Reviewed your bank’s chat metadata lately? Maybe you should – before the whistle blows

26 April 2017


Imagine this scenario. You’re the head of compliance at a leading bank, and an employee who works on the trading floor comes forward with some very serious allegations about a senior trader. According to this whistleblower, the trader has been disclosing confidential information about clients to external parties and sharing information on their trading positions.  

You know you have an obligation to conduct a thorough internal investigation and report any significant findings to the regulator. But you also know that the sheer volume and diversity of data that you’ll need to comb through will present challenges if you use in-house resources to do it.

You’re also aware that regulators often prefer such investigations to be outsourced to a reputable third-party, because of the greater objectivity and independence they can bring to the whole process.  

Given that I’m telling this particular story, you won’t be surprised that the head of compliance turned to us to investigate the claims. However, some of what happened during the project was surprising – both to us and the client. I’ll explain why later.

For this client, there were more than 10 million communications across a number of different chat messaging channels relating to eight individuals over a period of five years. Our forensic investigations team hit the ground running, helping the client sift through this mass of information that also included email, recordings of voice calls, written documents and more.

We used our bespoke tools to remove 9.5 million items using a process that enabled the most valuable part of the communications to be carved out. In all we subjected between 300,000 and 400,000 documents to detailed scrutiny, including online communications such as instant messages (IM) and chat as well as voice recordings.

During the engagement, our forensic investigations team made the most of the opportunity to draw on the knowledge and experience of other subject matter experts from across our firm. In this case, the specialists they tapped into for insights included financial services industry SMEs and a dedicated financial services document review team with a close understanding of traders’ vocabulary.  

I won’t go into detail on what our investigations revealed – suffice to say that the investigation was concluded to the satisfaction of both the bank and the regulator. No surprise there. But we did discover another issue that we were able to help the bank resolve.

While reviewing the client’s records of chat conversations, we found we faced particular difficulties because of the way the bank was storing them. Specifically, the client’s internal systems were failing to track and record key metadata for each interaction, including vital information such as dates and times that events took place.

The client was delighted we’d informed them about the issue, and asked us to fix it (which we did). They said that they were surprised by the problem, because other third-party investigation providers had previously worked on their chat records and never mentioned they were incomplete.

In our view, those other providers failed in their duties by not telling the client it had a problem. But there’s also a wider lesson here. In an era when investigations can arise at any time – and when regulators are increasingly likely to demand “look-back” exercises such as PPI trawls, or impose fines for inadequate data – any shortcomings in a bank’s information recording systems represent a huge risk.

So, here are the burning questions: Are you ready to deal with such huge volumes of data from different sources should your next whistleblower speak up? Are you sure your data records are as complete and accurate as possible to enable you to respond effectively when something goes wrong? If your answer’s anything other than a categorical yes, then you should take a closer look - sooner rather than later!

Amjid Mahmood| Director, Forensics Investigations team
Email|+44(0) 7725 706 322