“Having reviewed the competing technologies, we chose VENNCOMM TALK as it was also the only solution that could provide the total separation of personal and work numbers needed to support GDPR and MIFID II”.

Fredrik Ohlsson, Compliance Officer, Prosperity Capital Management (UK) Limited

“We are delighted to welcome Prosperity Capital Management (UK) Limited and Russian Analysts from their Affiliated companies onto our platform. This agreement enables our platform and application which already covers over 120 countries worldwide to expand into the Russian Federation and provide Russian dual persona work numbers for the first time. We look forward to working with Prosperity going forward.

Lee Stonehouse, CEO, VENNCOMM Ltd


AIMA Journal Article

The changes introduce a raft of new rules but amongst the most onerous are new requirements that all text, IM, social media, email and phone calls potentially relating to financial transactions must be recorded and logged. To be sure this is subjective and the only risk free solution is to record everything. Anything less means unacceptable risk of big fines and even personal prosecution.

Capturing emails is one thing, but few banks or hedge funds are geared up to record all comms and to add to the burden; regulations not only affects businesses based in Europe, but also those doing business here.

To be prudent then, any firm trading with an EU partner, or even another outpost of their own firm, should record & store all communications.
The impact of BYOD and employees using banned consumer apps like We Chat and WhatsApp for doing business are also profound. Voice calls VoIP services like on WhatsApp cannot be recorded technically or perhaps legally under imminent data protection laws like GDPR.

Moreover, ephemeral messaging apps like Snapchat leave no permanent record of what’s been said, by who, to whom, so its clear they have to be stamped out with harsh penalties.

When the new regulations come into force, on 3 January 2018, this could prove a compliance bombshell.

As a former regulated money manager, I worried about the looming clash between the demands of the new rules and a world in which people are used to powerful consumer Apps.
To respond to these trends while being compliant isnt simple but banning the use of unauthorised apps is one vital step. The other is to make use of OTT enterprise technology – deployed on employee’s own and company devices – that logs and records every business communication across all authorised channels to meet the new rules.

Lee C. Stonehouse; Founder of VENNCOMM


VENNCOMM has both Android and iOS solutions that work today and here are some of the key ways our platform is always compliant and how it differs from other solutions on the market.

All Work calls are always recorded, even calling a number for the first time… no exceptions, ever.
When a regulated user makes call through the VENNCOMM TALK application, the call is always automatically connected over our own telecom network which records the call and then delivers it to the intended destination, automatically and transparently to both the calling and called party.

Some of our competitors use network technology which works fine if you have a data connection or have called the number before, but otherwise the call will not work if there is poor or no data connection at call time. If this happens the user has a choice, make a non-compliant call or try and hunt out a good data connection, something that can be difficult even in London! We all know what the user will do.

VENNCOMM’s technology works so that if there is a GSM voice signal, the call will be recorded, no if’s no but’s.

ALL Regulated calls and SMS are always recorded, wherever you are in the world.

Wherever they are in the world a regulated user using the VENNCOMM App is guaranteed to make a compliant, recorded call. This is because calls or SMS from VENNCOMM TALK always route over our network, which mean we always record the call or SMS no matter where in the world the user is and no matter what mobile network the user is on. (For the more technical reader I can confirm we can do this because, unlike other solutions, we do not rely on other mobile networks being GSM “CAMEL” compliant to record).

Network based recording solutions from all the major providers cannot guarantee calls are always recorded wherever the user is in the world, as they rely on the local mobile carrier operator to provide the recordings, which many cannot. This means that unlike VENNCOMM TALK, other solutions allow important calls to be made that are not recorded and are not compliant.

Other networks can record roaming calls but cannot provide recordings in sufficient time to allow the 72-hour case reconstruction required by MiFID II. VENNCOMM guarantee that every call made by a regulated user from the VENNCOMM TALK application is recorded in real time regardless of where the user is the world and what network provider they are connected to.

Carrier grade call recording over GSM, every time

Some of our competitors think VOIP calls over mobile phones are MiFID II compliant. This is not correct as MiFID II requires that all calls need to be recorded in a format that is usable by the regulator.

