On 30th of March, Clausematch had the pleasure of hosting a very special webinar. It was the first of what I hope will become a series of Women in Compliance Fireside Chats. Six amazing compliance experts participated, each of them answering questions focused on their expertise. Today, I will share the insights provided by Stephanie Feldt, Chief Compliance Officer & General Counsel at Trading.com, one of Clausematch’s customers.
Stephanie has over 20 years of experience in the financial services industry, having worked for both large and small financial institutions, with a diverse background in equities, derivatives, as well as other financial products. She currently works for Trading.com, a licensed retail foreign exchange dealer with the Commodities Future Trading Commission, offering over the counter Forex products to US retail customers. Stephanie was interviewed by my colleague, Lindsey Brown, one of the moderators of the webinar.
With the work from home environment, what does effective supervision look like?
Given the impact on compliance supervision and enforcement brought by a widespread work from home (WFH) environment and the vast majority of employees using personal devices at work, we asked Stephanie what effective supervision means today.
According to her, it generally means developing processes and procedures to detect and prevent possible wrongdoings by an organisation’s employees and its other agents. This is being closely observed by regulators, as a lot of the fines and regulatory infractions happening at the moment relate to supervision. Here is a recent example of a $200M fine applied to JP Morgan over staff WhatsApp use.
Stephanie said companies need to ensure that they are monitoring work-related emails, phone conversations and messages, and making sure that employees are following policies and procedures. In their case, it is also important to make sure that customers are receiving timely statements and that trading is being conducted properly.
She added that monitoring employee activity was already difficult before the pandemic arose, but at least organisations could apply certain restrictions. For instance, people's access to social media pages and their personal email while in the office could easily be curbed. The work from home scenario has created a whole new way to look at supervision, and a new set of challenges.
The challenges of a remote environment
When people are in the office everyday, it is easier to make sure policies and procedures are being followed. If you have a team working on a trading floor, for example, phones are not allowed and access to personal emails is blocked. Now that people are working from home, they have access to all of that, with both their personal computers and mobile phones at hand. So how can you know what your employees are effectively doing?
Understanding a company’s business model and how staff needs to interact with customers is essential for you to develop effective policies and procedures that meet these particular requirements. “Do you have policies and procedures to prevent employees from using personal computers when working from home and to make sure that they only communicate with customers using company-provided hardware?”, she exemplifies.
Solutions and best practices
Stephanie advises having well-drafted policies and procedures that tell employees exactly what needs to be done and provide clear guidelines to follow. They can’t be vague. It’s important to make sure that the compliance team, when writing the policies and procedures, really understands the business model and what the employees do on a regular basis.
“The use of technology is very helpful”, she adds. It allows you to generate reports remotely, monitor interactions with customers, customer training activity, or what traders are doing on the trading floor. Technology helps enable surveillance of email and social media, establish clear procedures as to what emails can and cannot be accessed, and guide the use of social media websites. According to Stephanie, “technology also helps you spread the word on your policies, because having policies that are not followed can actually be worse than not having them at all”.
It is also key to provide adequate training to employees and constantly communicate with your business people to make sure that they are aware of the consequences of non-compliance, such as fines and reputational damage, that have been experienced by multiple financial institutions recently.
In my next post, I’ll bring you some food for thought in the crypto space. In the meantime, to dovetail with Stephanie’s comment on the importance of disseminating company policies, I recommend you take a look at this interesting case study of Barclays’ adoption of a Policy Portal.
You can watch the full conversation with Stephanie here.