Communication Surveillance
Organizations in 2025 are juggling hundreds of customer communication touchpoints. While traditional phone calls and emails are still in use, it’s the specialized investment apps, social media channels, and messaging apps that regulated companies are now using to stay connected to clients.
Written by a human
These channels are subject to communication surveillance, which involves continuous monitoring for non-compliant activities.
Electronic communications surveillance is rising, thanks to the increase in remote and hybrid working. As digital communications are necessary for both inter-colleague communications and advisor-client relationships, compliance teams must find an automated solution to avoid becoming overrun with surveillance and monitoring tasks.
Importance of Communication Surveillance
In regulated industries such as finance and law, communications surveillance plays an important part in proving compliance with regulations.
Communication archiving acts foremost as a deterrence measure, warning employees against saying anything they shouldn’t to customers, colleagues and friends because there will be a record of such behavior. The surveillance acts as a detection mechanism against violations, ensuring the archive is reviewed to identify risks and prevent poor outcomes.
Businesses in all industries can benefit from the risk management advantages that communications surveillance brings, but it’s especially relevant for regulated industries because many platforms work in real time to track and review content before it escalates.
Similarly, communication on surveillance tends to rely on archives that never leave your secure source of data, keeping information safe, despite it being accessed.
Types of Communication Surveillance
Three key types of communications are regulated for surveillance:
| Type | Ecomms surveillance | Business comms surveillance | Government surveillance |
| Purpose | Communications to consumers and colleagues | Communications about sensitive business topics | Not necessarily business communications: personal to personal, B2B and B2C |
| Which communications are surveilled | Advertisements or sales comms, words of advice, meeting transcripts, website pages and promotions and more | Colleague to colleague emails, internal messaging platforms, texts and more | Posts and messages on forums and social media, along with sensitive channels |
| Example | Financial advisors are required to collect a full client risk profile as part of their due diligence before giving investment advice, monitored for appropriateness | Monitoring for insider trading requires surveillance on staff devices and accounts, flagging keywords in distinct context | A post on Facebook is flagged to authorities because it contains threats of crime, picked up through surveillance |
| Relevant regulations | Investment Advisers Act, Due Diligence requirements | SEC Books and Records, Insider Trading laws | GDPR, Regulation of Investigatory Powers Act and Terrorism Act |
Technologies Behind Communication Surveillance
There is an ongoing debate about the place of AI within compliance, and whether it violates data security and privacy best practices. As a global leader in communications surveillance, Global Relay champions thoughtful and ethical AI-powered practices.
In November 2024, we began implementing a five-layered approach to identify risks within ecomms surveillance, through data standardisation and enrichment, transcription and translation, noise reduction, risk identification and alert management.
Large language models (LLMs) are deployed to drive efficiency, and essentially work like a giant dictionary to understand and contextualise written content. They act to section off parts of each message, flagging whatever has been pre-determined as ‘high-risk’ to a human reviewer.
LLMs can also be programmed to group various communications into categories, which aids in searchability for the surveillance archive. Global Relay’s LLM technology has a deep understanding of financial markets, lines of business and regulatory requirements to reveal compliance and conduct risks.
Transcription tools are also important technologies within communications surveillance because they can automatically turn the sounds from phone calls into written communications, without human insight. This would otherwise be an incredibly manual task, and in most cases, must be completed before the text can be analyzed for risks.
What’s more, AI in communication surveillance software may even work better than human eyes to find and flag risks. Detailed pattern recognition and contextual understanding can spot evasion techniques such as leetspeak e.g. “5p00f”, removal of spaces e.g. “donttellcompliance”, backward spelling e.g. “drawkcab”, and more.
Compliance and Legal Considerations
In finance, the legal framework for both business and personal E-communications surveillance is governed by each of the regulations you’re subject to.
For example, FINRA 4511 is known as the books and records rule. It requires regulated entities to “create, maintain and preserve legible, true, accurate, and complete records”, which applies to both electronic communications records and paper documents. Firms are entitled to outsource their recordkeeping, but have the responsibility to oversee, supervise and monitor the performance of the third party to ensure that it upholds the required standards.
Alternatively, global money laundering and terrorist financing prevention regulations ask that companies perform personalized due diligence requirements and monitor transactions for suspicious circumstances. This includes learning about risk appetite, financial goals, time to retirement and more. Communications surveillance is important here because auditors need to ensure that any recommendations made genuinely align with the customer profile and they can use records to prove or disprove this.
Challenges
One of the biggest challenges associated with a communication surveillance system is maintaining the integrity and security of the data. For example, a message could be edited in-app to make it appear that something else was said, covering up a regulatory violation.
It’s therefore important to work with a platform that captures every communication at source (whether that’s in-app or on the phone) and does not allow for modifications, like Global Relay.
Clearly, there’s quite a range of business communication surveillance frameworks, dependent on both on purpose and location. That being said, it is possible to standardise your approach towards compliant communications surveillance by maintaining best practices.
For example, we recommend:
- Define compliant and non-compliant communications with a clear policy
- Provide regular training to staff at all levels with real-life examples of violations
- Consider how to maintain the integrity of the data with secure archiving platforms
- Proactively surveilling your communications before an enforcement investigation or action occurs
Reviewing your communications surveillance is key
Communications and compliance surveillance technology is an important topic for regulated businesses across the world, and each business may implement the rules in its own way.
Leaders in compliance should approach their systems with a critical eye, as the regulators and auditors will, in order to truly identify any gaps in the current setup. Clarify which channels are important to your business and optimize the archiving and monitoring systems for stability.
And if establishing a communication surveillance process that meets and exceeds regulatory requirements matters to you, reach out to partner with Global Relay.
