Building vs Buying: Market Surveillance




Hanne Jepsen
Commercial Director

AnyConv.com__Sonia (1)

Sonia Chowdhury
Regulatory Solutions


In recent years, the pressure and demands on trade surveillance and communications oversight teams have increased exponentially.

Regulators have issued new rules, market abuse strategies have grown more complex, and new communications channels have emerged. Manual processes are struggling to keep up with everchanging compliance requirements, so modern technology is now a vital element in the fight against market abuse, rogue trading, and insider dealing. 

However, firms face a choice: building or buying. Should they build their own trade surveillance and communications oversight solution in-house, or should they buy a solution from a specialist technology company?

For many firms, this can be a challenging choice to make, as internal stakeholders will mount arguments on both sides. This article will explore the benefits and the challenges associated with each approach. At the end of the day, firms need an effective and sustainable way of managing their compliance obligations and risks. The following insights are based on conversations that our own team has had with firms across the globe in regard to building vs buying as those firms seek to discern how they should move forward.

Topics Covered: 

Understanding The Building VS Buying Conundrum

For many firms, building a trade surveillance and communications oversight software program can – at first – seem like an attractive choice to make. Spending money internally, instead of externally, may be a popular decision. Costs can seem lower and the opportunity for more control can be attractive. However, the actual experiences of firms that decide to construct their technology internally often do not align with these assumptions.






Can be less expensive up front for firms

Costs will be clearly laid out in the contract


Building can be very time-consuming for compliance teams, IT teams, and other stakeholders

Buying provides a ready-made solution, calibrated to a firm’s requirements


Firms may have some internal expertise but often find they must fill gaps with external talent

Experts in trade surveillance, communications oversight, and software building oversee the solution 

Customization and flexibility

In-house builds can be customized to meet a firm’s specific requirements

A vendor solution comes with a wide variety of ways to customize on implementation 

Longevity and

Firms that build their software can struggle with this, as expertise departs and new changes are needed over time

Typically, a vendor solution is constantly innovating and updating in every release cycle

SteelEye-Understanding The Building VS Buying Conundrum Building

Building VS Buying: Building

Building involves identifying the firm’s trade surveillance and communications oversight needs, and then developing specifications for a software solution and agreeing on them with the IT team members that are going to be coding the software. Compliance teams will then need to test the software and specify additional changes. 



  • Firms have full ownership of the solution and its intellectual property.
  • The firm has the ability to leverage existing internal data and technology expertise.
  • The functionality is tailored to the firm’s specific risk and compliance requirements.
  • They have the capability to have internal technology teams make any adjustments to the software as required – for example, as a result of regulatory change.
  • They have no need to rely on a third-party vendor for updates and upgrades to the software.


Many firms who decide to build their systems believe at the outset that it will be much less expensive to develop the software themselves and maintain it over time. However, the reality is that this is usually not the case.



  • Firms have to create their software from scratch, with compliance teams providing detailed specifications.
  • Compliance teams can find it challenging to translate their needs into technology specifications.
  • Firms can struggle to invest enough in their solution to create the same functionality that is available from technology vendors. For example, new messaging types or data integration costs are often more expensive than anticipated.
  • Developing reliable AI and ML solutions to reduce false positives and improve efficiency can be costly and difficult to achieve in isolation.
  • Internal expertise can leave the firm, and their knowledge of the solution goes out the door with them.
  • Attracting new technology talent can be challenging.
  • Compliance teams often struggle to perform maintenance, testing, and quality assurance processes on top of their normal roles.
  • Compliance and tech teams will need to address regulatory change in a timely manner, while continuing to perform their roles.
  • Firms will have to be able to explain to regulators how the software meets all compliance obligations.
  • Firms face indirect support costs, including staff, training, technology stacks, and servers. These need to be included when assessing the cost to build and run an in-house solution.
  • When assessing the building costs, most firms don't account for new asset classes or trading methods that may arise.

SteelEye-The Building VS Buying Conundrum Building

Firms should not underestimate the scale of the project that is in front of them if they build. At a recent industry gathering, several market participants representing firms that decided to build systems internally noted that there are still considerable gaps in their trade surveillance and communications oversight capabilities years after they initiated their projects.

To make matters worse, regulators are becoming increasingly sensitive to technology gaps in general. For example, in December 2022 the UK FCA fined a broker-dealer for having “manual, automatic and communications surveillance processes that were deficient, and therefore, inadequate in properly addressing the risk of market abuse. Additionally, [the broker-dealer’s] systems for monitoring market abuse did not have proper coverage of all asset classes which are subject to MAR.”

In January 2022 in the US, FINRA fined a broker-dealer for failing to calibrate its trade surveillance solution properly, so that market abuse by employees and clients escaped detection. Therefore, firms should anticipate that regulators will investigate and assess the finer points of their build solutions.

Building VS Buying: Buying

When buying trade surveillance and communications oversight software, compliance teams must identify their firm’s needs. They then invite vendors in for conversations, or they issue a request for proposal (RFP). When selecting a vendor, compliance teams usually choose based on the capabilities of the software and the expertise of the vendor’s team, as well as additional third-party risk management criteria.



