Recent headlines all point to one unavoidable truth: Compliance officers are facing challenges like they’ve never seen before. New communications channels are on the rise and examiner scrutiny has never been greater. In a recent webinar, Marianna Shafir, Corporate Counsel for Smarsh, joins Gregory Breeze, Principal of Information Government Practice, and Robert Cruz, Managing Director of Information Governance Practice, to discuss the five most common supervisory failures — and to offer practical advice for avoiding these pitfalls.
Top 5 supervisory failures:
- Failure to execute on the fundamentals — “Every month I look at enforcement actions […] and we constantly see firms getting fined for inadequate books and records and inadequate supervision,” states Marianna Shafir, highlighting one example of how firms are lagging on their supervisory fundamentals. Other examples offered by Shafir include failure to properly train employees on supervisory procedures, failing to offer proof of supervisory controls, and storing data in a non-Write Once Read Many (WORM) format.
- Lack of focus on and review of new communications tools — Adoption of new channels is being driven both by client preferences and employee demands. New channels such as social media and IM/collaboration platforms are increasingly used for business communications, yet few firms are devoting enough scrutiny to these new technologies, leaving open a significant source of risk.
- Not treating mobile as a first-class target — Business conversations increasingly take place on mobile devices, which means they deserve the same level of scrutiny as more traditional channels such as email. Remember: It doesn’t matter where the conversation takes place, if it includes business-related content, it’s fair game for examiners.
- Lack of focus on high-risk brokers and activities — While email can be a source of significant risk, many firms continue to focus on it almost exclusively, to the detriment of more dynamic content such as social media and IM/collaboration platforms. Likewise, as we learned in FINRA’s priorities letter earlier this year, regulators now expect “heightened supervision” be applied to high-risk brokers.
- Not embracing advances in technology — The modern communications landscape demands modern supervisory tools yet many firms continue to rely on older solutions. This is a problem as legacy supervision solutions only provide oversight for known risks and do little to protect a firm against the unique risks posed by newer communications channels.
How to enhance supervisory control
Despite the frequency of supervisory failures across the industry, it’s relatively easy to avoid getting into trouble so long as you keep a few key points in mind. First and foremost, you must possess the agility and flexibility to keep up with a changing communications landscape. Policies must be regularly reviewed and updated to steadfastly keep up with the use of multiple communications channels and the volume of data they generate. Regular testing can ensure supervisory gaps are filled, and regular examinations of communications data will help your firm to keep up with the ever-increasing volume of communications data your firm generates.
Second, you must be proactive in your efforts. Risk comes in all shapes and sizes, so you must be prepared to anticipate likely sources, both in current communications channels and in the ever-evolving applications that pop up every month.
Finally, there’s no such thing as too much training. Your employees only know your organization’s policies as well as they’ve been trained to. With workplace communications changing so rapidly, it’s imperative that you train and retrain employees to ensure they’re staying inside the boundaries in their electronic communications.
How Smarsh can help
The Connected Suite from Smarsh offers a unified platform capable of supporting current and future workloads. With highly-defensible capture capabilities for more than 80 different communications channels your firm can easily identify and track conversations across multiple channels. Unlike other solutions that flatten dynamic content into an email, the Connected Suite maintains full conversational context, eliminating the possibility of ignoring risk due to mistranslation.
For more on how the Connected Suite can help protect your firm from risk, watch the on-demand webinar.
A global client base, including the top 10 banks in the United States and the largest banks in Europe, Canada and Asia, manages billions of conversations each month with the Smarsh Connected Suite. Government agencies in 40 of the 50 U.S. states also rely on Smarsh to help meet their recordkeeping and e-discovery requirements.
The company is headquartered in Portland, Ore. with nine offices worldwide, including locations in Silicon Valley, New York, London and Bangalore, India. For more information, visit www.smarsh.com.
Latest posts by Smarsh (see all)
- Best Practices for Stopping Risk in Its Tracks - December 11, 2018
- Preparing for Post-Emergency Records Requests - December 6, 2018
- Instagram: For Financial Services Firms, A Picture is Worth A Thousand Words - November 6, 2018