On the 26th of May, we hosted our annual Regs & Eggs event, which brings together industry experts and market practitioners from across the financial services landscape to discuss compliance trends, challenges, and opportunities.
This year's theme was “Trades, Communications, and AI working together, changing how financial services firms approach compliance.” In a rapidly evolving landscape, we wanted to hear from rule makers, industry leaders, and practitioners about the evolution of compliance, the importance of risk management and culture, and the role of multidimensional data and AI in the financial markets. And that is exactly what we did.
During Regs & Eggs 2023, we heard from the original "Rogue Trader" Nick Leeson, about the collapse of Barings Bank and the culture and lack of compliance safeguards that ultimately led to the bank's downfall. We also heard from compliance and surveillance leaders at the FCA, William Blair, NatWest, and Fidelity International Strategic Ventures, about the importance of data and the role of AI in financial services.
It was a fantastic event full of interesting ideas, opinions, and discussions, and this blog highlights our main takeaways from the day.
The collapse of Barings Bank, and Mr. Leeson’s role in it, is one of the most spectacular debacles in financial history. When the bank collapsed in 1995, the media described it as a wake-up call and that something like this should never happen again. Yet, more than two decades later, we continue to see countless cases of rogue trading, financial scandal, and corporate fraud in many industries worldwide.
Despite advances in technology, security, and IT, human error and poor judgment are at the heart of all these cases. During his session, Mr. Leeson spoke about Barings Bank's collapse, the culture that existed at the time, the lack of technology, and the missed signals that ultimately led to the bank’s collapse. Ultimately, Mr. Leeson pointed out that the signals and the data were there, as they were in many of the more recent banking scandals (for example, the FTX Collapse, SVB Bank failure, and Credit Suisse troubles); they just weren’t being used.
“Technology is an enabler of compliance.”
Technology is an essential safeguard against financial crime and market abuse. According to Mr. Leeson, the bank had limited technology during his tenure, and systems and controls were very basic. Compliance simply was not a subject matter or a role given much importance. To contextualize this, there was one compliance manager and one risk manager within the bank at the time, and the same person held both roles.
The positive thing is that technology has come on leaps and bounds over the past 30 years, and firms have much stronger systems and controls today, the only exception being the crypto markets.
“I wouldn’t have done what I did if I had a knock on the shoulder.”
Another important piece of the compliance puzzle that was missing, which ultimately contributed to Mr. Leeson’s activities going unnoticed, was the fact that no one dared to challenge what he was doing or the activities that were taking place in the Singapore office. Despite countless inconsistencies and data errors, no one asked any questions.
“Anybody could have asked me what was going on. No one did.”
This was partly because Mr. Leeson was believed to be the top-performing trader by a long way and upheld a kind of untouchable “superhero” status in the bank. It was also because the head of the Singapore branch was widely recognized as an unapproachable person.
The moral of the story is that firms must embed a culture where everyone feels empowered and comfortable to challenge each other.
“If change and consolidation programs aren’t controlled and regulated, those changes mean there could be problems.”
In the period leading up to the collapse of Barings Bank, the bank was going through a lot of change and consolidation.
It doesn’t matter whether a firm is a hedge fund, asset manager, bank, or broker; the words “change” and “consolidation” should always act as warning signals that controls could slip. Change needs to be carefully managed to ensure the robustness of risk programs.
“There was a lack of understanding at Barings Bank at the time. Everyone was incredibly well-educated and knowledgeable, but they didn’t understand the ways in which I was trading.”
Everyone working at Barings Bank in the late 80s and early 90s was very well-educated. However, there was very little understanding of Mr. Leeson’s activity and how he was trading, which ultimately meant that his rogue activities went unnoticed. The quote by the Athenian historian and general Thucydides comes to mind, “Knowledge without understanding is useless.”
There was even an instance where the Monetary Authority of Singapore contacted the bank to challenge one of Mr. Leeson’s trades. Because of the lack of internal understanding, that inquiry went to a few different people before eventually being forwarded to Mr. Leeson himself, who responded.
