Banks Adopt Big Brother Monitoring Rather than Listen to Whistleblowers

surveillance camera operating in office with employees at desks

A Financial Times article at the end of November titled, “Banks tap into big data to trap wily traders” noted that compliance departments at financial institutions are moving to proactive surveillance efforts to catch rogue traders breaking the law.

However, the article fails to mention one easy alternative way for these companies to catch misconduct: listen to whistleblowers.

Taking whistleblower tips seriously has worked well for the U.S. Government. In Fiscal Year 2014, the DOJ paid out a record $435 million to whistleblowers as they played a major role in the government’s collection of more than $5 billion under the False Claims Act. The success of this law over the years led Congress to authorize rewards for individuals providing information to the Securities and Exchange Commission, Commodity Futures Trading Commission and Internal Revenue Service. Following the success of these programs and continued misconduct by corporations in other industries, Congress is now considering expanding the potential rewards to include whistleblowers in the automobile industry.

Many big businesses, surprisingly, haven’t followed the government’s approach. Instead, they have ignored or retaliated against individuals reporting legal violations to the company. A number of the financial institutions receiving large penalties in 2014 were notified by employees well in advance of government enforcement actions but failed to act responsibly and stop the offending behavior.

This anecdotal evidence corresponds with what the U.S. Government has seen. When the SEC released its Fiscal Year 2014 report, it noted that 80 percent of employees reporting misconduct first notified someone in the company. Although companies have warned for years about the potential for awards to thwart internal compliance efforts, this criticism seems misplaced in light of the recently released data.

One of the SEC awards this past year even went to a compliance officer. Compliance professionals are required by Dodd-Frank to notify the company 120 days before they can submit a tip to the whistleblower office. If they are informed in a manner that indicates the company is already aware, they still must wait 120 days in order to become eligible for a reward. The payment of an award to a compliance officer means that the company did not address the securities violation and report it to the SEC in the 4 months they were aware of it.

The article from the Financial Times identifies a number of different ways employees might try to circumvent monitoring, including the use of personal cell phones or social networking sites, as well as the techniques technologists are using to counter them. It also suggests that companies are becoming less dependent on keyword searches of transcripts and more reliant on recognition by sophisticated artificial intelligence.

This reminds me of the debate that has taken place over the CIA’s use of human intelligence versus technology. The extent that satellites, drones and intercepted electronic communications can replace actual boots on the ground is still a source of controvery. Like many in the U.S., banks seem to have embraced technology as the appropriate solution here.

There is a place for both technological solutions and whistleblowers in strengthening corporate compliance. It just seems premature to be monitoring personal cell phones as a solution when individuals reporting actual misconduct are being ignored.