  • The solution is already developed – there is no need to spend time and resources creating specifications or building and testing software before implementing it.

  • Firms can minimize some compliance risks because the functionality is already working for other firms.

  • The user interface (UI) is tested and optimized so that it truly engages the user and makes it easy to work within the solution.

  • Compliance teams can choose to implement the latest AI and ML technology, such as ChatGPT, to reduce false positives and speed up investigations.

  • Vendors provide support and calibration of the software on a regular basis based on user reviews.

  • A vendor’s solution is typically future-proofed. As markets evolve, new asset classes emerge, and as regulatory change happens, the vendor enhances the software.

  • New communications channels are usually quick and easy to add, as those capabilities are already in place.

  • Vendor software is effectively crowdsourced, as other firms will have had input into its development, which will benefit the purchasing compliance team.

  • Vendors can provide implementation advice, such as which models to apply, and how to effectively calibrate them.

  • Vendors also supply the opportunity to meet with other firms who use the software through roundtables, regulatory insight events, and more.


Overall, compliance teams can benefit significantly from purchasing software – it can save them time and resources in the short and long term, and enable them to engage with new expertise.

SteelEye-The Building VS Buying Conundrum Buying


  • The up-front software purchase price can seem high in comparison to building cost estimates but building costs quickly mount up. For example, the firm needs to upgrade the software, add new functionality, hire experts, and support infrastructure, such as servers, over time.
  • Compliance teams sometimes feel they have more control if they build the software in-house. However, the vendor will ensure that requirements are met through configuration and calibration.

  • Compliance teams may also believe that they won’t have control over future changes, such as updates to support regulatory change. In reality, compliance teams find that vendor software typically meets or even exceeds their needs, without having to spend on development, build, and testing time.


In summary, purchasing vendor software can be less expensive over the medium and long term, assuming firms purchase a solution that is easily configurable and customizable. The vendor should have the expertise to keep the software up-to-date as the regulatory landscape changes and the solution should be able to evolve with the firm’s needs. For example, it should be relatively easy to add asset classes and ingest data from a new order management systems (OMS).

Building VS Buying: The Hybrid Approach

It is also important to note that some financial firms may adopt a hybrid approach to effectively meet their diverse needs. While standard trading activities of listed instruments, which are widely performed by a large number of individuals, can benefit from commercially available solutions, firms often choose to rely on reputable vendors to monitor and ensure compliance in those areas. This allows them to leverage the expertise and resources of established solution providers who have a proven track record in handling such transactions.

SteelEye-The Building VS Buying Conundrum The Hybrid Approach

Simultaneously, firms may opt to build their own customized solutions for their more niche or specialized trading practices. These unique trading activities may involve complex instruments, specific regulatory requirements, or proprietary strategies that demand a tailored approach. The hybrid approach allows firms to strike a balance between leveraging existing vendor solutions for standard trading activities and building their own solutions to address their distinct regulatory compliance needs in niche trading practices.

Compliance teams seeking to choose between building their trade surveillance and communications oversight solution or purchasing the software from a vendor should carefully weigh out their options.

Although building the software can at first seem like an attractive route, it can actually wind up costing more and use substantial amounts of time and talent over the medium and longer term – resources that could be deployed on revenue-generating projects. Firms should ensure they are thinking strategically when they are making the building vs buying choice.

How SteelEye can help

SteelEye is the first and only fully integrated trade and communications surveillance solution. The SaaS based platform is actively utilized by firms worldwide, demonstrating its global operational presence. This advanced technology offers full customization and configurability, empowering firms to personalize the solution according to their specific requirements in collaboration with SteelEye. The UI is not only easy to use but also constantly evolving to enhance compliance analyst engagement. SteelEye's thought leaders consistently provide the product team and engineers with ideas on how to update the software to meet emerging regulatory requirements, encompassing various asset classes and communication channels.

SteelEye-The Building VS Buying Conundrum How SteelEye Can Help

Additionally, the platform introduces new AI-driven features, with the most recent deployment of ChatGPT, which aids analysts in comprehending the context of communications and the underlying reasons for alerts. By opting for SteelEye, firms gain more than just a solution; they embark on a strategically sound path for sustainable trade surveillance and comprehensive oversight for effective communications compliance.

SteelEye-The Building VS Buying Conundrum How SteelEyes Solution Can Help

Turn Supervision into Super Vision

Contact our team of compliance experts to see our platform in action, or to learn more about how we can help your firm gain a competitive advantage.  



Latest News

Navigating AI in Communications Surveillance: Insights from Industry Leaders at Regs & Eggs 2024

| 24 Jun 2024

SteelEye and Intelligent Voice Transform Voice Surveillance through Strategic Partnership

| 18 Jun 2024

Beyond Words: The Hidden Risks of Emojis in Trading

| 06 Jun 2024

Untapped Risk: Why Compliance Needs Voice Transcription

| 22 May 2024

Global Regulators Intensify Scrutiny of Market Manipulation Failures

| 10 May 2024

SteelEye’s Women in RegTech: Sonia Chowdhury

| 09 May 2024