sapient catelas the new regulatory paradigm

© COPYRIGHT 2010 SAPIENT CORPORATION and Catelas Inc. - All rights reserved.

The new Regulatory Paradigm

How to respond to Dodd-Frank while containing costs

© COPYRIGHT 2010 SAPIENT CORPORATION and Catelas Inc. - All rights reserved. 2

Agenda

What’s the net effect of Dodd - Frank

Current Challenges & How to Respond

Recent Case Studies

Employee Surveillance

A New Comprehensive Approach

Relationships Are the Key

What You Can Do

How Does It Work

Live Demo

Regulatory Fines increase every year – Clearly there is something missing in our Compliance and Risk processes and technology.

Panel Speakers:

Alan MorleyCompliance, RBS Global Banking & Markets

Chris EkonomidisDirector, Business Consulting, Sapient

Eddie CoganCEO and Founder, Catelas, Inc.


Net effect – significant increase in complexity


Net effect – more rules - 421 !!


SEC Chairman Mary Shapiro recently spoke of the "enormous burden" as the SEC shifts resources to create a new regulatory regime for hedge funds - 105 new rules, 20 studies and five offices. Shapiro’s “burden” will translate to increased enforcement/inquiries and additional surveillance rules for everyone involved in the Hedge Fund and Asset Management industries.

“The SEC is going to cast a much broader net to include people on the edge of a fraud,” said Steve Crimmins, a former trial attorney at the agency who’s now at law firm K&L Gates LLP in Washington. “There will be legions more SEC cops on the beat and that will mean a lot more activity.”

Under Dodd-Frank, which was signed into law in July, the SEC can sue an individual who “recklessly” aids a fraud even if the person isn’t aware of the wrongdoing.

The provisions “increase the likelihood of litigation” with fewer quietly settled cases, said David Kornblau, who was the SEC’s top prosecutor from 2000 to 2005

Net effect – increased enforcement, number of inquiries & more surveillance rules


Current Challenges & How to Respond

No more “smoking gun”

Keyword search monitoring – too many false positives

Random sampling – limited value from a risk perspective

Costs are high, process is manual and impact generally accepted as being unreliable with very few ‘successes’

It is no longer enough to “satisfy” compliance requirements. It is far more important to Identify Risk and to Proactively avoid adverse events

Transcripts showed Ms. Chiesi talking with Mr. Kurland, quoting him as telling her in August 2008: "Don't put anything in email.... Don't email even Raj."


“[SEC ] charged a Wall Street investment banker, another securities professional, and one of their friends in a clandestine insider trading ring that netted approximately $1 million in illicit profits by trading ahead of at least 11 mergers, acquisitions, and other corporate deals.”

“coded e-mail messages that referred to securities and money as ‘frequent flyer miles’ and ‘potatoes.’ “

“…Poteroba, Koval, and Vorobiev are each Russian citizens who attended college [together] in the 1990s at the University of New Haven in Connecticut. “

3 players – only one within each firm

Coded emails – not detected by keyword surveillance

Strong Relationships are the indicator of collaboration – good or bad

Recent Cases – Insider Trading


“UBS has filed a lawsuit against three former quant employees alleging that they stole proprietary trading software with the intent of using it at their new employer, Jefferies & Company.“

The three were also accused of starting their new jobs at Jefferies & Co while still employed at UBS.

A FINRA arbitration panel denied the injunction because they claimed that they always sent code to their personal email addresses and there was never a problem before.

Compliance and Risk efforts were inadequate because they did not detect the data breach for years.

UBS Accuses Three Quant Traders Of Stealing Its Code

Recent Cases – Employee Theft

http://www.businessinsider.com/ubs-accuses-three-quant-traders-of-stealing-its-secret-code-2009-6


“[FINRA} fined MetLife Securities, Inc., and three of its affiliates a total of $1.2 million for failing to establish an adequate supervisory system for the review of brokers' email correspondence with the public.

…the firms relied on the brokers themselves to forward their emails to supervisors for review…But brokers were able to delete their emails from their assigned computers, thus rendering spot-checks unreliable.“

Certain employees exploited gaps in the compliance implementation and circumvented controls designed to allow MetLife to comply with securities laws.

FINRA Fines MetLife $1.2 Million

Recent Cases – Email Supervision


Early detection = containment!

