The FCA recently published a Multi-firm Review into Off-Channel Communications with a timely snapshot of how wholesale banks are managing risks associated with unmonitored communications. The regulator’s message is clear: electronic communications (eComms) surveillance is no longer optional; it is a regulatory necessity.
The FCA also states that any firms required to review electronic communications, not just wholesale banks, should also take note of the findings and best practices.
Although the review focused on UK-regulated firms, its implications are also relevant to firms operating under the SEC, Monetary Authority of Singapore (MAS), Hong Kong Securities and Futures Commission (HK SFC) and others.
Key eComms Findings
The FCA engaged with 11 wholesale banks, requesting data on breaches, policy enhancements, and management information. The regulator’s findings include:
- 178 breaches of internal policies were reported by 8 firms, with 131 breaches concentrated in three larger firms.
- 41% of breaches involved individuals at Director level or above, indicating that seniority does not equate to compliance.
- Firms are increasingly deploying AI and natural language processing to monitor emojis, GIFs, voice notes, and “channel-hopping” behaviour.
- Third-party vendors commonly present challenges such as inaccurate transcriptions, missing data, and outages. The FCA emphasised that though the work can be outsourced, regulatory responsibility cannot.
- Surveillance managers favour corporate-issued devices for client-facing staff. Some firms use brightly coloured handsets to ensure visibility on trading floors.
- Management information frameworks vary. Larger firms track breach severity, device usage, and vendor KPIs while smaller firms tend to rely on spot checks and service level agreement thresholds.
Despite technological advances, the FCA noted that behavioural change remains the greatest challenge to communications compliance.
While the FCA highlighted areas for improvement, they also observed progress made by firms in the sample. This sets a higher bar by which all other firms will be measured.
Meet Regulatory Expectations
While regulatory approaches may diverge, some communications surveillance obligations remain universal:
- Firms must record and monitor communications related to regulated activities.
- Unrecorded channels must be actively discouraged and prevented.
- Behavioural reinforcement is essential—policies and systems must be supported by training and leadership.
- Compliance must be embedded across all levels of the organisation, particularly among senior staff.
Strengthen Your Surveillance Strategy Today
The FCA’s findings are a wake-up call. Whether you are regulated by the FCA, SEC, MAS, or another authority, the expectation is clear: you must demonstrate control over your communications environment.
ACA equips firms to move decisively from reactive fixes to proactive, regulator-ready compliance:
- Identify and Address Gaps: Our advisory team builds tailored risk frameworks to pinpoint weaknesses in your surveillance programme and recommend actionable solutions.
- Deploy Smart Surveillance: ACA’s ComplianceAlpha® platform uses AI to monitor over 85 channels, flagging risky behaviour across voice, text, emojis, GIFs, and more. It is built to handle the complexity that regulators are scrutinising.
- Be Audit-Ready: Management information dashboards and reporting tools within ComplianceAlpha help you track breach trends, vendor performance, and device usage, providing the oversight regulators expect.
- Extend Your Oversight: Need extra hands? Our managed services team supports your surveillance operations, ensuring alerts are reviewed, escalated, and resolved with precision.
Contact us today to learn how ACA can help you maintain compliance with communications surveillance expectations.