Call Compliance in the Age of Covid
It’s hard to think of any type of business that doesn’t need to be mindful of regulatory compliance. Whether it’s GDPR that affects a whole continent, or HIPAA which affects one industry in one geographical area, the requirement for compliance has a major impact on operational processes and systems for businesses of any size.
The Financial Conduct Authority has warned that regulated organisations must now provide the same standard of surveillance of staff working from home as they would in an office environment. Communicating with customers and colleagues in hybrid work environments means that businesses must consider the dual challenge of not only enabling, but enforcing compliance, and doing so in a way that is effective and manageable.
Can compliance management be simple?
Self-service and automation are key to making compliance manageable; this means giving a business the tools and ability to configure and manage recording policies based on a caller’s specific call journey. Compliance is much more than choosing which member of staff is required to have their calls recorded, it is about managing evolving company policies in line with regulations and having the ability to understand adherence to requirements.
To be truly effective, compliance policies need to match the business’ regulatory requirements and staff need to be educated and informed in how to adhere to those policies. Typically, a nominated compliance manager will take on overall business responsibility to manage the effectiveness of these processes.
Departmental managers and customer service leads also need to assist compliance managers to create rules around their call flows and interactions to automate call recording policy as much as possible. As a result of creating this automation, risk is reduced as agents or other employees in customer-facing roles no longer need to manually inform callers of call recording policies whilst on the call. For example, if an incoming call is received on an employee’s personal DDI it may be prudent not to record this call compared to a call that is received on the customer services number. Similarly, it may be a requirement only to record outgoing calls made by a telemarketing agent and not any incoming calls received.
Not least, it is important for the compliance manager to easily identify areas of non-compliance, understand what has fallen through the gaps and how to deal with exceptions. This requires a strong self-service element if issues are to be dealt with quickly and responsibly.
Managing compliance in the age of coronavirus
In the face of coronavirus-related restructures and redundancies, the ability to evolve compliance policies and processes in-house is particularly valuable. Managers must be able to adapt compliance rules associated with roles and job functions as they change, for example when asking an employee to start dealing with payments or other sensitive data. The need for this flexibility, where managers and departmental heads can align policies to new roles with ease, means that self-service is critical. Without the ability to make quick changes as roles and purposes evolve, and to correct any errors, a compliance solution is inadequate.”
The very nature of today’s blended workspace where office meets home introduces a myriad of new challenges. While many organisations will agree that this new normal is easier to deal with than the initial fire-fighting we all endured, it is clear that the current environment presents unique challenges that threaten an organisations’ ability to deliver acceptable levels of compliance. If staff are not able to follow compliance processes properly – perhaps because their technology is inadequate, or they’re working in a new or distracting environment and simply forget – it will result in non-conformity.
It is therefore critical that businesses are able to apply practical boundaries for home workers. Staff will only be effective if they are confident that they can operate within the compliance strategy.
What about call recording retention and storage?
Call recording storage and retention policy management also benefit greatly from the self-service model. With hands-on control, businesses can direct how many call recordings they retain and for how long. Businesses can specify the capture of either inbound or outbound calls, whitelist or blacklist numbers to be recorded, record specific numbers or departments, and manage storage in line with retention policies.
The ability for users to specify retention policies is particularly valuable for companies that need to comply with MIFIID II, for example financial institutions that need to keep calls recordings for seven years. In highly regulated industries, self-management enables users to override the public storage default from their service provider and specify a secure FTP server. This ensures all recordings sit within the allocated servers that are within their full control.
What is Tollring doing in this area?
Tollring’s self-service compliance capabilities, delivered off-the-shelf, rely on our tight integration with calling platforms such as Cisco BroadSoft, Cisco Webex Calling, Mitel’s MiCloud Telepo, Mitel MiVoice Business, E-LG, NFON, Panasonic, Avaya and more. We utilise the analytics to gain a full understanding of call journeys across these platforms, using intelligence to deliver a high level of support to users with dashboards that show how everything is working.
The Compliance Centre dashboard allows users to manage and understand the effectiveness of all their policies. At a glance, they have granular visibility of all elements against the policies they have put in place with the ability to further edit and audit settings. They can also check that credit card details have not been recorded and review a playback audit, which shows who has reviewed the calls. It gives users complete confidence and the ability to prove to auditors that they are managing compliance in line with both regulations and their own company policy.
Many of Tollring’s partners are already achieving strong revenues around cloud services with customers incorporating analytics and call recording into their services. And with Microsoft Teams proving to be such a valuable tool, our new collaboration analytics solution will deliver the same level of compliance to the MS Teams eco-system, across all interactions including recordings of video, screen sharing, calls and chat.