What would you do if you heard “volume and implementation of regulatory change” is the top challenge compliance teams in financial services expect in 2022, according to research from Thomson Reuters? Does that resonate for you and your organization? Are you prepared?
As a product marketer who has spent decades in information management, I often think about how the right technology can help information management professionals enable different aspects of regulatory compliance. So, in this blog, we’ll examine common regulatory compliance issues with data governance and how Intelligent Compliance technology from Proofpoint offers novel approaches to address them—specifically, for firms that need to meet the rigor of Financial Industry Regulatory Authority (FINRA) and U.S. Securities and Exchange Commission (SEC) regulations and laws.
The issue of collecting all meaningful information
It’s no longer sufficient to collect only email to meet regulatory compliance obligations. FINRA Rule 3110, for example, explains how supervisory procedures must require review of “incoming and outgoing written (including electronic) correspondence.” So, if your agents are corresponding with clients via collaboration platforms, such as Microsoft Teams or Slack, or even social media or text messaging, you should be factoring in collection from those platforms, too—and Proofpoint can help.
Proofpoint offers an open platform that not only supports native integration capturing popular digital communication channels, but also API integration with partner solutions for other channels. Our customers can use Proofpoint Capture to collect from Teams, Slack, Zoom, Twitter, LinkedIn, Facebook, text messaging and many other data sources. Capture also provides virtually unmatched flexibility in that it can collect and store items to either Proofpoint Archive or other third-party archives.
Figure 1. Searching for and viewing Teams messages in Proofpoint Archive.
The issue of proving what you archived is archived
In its enforcement actions against SunTrust Robinson Humphrey, Inc., FINRA stated the following: “These broker-dealer electronic records must be complete and accurate, not only to assist FINRA and other regulators in their efforts to protect investors through periodic examinations, but also to ensure member firms can carry out their audit functions.”
The business must be able to demonstrate they’re collecting and storing all meaningful electronic records. But how do they prove the electronic records they store are “complete and accurate”? Proofpoint can help in this regard, too.
Proofpoint Track can compare and reconcile captured content against an upstream manifest it maintains from each collaboration platform source archived. And if Track determines an item is missing, it can retry delivery. Reconciliation reports provide summaries and details and can help you defensibly prove the digital communications you capture are delivered to and stored by your archive. What’s more, Track works flexibly with Proofpoint Archive and other third-party archives.
Figure 2. Proofpoint Track reconciliation report.
The issue of identifying legitimate compliance risk
Based on data gleaned anonymously from October 2020 through October 2021, Proofpoint determined that of 7.8 billion archived items evaluated by Proofpoint Supervision customers, 3.3 million were confirmed issues. Remarkably, that translates to a bona fide compliance problem discovered in every 2,350 archived items examined. Imagine if these clients weren’t using a supervision system! And for those diligently supervising content to enable regulatory compliance, Proofpoint can help you overcome the “noise” of false positives, streamlining discovery of real compliance risk.
Proofpoint Supervision offers various techniques for culling false positives from your review queues. As mentioned in the September issue of Proofpoint Pulse,* our global customer eNewsletter, the Suggestions feature allows reviewers to propose low-risk content be excluded from future review, based on sender or subject line or whether the content is a disclaimer.
Also, Proofpoint Automate uses machine learning (ML) models to reduce false positives by up to 84% with Supervision, when compared with legacy supervision systems. This may be a striking statistic, but when you hear clients note how the technology “helps reduce reviewer fatigue and, as a result, human error,” you really start to understand the true value of our products.
Figure 3. Thresholds to taking action in Proofpoint Automate ML models.
For more information on how Proofpoint can help you solve common regulatory compliance issues, including how Proofpoint Professional Services can help you manage the configuration and implementation of our solutions, contact your Proofpoint sales representative or authorized Proofpoint reseller. Or visit our Intelligent Compliance solution page.
*Note: Access to Proofpoint Pulse eNewsletters through the Proofpoint Community requires login credentials. Contact your Proofpoint sales representative for questions about access.
Subscribe to the Proofpoint Blog