WALL STREET & TECHNOLOGY: E-DISCOVERY REQUESTS LOOM LARGE FOR FINANCIAL SERVICES FIRMS
As regulators delve into firms’ archives to try to pin down responsibility for the current financial meltdown, experts anticipate that litigation will rise sharply. The FBI already announced that it is investigating Freddie Mac, AIG and Lehman, and it is expected that countless other firms will be asked to produce data to support other investigations.
Vivian Tero, program manager for compliance infrastructure at research firm IDC, says e-discovery already has risen on Wall Street’s priority list. “The selling cycle [for e-discovery products and services] has become shorter. The need is immediate — firms have regulators breathing down their backs,” she explains. “Many companies are very worried and concerned, and want systems to respond [to potential e-discovery requests].”
Litigation is on the rise, confirms Rob Brunner, senior managing director in the technology practice at FTI Consulting. “We’ve already been seeing a lot of class action lawsuits and shareholder lawsuits,” he says.
Brunner suggests it is particularly important for firms that are merging or acquiring other companies in the current meltdown to prepare themselves for e-discovery requests. But given the urgency with which mergers and acquisitions are occurring lately, that is a considerable challenge, he acknowledges.
“When Bear Stearns and WaMu were acquired by J. P. Morgan, or Merrill Lynch by Bank of America, each transaction happened within two short weeks. Often that speed means assets have changed hands so rapidly that there may be some residual company that has to produce e-mail for discovery that doesn’t yet own the systems to do it,” Brunner says. “If I sold part of my operational arm to another entity and I’m facing an [e-discovery] request from an oversight committee, I might not yet own the systems to produce the e-mail.”
The key to being prepared for an e-discovery request, according to Brunner, is to make sure companies have access to the information they need to defend themselves even after an acquisition or merger. That means having the ability to collect, analyze and produce the structured and financial data behind business events.
Of course, e-discovery vendors are positioning their products and services to capitalize on the opportunity and are seeing increasing traction in the industry. Financial holding company Raymond James, for example, uses AXS-One‘s technology for archiving e-mails and instant messages as well as Bloomberg messages, and recently deployed Orchestria’s review system, which provides a policy-compliance monitoring tool.
Enabling Smart Search
“It identifies e-mail or communications that might be fraudulent or may have violated internal policies,” says Josh Bohlander, senior manager for technology product management at Raymond James. “It’s been very helpful in identifying any items that may come out for e-discovery or internal discussion.” The technology, he explains, searches for words, phrases, or positive or negative indicators. “It’s much smarter than keyword search,” he contends.
The key to efficient e-discovery, experts suggest, is automation. Vendors such as Stratify, an Iron Mountain company, even offer technology to organize and structure large volumes of documents without any input from the document creators. According to Ramana Venkata, Iron Mountain SVP and Stratify GM, the technology automatically places the documents in groups based on conceptual similarities.
“It can put together all the documents that seem to be discussing financial affairs, and keep those segregated from those discussing IT issues, as in network alerts,” he says. “Unlike a traditional search where you have to type in specific words, Stratify allows you to get a bird’s eye view of your table of contents before you even start searching.”
Recommind’s Insite Legal Hold solution also allows enterprises to explore information where it resides — before it is collected and organized in response to an investigation or lawsuit. The vendor claims the technology allows enterprises to collect and hold only the data necessary for a given proceeding, rather than having to index and aggregate large amounts of data without the ability to determine their relevance prior to collection.
Kazeon‘s Federation technology enables global organizations to review and process data housed in dispersed data centers without transporting it to a central repository. “We carry the searches out in-house,” says Kazeon CEO Sudhakar Muddu. “The data never has to leave [the client's site].”
Other e-discovery vendors are promoting cloud computing for archiving. “We have a large storage grid in a cloud,” relates Gary Steele, CEO, Proofpoint. “As the storage grid gets bigger, it can spread the data more efficiently so it can be found more easily. It gives customers the benefit of not having the cost of managing the information.”