VOIP calls on mobiles cannot be made everywhere there is a phone signal, so users can only make unrecorded non-compliant calls outside of data coverage.

Even if there is data coverage sufficient to initiate a VOIP call, data contention with other users on the mobile network or internet often mean poor quality calls. Add to this the high compression used to make VOIP calls in many circumstances then it can be difficult to understand what is being said on a call, resulting in the call recording quality being very poor and unusable and non-compliant. This also makes it is impossible to run voice to text analytics for more detailed searching and automated case reconstruction.

Of course, VOIP does work very well in some circumstance, for example in the office connected to the regulated user’s high quality corporate wifi results can be promising, but go walking around town, or go driving or using a hotels free wifi and quality soon drops.

Only VENNCOMM TALK can ensure that recorded calls are done so at full GSM carrier grade quality and recorded in HD, guaranteeing fully compliant playback and helping to deliver accurate voice to text analytics.

Who said what when.

In a court of law it’s important to have evidence that is non-refutable. The same is true for compliance enforcement. To do this properly this means the recording supplier must not only have the technology that proves if a recording has been tampered with, but also having a separate recording for each participant in a call so that it is non-refutable who said what when.
Unlike our competition, we can do this, guaranteed. We have our own network and recorders where we can record each individual speech path in HD quality. This means even on group calls it is clear and unambiguous who said what when.

Full MiFID II compliance with BYOD

There is myth that MiFID II compliance is incompatible with corporate BYOD programs as it is not possible to record calls on employee owned devices on multiple networks. Telecom companies erroneously use this message to try turn the tide of migration to BYOD and win back customers and in the process, reverse the considerable savings companies have made at the expense of the telecom provider by adopting BYOD.

VENNCOMM TALK enables a company to deliver a separate regulated work number onto an employee’s BYOD or COPE device with guaranteed recording of work calls and SMS every time to full MiFID II compliant standards, enabling companies to maintain the cost saving of BYOD whilst delivering both MiFID II and GDPR compliance.

Full GDPR compliance: Work calls and SMS are always recorded, personal calls and SMS are never recorded.

The VENNCOMM TALK application has full separation of work and personal identities. Personal calls and SMS are neverrecorded, for regulated employees Work calls and SMS are always recorded.

Simply use VENNCOMM TALK for Work and native dialler for personal calls.

This means our application fully complies with GDPR as it ensures that the user can have full control of when they make a personal call and when they make a regulated work call, just like if they had two mobile devices. 100% separation.

Without this capability, all personal calls on corporate owned devices will be recorded, as no option exists to separate work and personal personas.

On VENNCOMM TALK there is no way a work call can be made without it being recorded, even if a work caller is dialled back from the native call logs or voicemail! In other similar applications this is not always the case and re-dialling a missed work call in the native dialler will result in a call that is not recorded and therefore not compliant.

VENNCOMM TALK can deliver this total separation on the either BYOD or COPE devices. Only VENNCOMM guarantee this level of separation of personal and work personas required to meet GDPR requirements and MiFID II compliance at the same time.


CITY AM Newspaper Article

The EU’s MiFID II financial regulations come into force in just four months and around the world financial institutions remain confused and challenged about how to comply.

MiFID – the “Markets in Financial Instruments Directive, Phase II” – introduces a raft of new rules for the finance industry, above all covering trades and transactions.


Among the most onerous is a new requirement that all electronic communications and phone calls that possibly relating to financial transactions must be recorded and logged.

They also have to be stored and retrievable with perfect recall.

Capturing emails is one thing, but no International banks or hedge funds I know of are geared up to record all calls. And time is running out.


Recent discussions with friends in very different institutions reminded me again how under-prepared even the biggest firms are.

Many have only recently understood that MiFID II does not just affect businesses in Europe, but firms based anywhere but doing business in the EU.

Any bank anywhere in the world which is trading with an EU partner has to record and store communications to be compliant.

Across the board firms say that capturing mobile phone communications in particular has become a minefield.

The impact of BYOD –“bring your own device” – means that more and more employees now routinely use their personal phones to make unrecorded business calls.


It gets worse.

Some rogue employees are using employer-banned consumer apps like We Chat and WhatsApp for doing business, in full knowledge that voice calls on them cannot be recorded.

