Each firm has different stakeholders when it comes to policy, but two main categories that are common are those responsible for communication surveillance policy definitions and those responsible for sign off on acceptance criteria.
Not all firms have just these two categories. In some firms, IT, compliance, control room, legal, and other groups have a stake in policy. Ensure you accurately define the signoffs and process for testing and releasing policies.
If you currently have a process in place and have your policies or rules properly defined, the migration process is simplified. In some cases, the destination vendor may be able to pick up that documentation and greatly improve the migration success.
More than just looking at what you have but also looking at what you are supposed to have. During the analysis ... Read More
Technically Creative will work with the client to review the results of the constructed policy/rule potentially... Read More
When it comes down to the actual design of a policy/rule, each vendor has different capabilities and thus... Read more
Probably the highest stress point of this entire cycle is actually putting all those changes into production... Read More
Regardless of the system, the difficult part is actually building what we just documented. Read More
It is always smart to be proactive and run an analysis and trend across all of your changes – from things... Read More
Some firms have gone the route of extracting the lexicons and phrases from the policy and try to have the destination system interpret it. Technically Creative has seen various levels of success in going this route, but overall it resulted in extensive testing and validation.
Usually through a migration, you end up with something better in the end due to the volume of testing you have to do on the policies. In the process you can also target issues in your current policies to make them better in the destination system. It’s even possible the new system has a function/feature.
Some vendors have what they call “out of the box” policies. Technically Creative offers 200+ policies from our Policy Catalog. Though these policies are a great start, we recommend custom modification to make them even more effective for your business.
It is critical to confirm your new system’s policy effectiveness by testing the results of policy conversions. Technically Creative highly recommends that you have your initial policies professionally developed. There is a sharp learning curve to become proficient in new policy languages; if you don’t fully understand the differences in functionality, it can lead to some critical oversights.
Plan for maintenance and refinement: it’s critical to maintain your policies.
The key points you must have are:
CONNECT WITH US ON TWITTER AND LINKEDIN
More than just looking at what you have but also looking at what you are supposed to have. During the analysis phase, the stakeholder must be involved; this includes anyone that holds weight for what a policy or rule needs to cover, or what the firm’s concerns are in communications. Remember that these do not need to be regulatory items; these can also be risk-related items.
For example, having a communication surveillance policy that covers customer complaints but doesn’t include terms like “you messed up,” or monitoring for gifts and entertainment without the word "gift" in the policy or rule. This is something several firms were cited for in recent years. We know the word hits a lot, but with any good supervision solution, you should be able to reduce the hits based on when the use of the word is not an issue.
Technically Creative will work with the client to review the results of the constructed policy/rule potentially running through multiple cycles of ingestion and review of the captures content.
When it comes down to the actual design of a policy/rule, each vendor has different capabilities and thus a different design process. The key points in every system related to design are still the same – what do you need to find? – and document it well enough to build it. Keep in mind design can be based off your original policies or starting from scratch with constructing new ones that came out of the analysis phase.
Probably the highest stress point of this entire cycle is actually putting all those changes into production. It is always strongly advised that you have test users and test events for the policy – potentially also incorporating your changes to run through the system, to confirm proper capture.
Regardless of the system, the difficult part is actually building what we just documented.
Once we dive into construction, this is where the resources are really being utilized – from setting up the system, establishing data sets, actually constructing the communication surveillance policy and running data through the system – to test and validate the results before even stepping into the refinement cycle.
It is always smart to be proactive and run an analysis and trend across all of your changes – from things like your capture rates to frequent violators and frequent language results in hits. Technically Creative frequently sees cases where after a week, communication surveillance policy or rule violations have sky rocketed due to a simple phrase in common documents which causes violations. The faster you jump back to the refinement phase to fix something like that, the more your reviewers will appreciate you.
Technically Creative can do a quick evaluation to ensure your policy’s coverage is as complete as it should be and you have all the necessary documentation. Technically Creative offers a free assessment on the core components related to supervision.