Ultimately, firms need to fully understand their operating models and the risks they are subject to. This is essential for robust compliance.
This year, our Regs & Eggs panel was tasked with discussing the evolving role of multidimensional data and the application of AI in surveillance.
The panel covered a wide variety of themes discussed by speakers from the FCA, William Blair, and NatWest and was moderated by Independent Advisor Mark Croxon. Here is a summary of the key highlights.
Data is at the core of digital transformation. Regardless of what systems or solutions are being used, regulatory compliance will not be effective or accurate if a firm doesn’t have complete and correct data. However, the proliferation of data and channels remains one of the biggest problems facing compliance professionals today. Simply managing data has become a huge task within compliance teams due to the sheer volume produced across various channels.
Technology can go a long way to help solve data challenges. Firms should focus on solving data challenges before solving specific regulatory issues or considering advanced technologies like AI or ML. That said, it is important to remember that data will always be a journey. Firms need to continuously invest in finding, bringing together, and connecting data, especially as data volumes grow and new data channels emerge.
Whether it’s voice communication or electronic messaging platforms like WhatsApp or WeChat, capturing the right data is crucial for compliance. However, the explosion of digital e-communications channels and the speed at which new channels emerge means that complying with communications surveillance rules remains a prominent challenge.
Regulators are increasingly focussed on communications rules. Just last year, the SEC fined Wall Street firms more than $2 billion over unauthorized communications, and this year we have already seen even more fines. While regulatory priorities differ in the UK, where different firms are penalized for different failings, overall, regulators care about record keeping and communications monitoring.
Unmonitored channels and personal devices are often blind spots in monitoring programs. There will always be channels that sit outside of the approved compliance controls. Although it is possible to monitor for communications hopping by tracking communications that involve specific indicators, such as “I’ll text you on WhatsApp," it is nearly impossible to detect communications on unapproved devices and platforms in other instances. Further, even when communications hopping is identified, compliance officers can find it difficult to take action due to privacy considerations. For example, in the UK and EU, if a surveillance system shows the intent of an employee to communications hop to a personal device, the compliance officer cannot ask them to hand over their personal phone for data privacy reasons.
Over recent years, market surveillance regulations haven’t changed much. However, the regulator’s expectations have. Technology has evolved, and regulators now expect more from firms.
Simply having a compliance system in place is no longer good enough. Many firms assume that implementing technology will check all the boxes, but this isn’t the case. Technology needs to be properly integrated and calibrated, and firms need to have a framework around what they are using and understand the results they are getting.
Firms must remember that technology is only part of the solution to solving regulatory challenges. Before deploying any solution, firms must conduct a risk assessment and understand the specific risks their business is subject to. Only once this has been done should firms consider how to address those risks, which usually comes down to balancing policies, processes, and technology.
While AI has existed for several years, many firms find it has yet to make a practical difference. Despite solving some problems, such as false positives, AI has also created new ones. The amount of data needed to plug into these systems is huge, and getting it right requires vast volumes of data and a lot of teaching.
In other areas of financial services, AI has introduced new risks. However, within market surveillance, the risks aren’t new; they are just increased. Model validation, outsourcing, and training biases – these risks were already there, which means that regulators already understand them.
It is important to remember that AI cannot replace human accountability. Ultimately, if the regulator comes knocking, firms need to be able to answer why their system did or didn’t pick up on specific signals or risks. A system cannot be blamed, and the responsibility remains with the humans.
AI should be part of a larger compliance strategy and be viewed as a utility. It should not replace a human or be relied on in its entirety.
To demonstrate the power AI and Large Language Models, this summary of the final session of our 2023 Regs & Eggs event was written by ChatGPT based on the presentation recording without any editing.
In recent years, the growing influence of artificial intelligence (AI) has been keenly felt across various sectors, with the financial industry being no exception. Renowned technologist, entrepreneur, and angel investor, John O'Hara, provides a unique perspective on this transformative power of AI. His insights encapsulate the evolution of AI, its present-day applications, and a glimpse into its promising yet challenging future.
