Smarsh Advance Recap: Voice – The Newest Frontier in Supervision
In this article series, we relive some of the most insightful Smarsh Advance 2022 conversations about the evolving compliance, communication and technological landscapes affecting regulated industries.
We frequently discuss how communication channels continue to increase in the form of texting, video conferencing and instant messaging applications. But that doesn’t mean we’re ignoring the humble voice conversation.
Businesses expect voice calls to increase — an expectation that regulators are well aware of. In fact, we predict regulatory fines related to voice communications will increase two to three times by 2025.
In the Smarsh Advance session, Voice: The Newest Frontier in Supervision, we explore how voice communications are evolving and how enterprises need to adjust their supervision strategy to match.
Are calls left out of the supervision conversation?
The increasing popularity of hybrid and remote work has seen an exceptional evolution in regulated industries. With more people in different locations, the number of voice or video calls are rising. But from a surveillance perspective, firms aren’t keeping up.
Large organizations first need to understand that voice communications aren’t just phone calls anymore. They can take place in a startling variety of applications, including Microsoft Teams, Slack and even WhatsApp.
“We have so many other ways to talk with voice, which is fantastic for consumers, but a real challenge for compliance teams,” says Shaun Hurst, Principal Regulatory Advisor for Smarsh. “And to make it even more difficult are the encrypted voice communication channels like WhatsApp and WeChat.”
Voice data, like data of other channels and mediums, comes with difficulties that need to be resolved — especially for global enterprises. Every country has their own requirements, formats and hold periods.
“One of the things that matters is not just what line is recorded or what channels are recorded, but how long you hold it for surveillance,” says Emily Wright, the former Managing Director and Global Head of Compliance Surveillance at Standard Chartered Bank. “Once captured, voice and video data are incredibly expensive and huge in file size to hold. But once you compress them, you almost can't apply surveillance to them.”
Robert Mara, Principal at Ernst & Young, believes we’re in a bit of a gray area from a regulatory perspective. This is largely because these types of communication channels have far outpaced the regulations associated with governing them.
“The video portion is probably the one where we've gotten the least guidance on,” says Mara. “There's a lot of regulatory variation depending upon which jurisdiction you're in. Some would consider this to be an e-communications medium as opposed to a voice medium, which has its own implications. Many of my clients ask, ‘If we record the audio and we use a voice-to-text mechanism, which one is the actual record? You can talk to 10 different lawyers, and you'll get 10 different answers.”
Firms need to take a proactive approach to voice surveillance
With increasing attention to powerful collaboration technologies, it’s only a matter of time before regulators formalize voice capture and surveillance requirements.
“We're kind of waiting for the regulators,” says Mara. “That's a little bit of a double-edged sword because the regulators may very well require something that you can't do, and then you might have to spend an enormous amount of money finding a needle in a haystack. Or in some of these cases, a needle in a stack of needles.”
Firms are in a unique position to future-proof their compliance, but where should they begin? Many firms are creating a broader and more integrated compliance strategy.
“Everything, particularly in communications surveillance, is about context,” says Mara. “We're seeing a lot more movement towards tighter integration with a broader set of surveillance and supervision programs, so firms can actually focus on areas that are going to represent the most risk.”
“The more integrated you can get, the less you have to look at,” adds Wright. “Because things coagulate around risk and you get more and more evidence of it. And we're not just looking for a potential risk event or behavior. We're looking for a smoking gun to do anything useful with these applications, so you do need all those data sets.”
Compliance teams are responsible for identifying and blocking risks, whether or not there are technological tools to support their mission.
So, should firms allow voice communications on collaboration applications?
“It’s less about ‘You can’t use that,’” says Wright. “It’s, ‘You can use that for certain purposes.’ Like with anything we capture, if somebody wants to step outside of the controls, they can. But if somebody wants to do the right thing, it’s generally a decent guardrail for making sure you get what you need.”
Mara is optimistic about the evolution of supervision tools.
“I’m encouraged with where technology is headed with voice capture,” says Mara. “I'm seeing a number of vendors having the ability to actually process audio information in a meaningful way.”
Share this post!
Smarsh Blog
Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.
Ready to enable compliant productivity?
Join the 6,500+ customers using Smarsh to drive their business forward.
Subscribe to the Smarsh Blog Digest
Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.
Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.
FOLLOW US