According to Steele, Proofpoint’s appliance sits next to a client’s mail server. It pulls the information from the company’s server, encrypts it with a key that is held by the customer for maximum security and then sends the encrypted data to the storage grid in the cloud.
“As a way of keeping spiraling costs in check,” says Forrester analyst Brian Hill, “firms are also looking at software-as-a-service (SaaS) models. Historically there have been concerns with security and privacy. But SaaS has been doing a good job of addressing these concerns. Also, their pricing model, where you’re essentially renting software, appeals to a number of enterprises as it’s less expensive up-front.”
Ultimately, Michael Mills, director of professional services and systems at law firm Davis Polk Wardwell, says it is essential for companies to keep up with newer technologies in order to make sure they can respond to litigation efficiently. “If you’re using today the same software tools you used two or three years ago,” he asserts, “you’re not keeping up.”
Controlling Your Own Destiny
As e-discovery looms larger and larger over firms, many are taking control of their e-discovery technology buying decisions from outside counsel and bringing them in-house, according to Forrester’s Hill. “Previously enterprises worked with outside counsel who had a high degree of latitude in picking technology solutions they thought were best,” he says. “Part of the trend now is for enterprises to make a short list of vendors their legal counsel can work with.”
Beyond technology, companies also should reevaluate their processes on the whole, e-discovery experts suggest. Davis Polk Wardwell’s Mills underlines the importance of developing standardized processes. “If you’re investing in a new way of doing things, you’re going to increase costs and take bigger risks. So you want to develop standardized processes,” he says.
Likewise, Marie-Charlotte Patterson, VP, marketing, product management, at AXS-One, suggests that for maximum efficiency companies should be proactive in their e-discovery efforts. “The evolution for technology is one that allows you to be better prepared for litigation as well as being able to do early case assessments so that in the event of pending litigation, you can identify what information you have electronically stored and what position it puts you in relative to litigation,” she says.
Further, firms should avoid looking at e-discovery in isolation. Rather, Patterson suggests, companies must understand the extent to which business, risk and compliance are intertwined. “Rather than looking at both e-discovery and regulatory compliance from a siloed perspective, you should look at them holistically,” she says.
INFOWORLD: NEW REGULATIONS WILL SOON SWELL IT WORKLOADS
The financial meltdown, fueled by a decade of exotic financing mechanisms that some say were designed to hide risk and pass it on to unwary buyers, will have a major impact on IT budgets, personnel, and reporting responsibilities. New regulations will put IT in the hot seat, much as the post-Enron Sarbanes-Oxley and other such rules did in the early 2000s as governments responded to that period’s financial shenanigans.
“The country is clamoring for regulation. It’s a popular mandate,” says Josh Greenbaum, principal at Enterprise Applications Consulting. “It is not just about the collapse of the financial credit market. It is also the end of the road on deregulation across all industries.” And it’s IT that acts as the regulators’ “beat cop,” enforcing the rules through the technology systems they deploy and manage, he adds.
So, despite being battered by recession-linked cutbacks, IT will have to find a way to take on the heavy burden of new regulations expected to emerge from U.S. and other governments in 2009, analysts and industry executives agree.
[ Findout how the financial meltdown will affect tech jobs -- and how IT could have helped prevent the mess. ]
Coming: A greater IT burden than Sarbanes-Oxley and the Patriot Act
“The last two tsunamis to hit IT, the Patriot Act and Sarbanes-Oxley, required companies to know their customers and to know themselves and their [own] finances,” says Larry Rafsky, CEO of Acquire Media, which distributes companies’ financial news. “Now, the upcoming regulations will say, ‘Know your customers’ finances.’”
The fact is that no company — not even the financial firms that created and sold them — understood the true nature of how everyone was exposed to everybody else in those repackaged, sliced-and-diced financial instruments composed of subprime mortgages, credit default swaps, and off-balance-sheet investments. The consequences of this convoluted, opaque business will lead to regulations requiring more transparency. As these financial instruments were repackaged and resold, investors lost the ability to track what exactly was in each offering and what the actual risk was; even those trading in such instruments weren’t exactly sure what they were selling or buying. “No one was aware of the links. Everyone was dependent on everyone else,” says Rafsky.
