Surveillance: Readying for the Seismic Shift

To date the overriding priority of surveillance in Financial Institutions has been one of coverage, but a seismic shift is upon us.

Read next: Market Abuse and Conduct Surveillance: Are you drowning in a sea of alerts?

Our financial markets and institutions perform a major role as part of the world’s key global infrastructure and are integral to the successful operation of global and local economies.

But with this influence, comes great responsibility. Regulators, customers, employees and wider society demand that banks and other financial institutions do not allow this global influence to be abused. They demand that financial products and services are not used to facilitate financial crime, that global operations are not exploited by collusive networks to cheat, fix and destabilise markets, and that individual traders are held to account for their actions and prevented from unauthorised activity.

The monitoring and surveillance functions of financial institutions have been working to strengthen control environments, triggered by the prevalence of regulatory fines, evidence of financial crime activity, and, more fundamentally, simply as part of doing the right thing in shaping institutional culture.

To do this effectively requires the constant balancing of multiple priorities – front to back environments don’t stand still. And so must monitoring and surveillance functions continually adapt and evolve. For surveillance, the demand factors are wide and varied, and include internal audit and advisory functions, external regulatory demands, changing regulation, developing and new areas of business and regions of operation, as well as keeping pace across the industry as a whole, not just one’s own institution. Meeting today’s requirements whilst being ready for tomorrow’s!

To date the overriding priority of monitoring and surveillance has been one of coverage – of risks, regions, businesses, staff and customer populations through the deployment of specific controls, often in the form of systems, procedures and people in a data channel or risk silo, as an integral part of the three lines of defence.

There are advantages to this approach, most significantly it being easy to demonstrate coverage of risks across regions, staff and customer populations, business lines, products and data channels, by simply mapping controls against a risk taxonomy. Furthermore, narrowly focused procedures can be operationalised and evidenced, and activities audited. This also makes it easier to offshore to lower cost centres.

But there are significant downsides too. This approach generates huge volumes of systems alerts and requires an army of surveillance officers to process the resulting backlog. This vast sea of false positives is just one issue to be tackled. With each data domain deploying their own coupled ‘stack’ of data, systems, users and processes, and purporting to control the risk, there are also questions around whether this is the most effective way to identify the full risk picture, and whether more insight can be generated, and more efficiently, by a more integrated approach.

There are also limitations to business agility. Siloed solution stacks are inherently tightly coupled and often rely on ‘black box’ technology, making changes hard and costly in an environment that demands frequent change. The lack of transparency within and across these silos limits the ability for the FI to analyse its own data effectively, the barriers between systems effectively reinforcing the siloed approach. Today’s systems and controls solve point problems, and possibly many times over, where a more integrated approach could not only deliver more insight, but enable efficiency savings in both ‘Change The Bank’ (CTB) and ‘Run The Bank’ (RTB) costs.

This approach of implementing a specific system with a set of narrow controls needs to be confined to history.

The pressure is building and a seismic shift in surveillance is upon us.

We've created a hub of information on our intelligence-led approach to risk management and threat mitigation that responds to the exponential growth our clients are seeing in data volumes and regulatory expectations. To talk to us please use the contact us form.