Your firm is global. But is your call recording compliance program?
Are you certain? Time and time again I ask this of colleagues at major financial institutions. Nearly every time, with surprise, shock, and a dawning sense of horror, those who check their call recording systems confirm a very ugly truth.
Every time your client-facing team roams onto another network, your call recording fails. Whenever they cross an international border, it fails. Whenever they lack coverage and must use WiFi and voice over the internet (VoIP), it fails. It fails when they text, when they WhatsApp, and when they use any app on their work or personal device that’s not expressly built for recording. If you doubt any of this, go have a look for yourself.
It is an absolute miracle anything is recorded at all in the best of times and now 61% of financial professionals are working from home permanently. Circumvention has become so trivial many advisors, wealth managers, and traders achieve it entirely by accident. And regulators are starting to notice.
This call recording “gap” is an open secret. Yet it is due to hardware-level limitations that are not easily patched. As we’ll explore here, there is one way firms can close the loopholes.
“Our advisors don’t do that” and other compliance fairy tales
The first stage of compliance gap realization grief is, of course, denial. It is only natural. A firm that invests hundreds of thousands of dollars in rolling out a compliant call recording app expects that users will understand its necessity. But this is rarely the case.
Call recording apps work wonderfully when users use them.
But it’s estimated that less than 10% of critical communications are captured and the reasons for this range from the oblivious—somehow someone literally missed all the memos—to the malicious—someone has something to hide. In the middle are the vast preponderance of users accustomed to skirting clunky work apps to get their job done.
It’s the classic user-experience design issue—someone builds a gate and users, with no sense for why it exists, simply walk around.
The first question you might ask about this is, why don’t users do the right thing? And there’s a simple answer. They are busy. Compliance-related firings, though frightening, are rare, and on a day-to-day basis, they’re much more concerned with getting their work done. Many apps only record one channel—just calls or just texts—which makes them frustrating and of limited use, and the user experiences are far poorer than the apps they’re accustomed to in their personal life, making non-use very attractive.
But there’s another question teams should be asking that gets more to the point—given that users have their own priorities and tend not to be compliance-minded, why did we deploy a system that is fragile to their apathy? Why is non-compliance even possible?
To understand that, you have to understand the limitations of the technologies most tools today are built with.
Why call recording is defeated by WiFi
Today there are two dominant technologies used for compliance call recording: SIM-based or app-based. Each has its issues.
SIM-based call recording occurs at the network level, in the phone company’s network operations center. Many of those networks are still running copper wires and their limitations are many. They still see a difference between analog phone calls and voice over data, and their recording systems are only designed to capture the former. Abstract a call into VoIP and for all intents and purposes it vanishes. Plus, the call recording only works when the user is on that carrier’s landline or wireless network. If they hop, it stops.
SIM-based call recording fails when users:
- Roam onto other networks
- Cross international borders
- Lose signal
- Text
- Call over WiFi
Some networks cooperate call recording via a syndicate called CAMEL, but not all, and it isn’t possible for you to prevent devices from registering with non-CAMEL networks. For firms with many users on the go, this is a massive gap.
App-based call recording occurs at the app-level. Any calls outside the app is not recorded. And because most apps suffer from user experience issues that make them clunkier and less useful than the native calling, texting, or messaging, these apps are often avoided.
App-based call recording fails when users:
- Close the app
- Delete the app
- Use native texting
- Use native calling
- Do anything not in the app
These limitations don’t leave firms with many options. You can try to lock down your devices to force users to only use approved apps, but for a global firm, it’s impossible to meet everyone’s needs and you’ll only end up preventing them from doing work—especially when so many will continue to work remotely. There are of course classic texting or WhatsApp bans, but we know those are largely unenforceable and only encourage more illicit communication.
The answer is cloud-based call recording
Cloud-based call recording captures everything that occurs on the device on approved channels and is stored securely in the cloud. That means if the network fails, it still records conversations. And if the app fails, or is deleted, it still records.
Cloud-based closes all the gaps of SIM- and app-based compliance recording. It’s also much easier to set up, and widens the range of approved activities to help client-facing advisors, traders, wealth managers, and investment bankers actually get their job done.
When clients text, there’s no more sheepishly asking them to revert to email, or reminding them you could be fired for this.
Cloud-based call recording tools can capture calls, texts or WhatsApp, and it’s device- agnostic—personal phone, work phone, or desktop, doesn’t matter. For some, users can even make and receive compliant calls or texts from within the CRM. Cloud-based tools tend to have much more modern UX, so users find them intuitive, and the fact that it follows them across devices and encompasses calls, texts, and messaging apps means it’s more useful to them. When the cloud-capture app is easier than other forms of communication, it’s actually used. Which is good. Because they also don’t have a choice.
Let your users WiFi
I encourage every reader to go inspect their own compliance recording tool and investigate a few of these scenarios. A helpful (though sometimes disconcerting) test is to go into your tool and look up a few of your top client-facing advisors. Ask yourself, are they really making that few calls? It’s possible. But unlikely. In all reality, your firm is probably among the many where fewer than 10% of critical communications are captured. Those aren’t just the transactions, but also the sensitive texts or messages that preceded or followed the transactions, which may have included illicit phrases that could come back to haunt the firm.
Today’s call and text recording tools have serious, hardware-level imitations and regulators are starting to notice. Any firm that wants to be more than compliant in name only in a world of so much remote work need only test their own tool to know that a switch is in order. For many, cloud-based will be the answer.