Ephemeral messaging apps like Snapchat are even more difficult as they leave no permanent record of what’s been said, by who, or even to whom.

Banning it seems is not enough.

When the new regulations come into force on 3 January 2018, a lot of financial institutions may hope that logging and recording fixed line communications will at least give the semblance of compliance, despite knowing that employees using their own Apps could prove to be a compliance bombshell.

As a regulated Broker myself, I witnessed the looming clash between the draconian demands of the new rules and the reality of a world in which people are so attached to the functionality of their smartphones that they can’t be persuaded to use less cool enterprise software.

That awareness shaped the way VENNCOMM developed its mobile platform and App to automatically record and log every business text or call globally while also being reliably compliant.

Banks and hedge funds are now urgently seeking this type of service.

Whatever vendor solution they choose, the banks have woken up to the realities of a world in which business is increasingly done on BYOD mobile devices.

Banning use of unauthorised apps is one vital step. The other is to make use of enterprise apps which let you use your own phone but log and record every business call in compliance with the new rules.

Lee Stonehouse is the Founder and Chief Executive of communications firm VENNCOMM.


As MiFID II and GDPR loom the top tier financial firms are relatively clear on what they have to do in getting new policies and technology in place, but worryingly the smaller firms often are not.
Some of the most concerning scenarios are smaller firms seemingly looking to avoid rather than adhere. A risky strategy to be sure.
The worse case I know of is a tier 2 investment bank COO, that while paying for over a hundred new company mobile phones said his firm was “exempt from recording because the bank’s policy bans the use of mobiles for business“. The question begs “so; why buy the phones?”

*  In 2013 in response to scandals, including LIBOR fixing the Parliamentary Commission for Banking Standards (PCBS) made recommendations on how to improve standards in the banking sector, including a new accountability framework focused on certification of senior management (including the Senior Managers’ Regime (SMR) and Certification Regime (CR) for senior bankers) for better standards of conduct at all levels. The SM & CR carries heavy penalties for poor oversight as its purpose is to;

*  encourage a culture of staff at all levels taking personal responsibility for their actions.
*  make sure firms and staff clearly understand and can demonstrate where responsibility lies.

My best advice when asked “can my firm can avoid compliance?” is “if you are responsible as a managing partner, board member or governance professional, its best to be conservatively prudent and adopt a ‘belt & braces’ approach to clearly show that you are embracing the spirit of the regulations, and technology is your friend.”

From my own observations and discussions with regulatory consulting firms there are three obvious steps to take in complying with MiFID II communications recording.

1.  Ban Consumer Apps and record all Authorised and Controlled Business Communications Channels
2.  Provide your employees with best in class Mobile Business Communication Apps as this is the lowest control modality
3.  Implement strong punitive outcomes for policy breaches

Our best advice is that unless a reputable regulatory specialist law firm offers written proof of your firm’s exemption citing an actual provision within MiFID II that they are using as the basis of their analysis, it is risky to assume exemption.

Lee C. Stonehouse is the Founder & CEO of VENNCOMM a City based Compliant Communications Firm.


Three examples come from talks with senior friends, one at a global tier 1 eighty-country bank; one at a Hedge Fund centred in London with offices in Hong Kong & the US, and the last a US Investment Bank with operations in London and some mainland European countries. The trend convergence I first noticed in 2015 at JPMC’s annual New York tech conference included: obsolescence of Blackberry Handsets; the fast growth in BYOD and tougher regulatory requirements. Someone called it “an unholy trinity“.

Here’s the thing; Firms have to record ‘all electronic communications for business conducted within the catchment of ESMA’s Regulatory net and this means that being domiciled outside the catchment isn’t the proxy for exemption many assume. Employees outside the EU dealing with those inside are caught by the requirement, meaning their business related communications must be recorded and stored compliant with MiFID2. This is not easy to do..

Mobile communications in particular have become a minefield. Many employees are anecdotally using banned consumer apps like We Chat for doing business using their own personal subscriptions. This means personal messages are mixed in with business exchanges. This happens on work phones and personal ones alike and employers can’t record them no matter what. To make it worse ephemeral messaging apps like Snapchat are booming and there’s no permanent record of what’s been said, by who, to whom! Messages dissolve and anyway you can’t record, even if technology allowed, Personal data protection laws like GDPR see to that. A person under investigation could just legitimately delete the questionable content personal app account without recourse.

