Veritape Ltd.

Alkrington Hall, Alkrington, Manchester, M24 1WD, UK
tel. +44 (0) 845 899 5500 fax. +44 (0) 8458 99 55 11
website: www.veritape.com

FSA Compliance

UK Financial Services Authority (FSA) requires many financial services firms to record calls.

The FSA’s paper confirming the rules changes says that “Firms will be required to record telephone lines used for voice conversations that involve the receipt of client orders and the negotiating, agreeing and arranging of transactions across the equity, bond and financial commodity and derivatives markets…”

So how do I know if my business is required to record calls?

Firstly, we suggest you read the FSA’s Conduct of Business Sourcebook (COBS). In it, section 11.8.1R says that telephone recording requirements apply to a “firm..which carries out any of the following activities:

(1) receiving client orders;
(2) executing client orders;
(3) arranging for client orders to be executed;
(4) carrying out transactions on behalf of the firm, or another person in the firm’s group, and which are part of the firm’s trading activities or the trading activities of another person in the firm’s group;
(5) executing orders that result from decisions by the firm to deal on behalf of its client;”

In addition, the July 2010 publication Mortgage Market Review: Arrears and Approved persons - Including feedback to CP10/2 contains more information about FSA recording requirements. (Please note that terms in italics have specific legal meanings.)

Veritape meets all the FSA’s requirements for call recording.

Whilst the FSA doesn’t “approve” or “authorise” call recording systems, and as such no call recording system can be labelled as being “FSA compliant”, it won’t accept call recordings which have been tampered with, paused or obviously edited.

Veritape’s CallGuard ensures that your call recording system meets all the FSA’s requirements by allowing calls to be recording whilst removing card data from those recordings.  And the scope of Veritape’s call recording software includes call retrieval, storage, logs, audit trails and security.

It is worth noting that if  you are planning on implementing a call recording system such as Verint or Nice, which offer a  ‘pausing’ solution, you may not be FSA compliant. CallGuard, on the other hand, uses DTMF technology. It doesn’t touch the call recording at all, which continues to run with no changes and automatically removes card data.

Is your business regulated by the FSA and does it also need to be PCI DSS compliant?

At first glance, the FSA guidelines and the PCI DSS guidelines may appear to conflict with each other. However, Veritape can help here because our systems meet all of the FSA’s call recording requirements and are PCI DSS compliant.

The FSA’s July 2010 publication Mortgage Market Review: Arrears and Approved persons - Including feedback to CP10/2 explains that the FSA requirements and the PCI DSS requirements are compatible, providing you use a system to remove card data prior to recording the call. This is exactly what CallGuard does.

Contact us and ask for our whitepaper on FSA and PCI DSS call recording. We’ll be happy to send it to you, and then talk you through how each set of specific requirements can be serviced by Veritape.

 

© Veritape Ltd 2012