To prevent a recurrence of such murky instruments will require transparency in how companies and what they trade are linked together. That in turn requires increased use of auditing and tracking applications and the business processes behind them, notes Rafsky. It will also require an unprecedented degree of business savvy in IT practices, because regulations will require companies to know the financial strength of their key corporate suppliers and customers. Monitoring those dependencies will be the job of IT.
Even companies not in the regulated financial industry will likely have to follow the regulations sure to come, says Craig Carpenter, general counsel at Recommind, a company that offers search-oriented compliance services. “Anybody that deals with brokers, banks, and credit-risk-based assets will have to be involved,” he says. That includes everyone from hedge funds and insurers like AIG to municipalities and consumer companies like General Electric and General Motors.
Carpenter believes companies are also about to face a new wave of litigation due to the huge losses. That means IT professionals who also have legal expertise will be in great demand. “The competition for personnel will be from law firms, their clients and vendors all competing for the same talent,” he says.
New regulations will touch a wide range of business operations. There will be regulatory reporting requirements with tighter scrutiny and an increased level of detail than what is required today, says Sinan Baskan, director of business development for financial services at Sybase, an enterprise software provider. For example, up until now, a company was not required to report on financial results by product line or business unit. But this will change, he says.
Brokerages will need to redefine and scale up technology significantly
In addition, Baskan expects that regulatory agencies will require that the prime broker executing trades on behalf of a client will have to prove that it did the best execution rather than the fastest. That’s because regulators believe that financial services providers deliberately created pricing inefficiencies that favored themselves at the expense of their clients. The new regulations will try to force financial providers to put clients’ interests first by ensuring that pricing reflects actual value.
As a result, now “they will have to show that they got the best price within a certain time window allotted to them by the client,” Baskan says. To do so means the IT organizations at the brokerage houses will have to “reconstruct the transaction cycle” accordingly. That means a lot more technology needed to follow a whole new set of audit trails for tracking and monitoring trades.
The point of the likely regulations is to re-establish the connection between the price of the security that is traded and the underlying asset that supports that security, like real estate. Getting an accurate price connection requires computing of lots of data from different sources, Baskan says, which will increase demand on IT to implement the underlying methodology.
The expected new regulations will more deeply affect operations than those of Sarbanes-Oxley, which targeted the CFO and other C-suite executives. Baskan expects the new requirements to apply to all transactions in financial and retail accounts. And that means more work for IT, he says: “The [technology] infrastructure has to scale with the increasing productivity.”
Global regulations likely to make compliance more expensive for IT
As governments discuss how to reshape regulations to prevent a recurrence of the current financial meltdown’s causes, global or at least multinational regulations are likely, in addition to local rules. If this comes to pass, rationalizing various worldwide banking systems could become a huge headache and challenge for IT.
“When you have a U.S. bank doing business in London or Tokyo and the U.S. says it is going to back some of these toxic assets in a different way than Asia, nobody has figured out where all these rescue plans overlap with each other,” says David Wright, director of financial service for Software AG, an enterprise software provider.
Wright says that the current international regulatory agencies, like the International Monetary Fund and World Bank, will either have to reinvent themselves or be replaced with new agencies. Either way, that means regulatory changes are very likely — and IT will have to implement the new rules.
Although financial institutions already devote significant IT resources to compliance requirements, they may have to devote a higher proportion as global rules come into force, Wright says. However, “IT won’t be given any more money. They will have to take it from existing budgets unless they can produce a return on investment and business case based on consolidation and rationalization,” he adds.
IT has already gotten a taste of how to handle such new requirements, due to regulations like Sarbanes-Oxley, notes Michael Mills, director of professional services and systems at law firm Davis Polk & Wardell. For example, IT has already found the money for e-discovery, which had been a nonexistent expense just a few years ago and now collectively costs companies $1.5 billion. Mills sees IT having to find even more resources for compliance as the response to the financial crisis brings on more and more regulations.
leave a comment