Employee Turnover Proactively identify departing employees Monitor activity and behavior of departing employees Monitor activity and behavior of new employees

Information Theft Fill gaps in DLP tools by identifying behaviors, not just key words Monitor email behavior to external parties (webmail, press, competitors)


FCPA (Foreign Corrupt Practices Act) Corruption is sophisticated – no one uses key words that would attract attention Physical interviews and searches are often the most powerful tool , but it must be

coordinated and timed to avoid alarming those involved Companies must proactively identify risky relationships and monitor them closely


Information Barrier• Uncover relationships between people within the firm• Include connections outside the firm• Identify information flow• Rank connections based on strength

Benefits• Quickly identify potential breaches• Focus the inquiry• Save time and reduce cost


Insider Trading Identify Interconnections between key individuals (internal & external) Drive physical investigation – Who to interview? What is the nature of your

relationship with X? Who is else may have relevant information? Identify relationship, regardless of language or use of code


List Monitoring• Search Archives with keywords• Uncover who is talking to whom about

which topics• Identify key missing people who did not

use keywords

Benefits

Ensure Corporate wide compliance

without extensive email review

Fast, low cost

Comprehensive



Which of the following issues concern you today (pick one or many)?

• Information Barrier Breaches• Information Theft• Email Supervision• Employee Surveillance & Compliance: FCPA, AML, PII• Other (not listed here)

Audience Poll

?


A New Comprehensive Approach

Traditional data-centric tools: Keyword search - false positives for manual review

Random sampling - false negatives, what’s missed?

Content must be collected; still growing in volume

Many risks involve external parties

Costs are high, process is manual and impact generally accepted as being unreliable with very few ‘successes’

New Perspective – Proactive Relationship Monitoring and Audit Instead of Key Words – focus on people relationships first and then content Allows surveillance of entire email network with same manpower as sampling Proven link analysis methodology used by law enforcement


Catelas Relationship Forensics is a comprehensive approach to compliance & security allowing significant risk reduction around events such as IP theft & information barrier breaches.

With the same manpower, Catelas allows the entire communications network to be monitored not just a sample - without collecting a single email!

Information Barriers

Restricted Lists

Watch Lists

Control Room

Information Security

Trading Strategy

Trading software

Who knows who? What are they saying?

Relationships are the Key


• Surveillance, Compliance & Information Security- Proactive, always-on, comprehensive monitoring and audit solution- View entire corporate communications network through log file analysis,

not just a sample- WITHOUT cost & time of data collection

• Watch Lists, Restricted Lists, Deal Rooms – native email analysis- Who spoke to whom; about what and when- identify if people are talking about issues other than the participants

• Easy to use, deploy and support- Fully automated, non-disruptive- Don’t integrate to exchange or Archive- Deployed in days- Quick time to value

What You Can Do


The Catelas: 1st Comprehensive solution Unique Behavioral Science algorithms

uncover the strong relationships inside & outside firm

Social Network Analysis identifies missing custodians & uncovers ‘friends in common’

Log file analysis allows ENTIRE company network to be uncovered

Advanced Data Analytics uncover IP theft & information flow across barriers

Highly scalable & comprehensive Easy to use, deploy & maintain Low cost of ownership

IMEmail Telephony Log files

Behavioral Sciences

Network Analysis

Data

Analytic

s

Catelas is the first enterprise-wide communications Compliance & Risk solution

How We Do It


BenefitsBusiness Benefits: Risk Reduction: Significantly reduce regulatory risk as EVERY email included No increase in resource:

Same resource, same time – completely audit of information barriers, watch lists etc Networks of interest AUTOMATICALLY created weekly, monthly Investigate Suspicious Activity Reports instantly without IT support – Always-On solution

Non-disruptive to Business & IT No integration No emails collected Deployed in days

Return on Investment: Reduce Regulatory Risk Significantly Improve productivity Cut collection costs by over 80% Cut travel costs as preliminary investigations

conducted centrally


Live Demo


Thank You

Eddie Cogan617 407 [email protected]

Thank You & Stay Tuned for Future Webinars!

Chris Ekonomidis646 207 [email protected] www.sapientglobalmarkets.com

Alan Morley(201) [email protected]

RBS Global Banking & Markets

mailto:[email protected]

http://www.catelas.com/


http://www.sapientglobalmarkets.com/


sapient catelas the new regulatory paradigm

Documents

new rules

new employer

new jobs

monitor email behavior

new regulatory regime

new regulatory paradigmhow

net effect of dodd

dont email