AI's potential and wide-ranging applications, from algorithmic advisors and automatic reconciliations to regulatory and compliance risk management, are driving its rapid adoption within the financial sector. Interestingly, AI capabilities extend far beyond just machine learning, including areas such as content generation, voice synthesis, and translation - all of which closely mimic human abilities.
The milestone research paper, "Attention is all you need" from Google revolutionized AI development, paving the way for advanced models capable of mimicking both short-term and long-term memory. These large language, video, and audio models, trained on millions of internet documents, demonstrate a deep and wide foundational knowledge base combined with context comprehension.
However, the application of these advanced AI models comes with significant costs, both financially and environmentally. The heavy computational tasks required for training these models contribute to a large carbon footprint, necessitating research focused on making AI systems more efficient.
Emergent behavior observed in newer, larger AI models represents significant improvements over previous iterations. While these improvements are often anthropomorphized, attributing human-like intelligence to AI models can be misleading. Despite impressive feats, like passing the United States legal bar exam, AI models are still prone to profound errors, which they can assert with misplaced confidence.
AI has found a practical and profitable niche in businesses dealing with repetitive and well-documented tasks. These "shovel-selling" processes, as O'Hara phrases it, can often meet the required quality standards with AI implementation. Yet, AI failures can be "spectacularly wrong," leading to unusual or even dangerous outcomes, often referred to as AI "hallucinations."
In essence, AI models are powerful tools that can provide expert-level insights across most internet-documented topics. Despite their potential for errors, the correct application of AI in business and everyday life can yield significant benefits.
While AI is an extraordinary tool, it does exhibit limitations, particularly in logical reasoning and mathematics. AI models often prioritize generating pleasing and coherent responses, which can lead to misleading results, especially when they lack complete understanding of the subject at hand.
Despite these challenges, a growing community of open-source models is addressing issues associated with large-scale AI models, such as extensive resource usage, potential privacy concerns, and vendor dependency. These models offer a faster and cheaper alternative to the traditional tech giants' offerings.
As AI continues to evolve at a breathtaking pace, we witness subtle yet significant changes, such as in AI tasking and prompt engineering, that improve model accuracy. One of the most intriguing advancements is the emergence of a team of AI agents, each performing a specific role to achieve a collective goal. This strategic use of AI is likened to robotic process automation on steroids.
The transformative power of AI will not spare financial services. Reports suggest a potential upheaval in global work, with up to 18% being computerized, affecting up to 300 million jobs. In the financial services industry, this disruption could be even more pronounced, with predictions of 45% of roles being impacted by 2030.
This AI revolution has the potential to be as transformative as the industrial revolution, the advent of electricity, or the creation of the Internet. Uniquely, AI could commoditize and scale intelligence itself, signifying a shift akin to the surge in agricultural productivity seen in the last century.
As we stand on the brink of the AI revolution, a strategic and thoughtful approach to AI adoption is crucial. Companies need to create centers of excellence, stay informed about AI advancements, and prototype AI workforces. Experimentation with small-scale deployments will be key to understanding the impact of technologies like AutoGPT and BVAGI.
However, the journey is fraught with potential risks, such as the misapplication of AI, hostile actor compromise, and rising regulatory concerns, particularly as AI-powered mass personalization could influence election outcomes.
As we transition from traditional white-collar fields to AI-powered workforces, managing this shift is a massive responsibility.
We cannot afford to ignore the productivity potential of AI, especially in light of impending demographic changes. But this transition needs to be handled cautiously to avoid causing profound unemployment.
The AI journey promises to be exciting, and its advancement will undoubtedly revolutionize the financial industry and beyond. However, the navigation of this path requires caution, awareness, and strategic planning. AI is neither a toy nor a human. It's a tool, a powerful one, that can be applied to business and everyday life in meaningful ways. The future of AI is bright, but it must be handled with care.
Contact our compliance experts to see our platform in action or learn more about how we can help your firm reduce compliance fatigue.