So I propose five steps that compliance officers can take to make choosing their surveillance software easier.
Step 1 – Buy vs. Build
Consider the extent to which you want to buy versus build. You need to decide this first. Do you have the team to build something 100% bespoke? Many firms do not have either the experience or the budget. But equally, a commercial off-the-shelf system can be too restrictive, especially for global multi-jurisdiction operations. Maybe you are looking for a middle path – a hybrid of the two.
Step 2 – Pace of Evolution
Consider how easily you can evolve your technology in the face of the next big scandal. Look at FX – out of nowhere it became the hot topic when regulators began to investigate traders, with around 10 banks suspected of manipulating the 4pm FX benchmark assessment.
FX joins LIBOR, the gold fixing, short selling, front running, rogue algos and dark pools in the School for Scandal. There is always another transgression just around the corner.
Step 3 – Profiling Behavior
Consider how best to use big data analytics on historical data to find patterns and trends that can enhance on-the-fly detection of anomalies. Profiling of ‘normal’ behavior from historical data can give highly granular insights into activity by trader/instrument/client/time of day that can materially improve real-time alerting.
[Related: “Learning From the Past: Predictive Analytics Offer Early Warning System” (free QuantFORUM registration required)]
These insights can elevate alerting from one-size-fits-all parameters, with high volumes of noise, to granular alerting using logic and calibration tailored to specific trader/instrument/client combinations. Better results, less false positives, more productive teams – a win-win.
Step 4 – Interface to GRC
Consider how comprehensive a case management platform you need. Do you want to wire your surveillance activities into the wider governance, risk management and compliance structure, or have it stand alone? To what extent is the wider GRC structure capable of handling on-the-fly output from surveillance?
Step 5 – To Host or not to Host
Consider a hosted versus on-premise system. A hosted system is necessarily cookie-cutter in order for vendors to achieve economies of scale that can be passed on. An on-premise system doesn’t have to be expensive and would be better suited to firms that want ownership of the future direction of their surveillance.
There obviously is far more that could be said here and, in the current regulatory climate, “Five Steps” could easily have been “50 Steps.” But if you start with this road, you might just avoid scandals and keep your company and your boss out of the headlines – not to mention the attention of people in dark suits who are usually found dealing with serious crimes and organized syndicates.