/solutions/regulatory-compliance/

Regulatory Compliance

Meet regulatory, legal, and governance requirements for all your communications.

$204M
In fines levied in 2016

Actiance enables firms to meet regulatory and information governance requirements for the capture, retention, supervision, and storage of 80+ communications channels.

Comprehensive Communications Compliance

One solution for all your compliance needs.

Compliance is not just about regulation. It's also about adhering to legal, governance, and security policies for all markets in which you operate. The Actiance Platform is your single solution for comprehensive communications compliance offering:

  • Forensically-sound TrueCompliance content capture
  • Active Compliance for real-time monitoring, blocking, alerting
  • Granular controls to meet retention and disposition policies
  • Secure, tamper-proof content storage

The Actiance Advantage for Compliance

Mitigate Risk with TrueCompliance Capture

Forensically-sound content capture providing full binary record and hash value, message order preservation, and complete chain of custody protection

Real-time control with Active Compliance

Capture, monitor, block, alert, and/or delete based on conversations and contents being shared in real-time

Automate content retention and disposition

Define and uniformly enforce retention and disposition globally, or granularly to meet specific industry and governance requirements

Secure, immutable content storage

Preserve communications in a tamper-proof, WORM-compliant storage environment

How Actiance Can Help with Compliance

Real-time moderation and pre-review

Proactively monitor communications with Active Compliance controls including alerts, message blocking, ethical walls, and disclaimers to prevent compliance issues before they happen

Industry-specific content retention and disposition

Meet specific record keeping requirements outlined by FINRA, SEC, HIPAA, FDA, FERC, IIROC, FCA, MiFIDII, and other regulatory bodies by applying retention and disposition policies to all communications

Supervision and content surveillance

Enable compliance with Financial Services supervisory requirements with expressive review policies, flexible workflows, and robust dashboards and reporting. Harness advanced analytics to spot compliance violations hidden within data and leverage full APIs to deliver communications data to downstream apps for holistic surveillance

Governance over all communications

Manage all communications according to defined categories of information value / information risk to meet internal records management and information governance policies

Single platform for unified policy control

Compliant capture and storage for all communications.

Actiance delivers a unified platform to write policies once and apply uniformly across all communications channels, or uniquely for a specific user, business unit, or geographic market requirement. The Actiance Platform includes:

  • Socialite: enables the compliant use of public social media
  • Vantage: provides real-time policy controls for unified communications, collaboration apps, and industry-specific communications networks
  • Alcatraz: an immutable, tamper-proof content store to meet retention and disposition requirements
Penalties for non-compliance include fines from $5,000 – $100,000 per month, increased transaction fees, and terminated bank relationships.
PCIComplianceGuide.org
Knowledge Center

About data compliance

Data compliance is focused on ensuring that interactions with clients, business partners, or other employees can be controlled in accordance with industry regulations or internal information governance policies. This is based upon the premise that information has value or risk based upon its content and the context of a conversation - and not whether that information happens to be communicated via email, voice, tweet or instant message. In fact, this premise applies to any form of structured or unstructured data including files, documents, video recordings, or financial trade data.

However, for many firms, the road to unified data compliance is long and complex given the existence of multiple legacy technologies that are used for a specific, unique data source or use case, such as journal-based archives for email, bloated enterprise content management systems (ECM) for files, or SharePoint as a dumping ground for a bit of everything. This makes data compliance a challenge - not only to understand the value or risk of data residing within each of those systems, but also in attempting to define and implement policies that can be administered while minimizing redundancy and re-work.
The challenges of data compliance can be greatly simplified by starting with a few simple steps. First, when evaluating new communications sources, ensure that experts in data compliance are engaged in the due diligence process. Second, understand the features available that allow you enforce your policies through that channel, both natively and those available via third party technologies. Third, be aware of what content from that data source can be captured - and in what form. Many emerging content sources (such as social media) are dynamic, and data compliance risk can be mitigated by ensuring that full conversational records can be captured, stored, and reviewed in their native format.

Knowledge Center

About record retention

Information is the life blood of most organizations. Record retention seeks to care for this vital asset by ensuring that information can be preserved according to its value to the business. More than just a task of records managers or burden upon knowledge workers, automated record retention can ensure that business records can be preserved, and information be leveraged on-demand by legal and compliance stakeholders, executives, HR, and other customer-facing staff. And today, with the variety of communications sources in use by most organizations, the ability to apply record retention policies across all communications is imperative.

Records retention is typically outlined in a documented records retention policy, which outlines a variety of records categories, each with its own retention period. While many policies are often heavily driven by specific industry "books and records" requirements (such as FINRA 4510 or MiFID II Article 16), it is also true that there is no 'One Size Fits All' retention policy. In fact, records retention is typically produced from a cross section of business drivers, including legal, regulatory, security, and other factors unique to the intellectual property and nature of products or services provided by a specific organization. What is becoming less of a driver in records retention is technology. While aggressive disposition policies had been previously followed by firms with on-premises systems, many of those systems have now been migrated to the cloud, thus reducing the motivation to shape record retention policies based upon storage costs. Many firms have existing records management systems for the long term storage of records, which often contain very detailed and lengthy lists of records categories. A common question that arises is how records retention should be applied to business communications, which often contains transitory information (such as one's history of carne asada burrito orders from EAT Club). As best practice, firms should consider implementing a record retention strategy for communications of 'big bucket' policies. For example, utilize the highest level of records categories (e.g. "M&A", "strategic initiative", "top 10 customer"), and apply those against communications so as to not become bogged down with policies that are too complex to implement.

Talk to a Compliance expert

Contact Us

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close