Resilient plc and Business Systems (UK) Ltd announced a strategic partnership to address the growing market demand for call recording solutions enabling compliance to both MiFID II and GDPR.
These forthcoming regulations, due to come into UK law in January 2018 and May 2018 respectively, place great demands on organisations that need to record their business telephone calls, with significant penalties for firms that are non-compliant. The challenge these regulations place on businesses is that, in many respects, they appear to make competing demands. For example:
* Under MiFID II, firms need to record all conversations of regulated individuals that take place on corporate mobile phones whilst under GDPR firms are prohibited from recording any private conversations on these devices, even with the consent of staff. The challenge arises as most firms permit corporate mobile phones for both business and personal use.
* Under MiFID II, firms need to retain these recordings for up to 7 years, whilst under GDPR firms should retain recordings for the absolutely minimum period possible.
* Under GDPR, individuals have a right of access to, and a right to be forgotten for, all their personal data. Personal data can include the recordings of any private telephone call which firms therefore need to be able to identify, isolate and erase. Such records will be very difficult to identify should both personal and business conversations be recorded.
Whilst regulations demand that calls are recorded, the FCA also requires that firms pro-actively monitor and review these recordings for any compliance irregularities. The challenge that firms face is therefore how to ensure this compliance oversight can be achieved without adding significant costs to the compliance function.