisations may even be required to comply with regulations from multiple industries.

Why do communications need to be recorded?

Previously, it was optional for financial institutions to record telephone conversations; although most organisations did record fixed line calls, mobile calls were not typically recorded. Since 2009, the Financial Conduct Authority (originally the FSA) has required firms to capture all telephone calls and electronic communications (with mobile calls only being obligatory since 2011). The reason for this was that recorded communications provide evidence for investigations into alleged market abuse, which cannot be obtained through other means, such as a testimony.

Ultimately, by recording a phone conversation, an investigation can be provided with evidence that was captured at the time of any alleged misconduct.

What needs to be recorded?

Fundamentally, the media types that need to be recorded will depend on the jurisdiction and type of organisation, however we can cater for local or global requirements.

In the UK, under FCA regulations, financial organisations are required to capture all communications that relate to receiving client orders and agreeing/arranging transactions. Insurance companies are also required to record communications, as well as any other company linked to them, such as travel companies who provide travel-orientated insurance. 

The types of communications that need to be recorded include mobile and fixed line voice calls, as well as any electronic communication, although this is a very broad area, and also constantly evolving. The FCA specifically define "fax, email, Bloomberg mail, video conferencing, SMS, business to business devices, chat and instant messaging" as mandatory required mediums to record, but they also specify that all other forms of electronic communication are to be captured if they involve orders or transactions. This includes business-related social media communications including Twitter and Facebook.

Regulatory Compliance with Soteria™

Our recording platform, Soteria™, is designed to enable compliance with:

  • BSI BIP 0008 - A Code of Practice on the Legal Admissibility of Information Stored in Electronic Document Management Systems;
  • ISO TR 15801 Electronic imaging - Information stored electronically - Recommendations for trustworthiness and reliability;
  • BSI DISC PD 5000 - An international code of good practice in five parts for electronic documents and transactions as legally admissible evidence;
  • Financial Supervisory Authority (Norway);
  • Financial Conduct Authority (UK);
  • Dodd-Frank Act (USA);
  • MIFID II (EU).

We have been assisting organisations record their communications since 2005, and have some of the most experienced people in the industry helping them to do it. If you need assistance in ensuring that you are compliant in the UK, Europe or the USA, we can help.