Smarsh, the leading provider of hosted archiving solutions for compliance and e-discovery, today released its sixth annual Electronic Communications Compliance Survey Report.
The results of the survey of compliance professionals in the financial services industry highlight that supervision practices aren’t sufficiently addressing the compliance implications of ongoing trends, such as increased regulatory scrutiny and the challenge of adapting to newer communications channels like social media and text messaging. Concerns about electronic communications policies, policy enforcement, and retention gaps remain high, indicating many firms are vulnerable to undetected fraud, errors, and potential regulatory enforcement penalties.
“Firms have an immediate need to rethink their traditional approach to the retention and oversight of electronic communications, especially as they aim to demonstrate a culture of compliance,” said Stephen Marsh, CEO and founder of Smarsh. “Our data illustrates that too many firms are not retaining and supervising different types of electronic communication, and not performing systematic supervision as regularly as necessary. Those that do have established surveillance programs are struggling to find efficiencies under the weight of a growing volume of electronic communication.”
Compliance Gaps Lead to Confidence Gaps
Compliance professionals need to supervise all types of business communications, even when messages reside on personal devices and social media accounts. Making this a reality, however, presents challenges, and compliance to-date has not kept up with implementing retention and supervision systems for all the communications channels employees use for business. For instance, more than 40 percent of firms that enable employees to use LinkedIn and Facebook do not have retention and supervision solutions in place, leaving them vulnerable to compliance risk. This compliance gap is even greater for mobile/text messaging, where almost 70 percent of firms that allow its use for business fail to archive the content.
It’s no wonder that less than half of survey respondents said they are mostly or completely confident that their current supervision program will effectively identify risk for their organization. Whether new content types are allowed or not, compliance professionals report low confidence that their firm is in full compliance with regulatory requirements for these communications. For instance, almost 60 percent of respondents from firms that allow text messaging for business communications have little or no confidence in their ability to produce these electronic records within a reasonable time frame.
The report also addresses several additional aspects of electronic communications compliance.
Key findings include:
• Social media is the communication channel representing the highest perceived level of risk, cited by almost 50 percent of respondents.
• Forty percent of survey respondents believe too many or way too many messages are flagged for their review as part of the supervision process, indicating firms either don’t have the resources needed to effectively keep up with reviews, or they see too many false-positive search results which take up valuable compliance team time.
• Nearly 90 percent of respondents expect the resources (time and/or money) dedicated to electronic message compliance will remain the same or increase only slightly in the next 12 months. Fewer than one in ten expect to receive a significant resource increase. Unsurprisingly, this concerns compliance professionals. More than one-fourth of respondents (28 percent) cited insufficient budgets as a top concern this year, up from 22 percent last year.