The risks of risk-based surveillance

Ask surveillance professionals at banks whether surveillance should move away from its current (and failing) rules-based paradigm and move to a risk-based approach and they are overwhelmingly in favour. Instead of defining surveillance around regulated and unregulated populations, base coverage on the risk that employees may present in terms of their internal and external interactions. Are they client facing? Do they have the ability to execute a trade? What relationships do they have? Are they in a position to be involved in bribery, gifts and entertainment? Do they have the ability to compromise the reputation of the firm?

Most (62%) attendees at our last surveillance Deep Dive believe that under a risk-based approach there is a strong case for firms to stop surveilling lower risk individuals.

However, a move this significant would require regulatory backing and while most attendees (79%) believe that the regulators are supportive of banks' efforts in taking a risk-based approach to surveillance, it is not clear that examiners on the ground are comfortable with this level of change. Until they are, banks will have to focus on conventional coverage and channel capture, while also deciding how much to expand employee monitoring outside the regulated population.

The risk-based approach also raises more questions about the development of Big Brother-style surveillance. If banks focus on the riskiness of employees, rather than simply looking at regulated staff, then the future of surveillance may be an enterprise-wide programme targeting anyone outside the low-risk bucket, rather than today’s function which targets specified individuals, specific types of market abuse and specific reporting requirements.

Interested in our next Surveillance Deep Dive? Have a look at our upcoming events.