There have been some attempts to promote easy solutions as a panacea ( in mobile network recording; sim swap, poor apps ) but this is a thorny problem that has to be resolved once – emphatically and globally.

When the VENNCOMM Software Strategy Group worked through a decision tree on the optimal way to make mobile text and voice communications context-neutral-compliant it went something like this; BYOD or Corporate Owned Phone ? / Corporate owned phone and SIM – or just phone, or just SIM ? / iOS or Android or Other? / All employees on one mobile network or a mixed network estate ? / All domiciled in one home country or people in different home countries ? / Calling home country only, or calling International ? / Phone managed by MDM or Not ? / One to one calls or conferences sometimes ? / Party inside EU or Outside ? Caller or Called ? Both ? / On VoIP or GSM Connection ? / In work Hrs or outside ? / Call occurring when in the decision or advisory timeline ? ie, under 5 yrs or over 5 yrs ? / Conference Call Parties all under one Regulatory Jurisdiction or two, or many (eg Singapore, USA, France ) ? / Ability to scrub device remotely or de-provision via calling app ? / Communications kept in jurisdiction ? / On premise or in cloud ? / In multiple jurisdictions in real time within conflicting constraints of International Regulatory Rules ?

Firms “must record conversations related to the reception, transmission and execution of client orders” and the latter is an investment service within the scope of MiFID II and that doesn’t only apply if you live and work in a European based office. A third country firm would not be in a position to conduct this regulated activity in the UK in the absence of authorisation which subjects it to all MiFID II requirements. The only exemption would be FSMA Art 72 reverse solicitation/overseas person exemption where the client initiates contact with the third country firm which does not have a location in the UK. In this case the scope of the transaction would be limited to the specific product which is the subject of the client’s inquiry.

MiFID II Organisational requirements 16(7) Records shall include the recording of telephone conversations or electronic communications relating to, transactions concluded when dealing on own account and the provision of client order services that relate to the reception, transmission and execution of client orders. Such telephone conversations and electronic communications shall also include those that are intended to result in transactions concluded when dealing on own account or in the provision of client order services that relate to the reception, transmission and execution of client orders, even if those conversations or communications do not result in the conclusion of such transactions or in the provision of client order services.

Adding GDPR rules that often directly oppose MiFID2 is not going to help! But in fact the solution to the original problem also elegantly resolves that too but only when combined with definitive policy banning unauthorised apps at work.

VENNCOMM resolves compliant mobile communications while bettering end user mobile productivity irrespective of context or context-neutral.

Lee C. Stonehouse is the Founder & CEO of VENNCOMM




Really?! MiFID 2 Communication Recording Requirement Reaches Further Than You Think


LinkedIn article by Rob Weston, Managing Director at KPMG

ESMA, European Securities Markets Standards, has provided more clarity on the need for monitoring of phone calls under MiFID II stating that:

“The monitoring of records of relevant telephone conversations and electronic communications is necessary to assist the firm in ensuring that it is meeting the recording requirements and also adhering to its wider regulatory obligations under MiFID II”

ESMA goes on to give examples of the need for call monitoring ” ..it will assist the firm in meeting its wider regulatory obligations which include but are not limited to having policies and procedures in place in respect of its client order handling, best execution, own account dealing obligations and the deterrence and detection of market abuse.”

ESMA also concludes that the recording of the calls should be considered “critical or important infrastructure” and Monitoring should be “conducted regularly and when necessary on an ad-hoc basis. Due regard should also be given to any emerging risks.”

Details are available on the “ESMA – Questions and Answers on MiFID II and MiFIR investor protection topics


VENNCOMM TALK was designed for organisations looking to provide regulatory compliance for all communications across all devices, including personal devices used for work under BYOD policies, while minimising costs through our proprietary least-cost-routing technology.

With significant challenges around time stamps and recording, one of the largest headaches for compliance managers has been how to ensure that SMS messages between employees and clients remain compliant, and that messages on personal devices are also captured.

