AIMA Journal Article

The changes introduce a raft of new rules but amongst the most onerous are new requirements that all text, IM, social media, email and phone calls potentially relating to financial transactions must be recorded and logged. To be sure this is subjective and the only risk free solution is to record everything. Anything less means unacceptable risk of big fines and even personal prosecution.

Capturing emails is one thing, but few banks or hedge funds are geared up to record all comms and to add to the burden; regulations not only affects businesses based in Europe, but also those doing business here.

To be prudent then, any firm trading with an EU partner, or even another outpost of their own firm, should record & store all communications.
The impact of BYOD and employees using banned consumer apps like We Chat and WhatsApp for doing business are also profound. Voice calls VoIP services like on WhatsApp cannot be recorded technically or perhaps legally under imminent data protection laws like GDPR.

Moreover, ephemeral messaging apps like Snapchat leave no permanent record of what’s been said, by who, to whom, so its clear they have to be stamped out with harsh penalties.

When the new regulations come into force, on 3 January 2018, this could prove a compliance bombshell.

As a former regulated money manager, I worried about the looming clash between the demands of the new rules and a world in which people are used to powerful consumer Apps.
To respond to these trends while being compliant isnt simple but banning the use of unauthorised apps is one vital step. The other is to make use of OTT enterprise technology – deployed on employee’s own and company devices – that logs and records every business communication across all authorised channels to meet the new rules.

Lee C. Stonehouse; Founder of VENNCOMM

 

VENNCOMM has both Android and iOS solutions that work today and here are some of the key ways our platform is always compliant and how it differs from other solutions on the market.

All Work calls are always recorded, even calling a number for the first time… no exceptions, ever.
When a regulated user makes call through the VENNCOMM TALK application, the call is always automatically connected over our own telecom network which records the call and then delivers it to the intended destination, automatically and transparently to both the calling and called party.

Some of our competitors use network technology which works fine if you have a data connection or have called the number before, but otherwise the call will not work if there is poor or no data connection at call time. If this happens the user has a choice, make a non-compliant call or try and hunt out a good data connection, something that can be difficult even in London! We all know what the user will do.

VENNCOMM’s technology works so that if there is a GSM voice signal, the call will be recorded, no if’s no but’s.

ALL Regulated calls and SMS are always recorded, wherever you are in the world.

Wherever they are in the world a regulated user using the VENNCOMM App is guaranteed to make a compliant, recorded call. This is because calls or SMS from VENNCOMM TALK always route over our network, which mean we always record the call or SMS no matter where in the world the user is and no matter what mobile network the user is on. (For the more technical reader I can confirm we can do this because, unlike other solutions, we do not rely on other mobile networks being GSM “CAMEL” compliant to record).

Network based recording solutions from all the major providers cannot guarantee calls are always recorded wherever the user is in the world, as they rely on the local mobile carrier operator to provide the recordings, which many cannot. This means that unlike VENNCOMM TALK, other solutions allow important calls to be made that are not recorded and are not compliant.

Other networks can record roaming calls but cannot provide recordings in sufficient time to allow the 72-hour case reconstruction required by MiFID II. VENNCOMM guarantee that every call made by a regulated user from the VENNCOMM TALK application is recorded in real time regardless of where the user is the world and what network provider they are connected to.

Carrier grade call recording over GSM, every time

Some of our competitors think VOIP calls over mobile phones are MiFID II compliant. This is not correct as MiFID II requires that all calls need to be recorded in a format that is usable by the regulator.

VOIP calls on mobiles cannot be made everywhere there is a phone signal, so users can only make unrecorded non-compliant calls outside of data coverage.

Even if there is data coverage sufficient to initiate a VOIP call, data contention with other users on the mobile network or internet often mean poor quality calls. Add to this the high compression used to make VOIP calls in many circumstances then it can be difficult to understand what is being said on a call, resulting in the call recording quality being very poor and unusable and non-compliant. This also makes it is impossible to run voice to text analytics for more detailed searching and automated case reconstruction.

Of course, VOIP does work very well in some circumstance, for example in the office connected to the regulated user’s high quality corporate wifi results can be promising, but go walking around town, or go driving or using a hotels free wifi and quality soon drops.

Only VENNCOMM TALK can ensure that recorded calls are done so at full GSM carrier grade quality and recorded in HD, guaranteeing fully compliant playback and helping to deliver accurate voice to text analytics.

Who said what when.

In a court of law it’s important to have evidence that is non-refutable. The same is true for compliance enforcement. To do this properly this means the recording supplier must not only have the technology that proves if a recording has been tampered with, but also having a separate recording for each participant in a call so that it is non-refutable who said what when.
Unlike our competition, we can do this, guaranteed. We have our own network and recorders where we can record each individual speech path in HD quality. This means even on group calls it is clear and unambiguous who said what when.

Full MiFID II compliance with BYOD

There is myth that MiFID II compliance is incompatible with corporate BYOD programs as it is not possible to record calls on employee owned devices on multiple networks. Telecom companies erroneously use this message to try turn the tide of migration to BYOD and win back customers and in the process, reverse the considerable savings companies have made at the expense of the telecom provider by adopting BYOD.

VENNCOMM TALK enables a company to deliver a separate regulated work number onto an employee’s BYOD or COPE device with guaranteed recording of work calls and SMS every time to full MiFID II compliant standards, enabling companies to maintain the cost saving of BYOD whilst delivering both MiFID II and GDPR compliance.

Full GDPR compliance: Work calls and SMS are always recorded, personal calls and SMS are never recorded.

The VENNCOMM TALK application has full separation of work and personal identities. Personal calls and SMS are neverrecorded, for regulated employees Work calls and SMS are always recorded.

Simply use VENNCOMM TALK for Work and native dialler for personal calls.

This means our application fully complies with GDPR as it ensures that the user can have full control of when they make a personal call and when they make a regulated work call, just like if they had two mobile devices. 100% separation.

Without this capability, all personal calls on corporate owned devices will be recorded, as no option exists to separate work and personal personas.

On VENNCOMM TALK there is no way a work call can be made without it being recorded, even if a work caller is dialled back from the native call logs or voicemail! In other similar applications this is not always the case and re-dialling a missed work call in the native dialler will result in a call that is not recorded and therefore not compliant.

VENNCOMM TALK can deliver this total separation on the either BYOD or COPE devices. Only VENNCOMM guarantee this level of separation of personal and work personas required to meet GDPR requirements and MiFID II compliance at the same time.