Missed a Future of Work Summit session? Head over to our Future of Work Summit on-demand library to stream.
As the pandemic forces dozens of previously office-bound employees to work from home, companies in highly regulated industries, like finance, are struggling to balance compliance and privacy. A Deloitte report notes that certain federal laws require financial institutions to monitor the conduct of salespeople, merchants, financial advisors and branch managers when interacting with customers and the market in general. Even a financial advisor who calls a client using a personal cell phone, or a securities trader who forgets to shred client documents, can violate compliance regulations.
Seeking a solution, some banks and other institutions have adopted software that monitors employee communications – ostensibly to detect possible conduct violations. Vendors say the software can reduce compliance costs by providing actionable analytics in the workplace. But several privacy advocates say the information comes at a high cost, monitoring employees even when they’re out of the office.
Against this backdrop, one provider, Shield, today announced that it has raised $15 million after launching since its launch in 2018. While Shield refuses to reveal its customers, the company says it has recently signed a “tier one” global bank and has other “global banks” among its clientele.
Cost of compliance
Compliance costs are generally high in the financial services industry. By one estimate, banks paid more than $42 billion in non-compliance fees in 2016. In December, JPMorgan Chase alone was fined $200 million by regulators for failing to crack down staff members who were discussing company business on their personal devices via text messages and WhatsApp.
Attributed to increased spending on staffing, accounting, consulting and consulting, legal and data processing, nearly a third (31.4%) of community banks plan to spend 5% or more on compliance than they do did so in 2020, according to an independent 2021 Survey of Bankers.
Instant messaging can be particularly tricky and expensive to audit, due to the real-time nature of platforms such as Facebook Messenger, Slack and WhatsApp. According to a 2015 online survey, only 23% of decision makers in financial organizations said they have the technology needed to capture, process and analyze regulated communications. A more recent survey from Theta Lake shows that almost two-thirds (63%) of companies are still concerned that chat tools could circumvent existing monitoring and archiving processes.
Shield, which was founded by Israeli Tel Aviv entrepreneurs Ofir Shabtai and Shiran Weitzman, claims to help by applying natural language processing to “all employee communication channels,” including instant messaging. Shield connects to document processing, voice, chat, email and social media applications to capture communication data and normalize, index and reconcile it for review. Leveraging metadata from third-party systems, including customer relationship management software, Shield processes communications through a set of engines to “enrich” them, allowing managers to trace orders back to specific messages.
“Shield…provides [alerts and] a detailed overview of why a [alerts were] triggered so that financial organizations can detect possible market manipulation on communication channels – including insider trading, identity theft, [and] forward-thinking,” CEO Weitzman told VentureBeat via email. “[Shield] provides compliance teams with an in-depth analysis and understanding of communication triggers, including the scenario, the rule that was compromised, and an overall relevance score. And, because regulations and procedures may vary depending on the specific financial organization, [the platform] allows compliance officers to customize what triggers an alert based on their specific business needs, rather than a one-size-fits-all approach.
Some regulators think software like Shield could be a useful enforcement tool in the future, especially as financial services workforces become more distributed. (According to a report by PricewaterhouseCoopers, 69% of financial services companies now expect two-thirds of their employees to work from home at least once a week.) In a recent letter, Senator Elizabeth Warren (D- Mass.) pointed to the Libor and forex rate-fixing scandals as evidence that text message transcripts have turned out to be key evidence in cases that exposed criminal Wall Street action.
But privacy issues abound.
In its usage policy, Shield disavows the data it collects from employees and requires customers to report how they use the Shield platform. The company requires its customers to post privacy and data protection policies that comply with applicable laws and explain how they collect and disclose personal data to third parties.
In the United States, the Electronic Communications Privacy Act (ECPA) of 1986 prevents employers from monitoring private messages and password-protected email accounts sent from a personal device, unless an employee provides consent. But the ECPA allows companies to monitor communications for “legitimate business purposes.” Only two states, Connecticut and Delaware, require notification if employees’ email or internet activities are monitored, while Colorado and Tennessee require companies to set written email monitoring policies.
However, while Shield states that it does not allow third parties it does business with to use customer data, the company leaves an exception for court orders and laws that may require it to disclose such data. Shield also states that it reserves the right to “remove any infringing content posted…or transmitted via [its] services” without notifying customers, including content that potentially infringes copyright.
Shield also claims that its “behavioral analysis” technologies are able to detect instances of “toxic work culture” in posts, including sexual harassment and racism. The capability is similar to workplace monitoring platforms like Aware and Awareness’ Interguard, which can scan emails and messages for threatening keywords. Wiretap and Qumram similarly monitor forums such as Slack, Yammer and WhatsApp, using AI to identify “harassment, threats and bullying”.
But there is potential for bias in the algorithms Shield uses in its analysis. Studies have shown that text-based sentiment detection systems can be biased by race, ethnicity and gender – for example, associating black people with more negative emotions like anger, fear and sadness . AI models also tend to analyze hate speech inconsistently, with research suggesting that automated moderation platforms struggle with “black-aligned English,” hate speech quotes, slurs and spelling variations of hateful words.
Shield did not respond to VentureBeat’s question about how it mitigates any potential bias in its algorithms.
A growing market
Shield presents its software as a simple compliance solution. But not for nothing, banks have shown a willingness to use surveillance software for controversial purposes. JPMorgan and Wells Fargo have been testing facial recognition software in physical branches to monitor both customers and workers. For its part, Barclays is said to have installed software – as well as heat and motion sensors – to track whether traders and bankers were sitting at their desks working.
To push back against these technologies, Prospect, a British trade union, recently called for the introduction of measures to protect employees against “intrusive surveillance”. Fifty-nine percent of remote and hybrid workers say they feel stressed or anxious because their employer is watching them, according to ExpressVPN, while more than half say they would quit their job if their manager put in place measures. monitoring measures.
“Technology has undoubtedly enabled many of us to stay safe, connected and working during the pandemic, but there is now a mission shift in its focus,” said Andrew Pakes, deputy general secretary of Prospect, to ZDNet in a recent interview. “We need to challenge the rise of scary technology and make sure digital technology works for us, not the other way around.”
The concerns haven’t hindered the growth of Shield’s platform, which now monitors 5 million interactions a day among 120,000 employees. The company says its customer base grew 200% year-over-year, driving revenue growth of 600% annually since 2019.
With the new funding – which was brought in by Macquarie Capital and OurCrowd with participation from Mindset Ventures – 60-employee Shield plans to open a New York office, expand its customer success team and explore new lines of business, including energy trading. “As the work-from-home environment becomes permanent and the number of communication channels used by employees continues to increase, control and monitoring have become increasingly difficult to achieve,” Weitzman said. “Rather than spend the money and time to hire more compliance officers to counter this increase in market abuse, executives can deploy Shield’s intelligence platform to do the work for them – by providing a more cost effective and efficient regulatory process.”
VentureBeat’s mission is to be a digital public square for technical decision makers to learn about transformative enterprise technology and conduct transactions. Learn more