To answer that conundrum, we have launched a messaging feature, VENNCOMM TALK Chat which offers users the chance to send messages, including images and files, via our app to other individuals or groups who are also using VENNCOMM TALK. Unlike SMS, the communications are time stamped and captured in the compliance pack for alerts and/or compliance analytics fully meeting MiFID II requirements.

This new feature behaves in the same way as SMS, although there are no SMS charges as all communications are sent via the app using your data allowance.

This means there are no more extortionate MMS charges for sending images, and all communications are sent via our unique least-cost-routing technology keeping the costs down, even if messages are sent from abroad.

Critical to the new feature is the ability for compliance managers to search messages for keywords when reconstructing cases to meet regulatory criteria.

Compliance managers can also set up alerts which are triggered when messages with keywords are sent between users ensuring that organisations are compliant with the strictest financial regulations including MiFID II – which comes into force in January 2018.

VENNCOMM TALK chat has been specifically designed to act like the messaging tool on the user’s device, so there is nothing new to learn or understand.

Drive your BYOD User numbers up while complying with the latest regulatory requirements and least cost routing all your employee’s (mobile international, domestic and conference) calls without changing any existing mobile contracts or infrastructure.

VENNCOMM TALK is one of the world’s leading MiFID II compliant, Mobile Voice & IM & file sharing platforms, offering technology departments a cost efficient BYOD policy and significant capex savings as the organisation will no longer be required to purchase expensive handsets for each employee.

All of this is possible whilst also providing compliance departments a way to solve forthcoming regulatory hurdles in a fast efficient way.  VENNCOMM TALK IM deploys as an OTT app inside the pre-eminent Regulated Enterprise MDM Software on both corporate owned and BYOD Mobiles.


Roaming charges being banned by the EU will compound the already huge declines in mobile operator voice revenues – while providing an opportunity for an innovator to break out of the pack and steal a march on the slower, less hungry Operators.

To be meaningful and effective in the short term – the Operator’s strategic responses must allow for the set-up of partnering units that don’t have the ‘die on the vine’ procurement rules and cycles that see so many promising technology partnerships between big & small collaborators fail.

The investments needed are tiny but as the biggest technology successes of the past decade show, they all rely upon mobile infrastructure for their success. Opportunity knocks for those who are listening.

For sure, the biggest mobile operators need to find, fund, and fast track  innovative small companies. Old rules and unimaginative gatekeepers to the corporate cash & resources must be removed by the leaders of these massive companies. Buying-in innovation is – a dirt cheap, low-risk, strategic option.

There will be start ups that play a crucial role in the outcome of the the creative destruction brought about by the competitive and regulatory dynamics of a maturing industry and deep down the CEO’s of the Operators know that the best corporate strategy cannot be to eat your competitors without figuring out how to deploy new innovation.


At their best BYOD Programs increase mobile employee-productivity and job satisfaction while cutting the employer’s hardware costs and avoiding fines from Regulators. Employee reticence to take them up however is driven by dislike of using their own number to take business calls out of hours and the imposition of company controlled MDM features, such as remote-wipe.

Consequently BYOD uptake often falls short of its potential leaving the promise unfulfilled.

Split persona phone numbers are meant to help and on paper they would seem to but the technology is limited to either MVNO integrations or virtual SIMs that limit deployment to one or two carriers or countries or require mass SIM replacement; neither of which are a panacea or meet the test of a universally-applicable solution continuously applied as employees join and leave in a rolling BYOD provisioning cycle.

Even more difficult; BYOD telephony has to work across the infrastructure & device mix of the corporate & employee combined estate while being globally operable across all mobile networks.

Blackberry has made an effort to resolve these challenges by going on a partnering and acquisition spree,  but one wonders whether it understands the difficulty it faces in combining these proprietary & partner technologies into a combined solution offering the essential elements needed to meet customer needs, even within industries that aren’t highly regulated?

To be compelling an ideal BYOD-centric mobile solution would offer global split persona and billing (any country or carrier) with company-owned, city-prefixed numbers. Once provisioned the application should include automated smart LCR and Roaming cost-reduction technology to eliminate the $millions in wastage through reimbursing sky high employee consumer-rate tariff charges for their international calls and roaming.