As a compliance officer, your job is to make sure your colleagues’ communications are in line with regulations. But with so much communication to supervise, how do you differentiate what should be reviewed and what should not?
The adoption of email and digital messaging has increased the reach and speed at which we can communicate. We use it to chat with our friends and colleagues, confirm a dinner reservation and, of course, for our daily work activities.
Having the right information flagged so you are reviewing relevant information is the key to an efficient overall compliance review process. What it all comes down to is practicing the right techniques to ‘reduce the noise’.
The context of a communication is just as important as the content. Often, compliance reviewers focus so heavily on the relevant keywords and phrases that they neglect the basic context. One of the best ways to achieve a relevant compliance review is to define a policy so that your search results not only contain content you care about but also apply to the people you care about.
For example, if you are going to run a ‘fair and balanced’ policy to make sure your brokers are not using the wrong kind of language, you do not have to turn on the policy for everyone in the organization; you have the tools to apply that to just broker-dealers.
Another example is when dealing with broker-dealers, you may not need to look at incoming messages - you can set your policy to only look at outbound messages. Alternatively, in some cases you do not have to worry about attachments and can only focus on the text. Then you should set your review policies accordingly.
To achieve and maintain a high level of relevance, it is necessary to approach compliance reviews with a high level of control and granularity.
Cast the net wide, refine and regression test An important approach to compliance reviewing is casting the net wide when initially building your keyword lists and allowing for time to refine policies. The downside to this approach is that in the early stages you will get back a lot of irrelevant search results; however, that helps ensure that all the important content is included. By starting with a narrow search, you will speed up the process but also increase the probability that you will miss important messages. The policy refinement process that follows can then reduce the irrelevant noise and focus the accuracy. Do not be afraid to capture too much in the initial search because you can work your way down quickly and methodically.
When using this approach, it is essential to regression test your modified policies. As changes are made over time there is always a risk that content that was being included may be excluded going forward.
In order to prevent this, keep a set of direct messages or content files that you know should trigger the policy you have. As you make refinements, resend this test content and make sure that the policy still triggers. You can regularly perform this regression test to make sure that any changes you have made did not break the policy.
This is what is referred to as methodical refinement. This technique is integral because it is a known true-positive in your back pocket so that when you are doing refinements, you are not eliminating relevant information.
If you're interested in learning more about Global Relay, or want to speak with one of our specialists, reach out to us here!
Global Relay is the leading provider of cloud archiving, compliance, information governance and eDiscovery solutions for the global financial sector and other highly regulated industries. Global Relay delivers services to over 23,000 customers in 90 countries, including 22 of the top 25 banks. Global Relay Archive supports email, IM, Bloomberg®, Thomson Reuters, social media, mobile messaging and more - with mobile, Outlook and web access.