John Jacobs (jjacobs@acacompliancegroup.com) is a Senior Principal Consultant for ACA Compliance Group in Pittsburgh, PA, USA.
As Benjamin Franklin famously advised, “An ounce of prevention is worth a pound of cure.” Proactive and thoughtful surveillance of employees’ electronic communications is an effective compliance and risk management practice that can prevent potential problems. Yet, as employees’ online behavior continues to pose serious compliance and reputational risks, and as eDiscovery costs resulting from misconduct skyrocket, many companies outside of the financial industry have not yet implemented this “ounce of prevention” that is effective to curtail unethical and damaging behavior.
Surveillance in the financial industry
Focused, risk-based surveillance of employees’ electronic communications has become a standard practice in the financial industry. Surveillance of emails, chats, instant messages, and other electronic communications is not required by laws or regulations, but nevertheless has been implemented by investment advisers, investment companies, and broker-dealers. It’s no longer merely a “best practice,” but has become a standard practice to help prevent the dissemination of material nonpublic information and safeguard against other regulatory compliance violations.
The mutual fund scandal of 2003–2004 was an important factor in investment advisers’ decisions to initiate proactive surveillance of employee emails. In one of the high-profile cases prosecuted during that era, the Securities and Exchange Commission (SEC) filed a complaint against Columbia Management Advisors (Columbia), alleging unlawful market-timing arrangements with third parties. As part of its case, the SEC relied on emails between Columbia employees and employees of the funds Columbia advised. In one of the emails from August 2000, a fund employee complained that the “active trading has increased and it has become unbearable. There will be long term damage to the fund. Let’s understand that they really are not investors.” Columbia settled for $220 million, and total industry settlements from similar charges totaled over $3 billion.[1]
In the wake of this scandal, SEC commissioners and staff began to discuss the importance of early detection of potential misconduct and the need for financial institutions to build strong cultures of compliance generally. Since that time, surveillance of employees’ electronic communications has become standard practice within the financial industry, with 92.1% of firms in the financial sector participating in some form of employee surveillance.[2]