Skyrocketing Data and Poor Data Management
In the post-crisis climate, fear of fines and legal sanctions among banks has fostered a “save everything—just in case” mentality, with little thought put into how to effectively manage and retrieve relevant data if required. While other businesses can dictate their own defensible document-retention and -deletion policies, banks are required to uphold different standards for data retention. For that reason, most banks typically keep data for a minimum of 10 years, but the Dodd-Frank Wall Street Reform and Consumer Protection Act (Pub. L. No. 111-203, H.R. 4173) may cause banks to keep data longer than that.
Duration is only part of the equation. The other part is data volume. Banks generate massive amounts of data every day. In addition to transaction data, banks collect all forms of employee and customer communications including emails, internal chat messages, external applications such as Bloomberg terminals, mobile and landline phone calls, SMS texts, and more. The average mid-size to large bank captures 35 million “messages” a day. Global banks or banks with large trading floors generate much greater volumes of data—all of which must be collected.
Unfortunately, as data volume has increased, the technology needed to index, manage, and search the data has not kept pace. Prior to the financial meltdown, there was no impetus for banks to invest heavily in these kinds of technologies because regulatory inquiries rarely went back more than a few months or a year. Post-crisis, new Dodd-Frank record-keeping mandates have been imposed, requiring banks to provide regulators with any and all communications relating to a specific trade or trader within a very short time span. These technologies will greatly simplify the process of reconstructing future trades—for both banks and regulators—but they may not have an impact on responding to the legal and policy issues brought forth by the financial crisis.
Technology Showing Its Age
Another roadblock that has hampered regulators’ ability to grapple with the financial crisis has been the banks’ technological inability to produce the data in a timely fashion. While many reasons exist, the primary cause has been the plethora of mergers and acquisitions among banks. With every bank merger comes the inevitable information-technology (IT) integration in which older technologies or proprietary technologies are phased out in lieu of newer ones, or bolted on top of a hodgepodge of existing systems. Although these older or proprietary IT systems may no longer be supported, maintained, or even exist, the data that were created by and formatted for these systems are most likely still available. However, to access the data, the data must first be scrubbed, translated, or otherwise restructured into a homogenous format that can be easily accessed or manipulated by the newer IT systems. This is very expensive and time-consuming for banks, as the resources required for such tasks significantly disrupts a bank’s day-to-day IT operations.
Enter the Lawyers …
Once a bank has been able to compile all the data, its legal teams step in. It’s their job to understand what’s in the data to determine the bank’s potential exposure and liability, but also to cull the nonresponsive documents or irrelevant data for regulators. Once again, the process slows down to a crawl because of the illogical ways that lawyers approach e-discovery.
After the data-collection phase, the current modus operandi is to upload the entire data set into production and then task an army of lawyers or litigation-support specialists to review each individual document for relevance. In a major matter related to the financial crisis, where regulators are requesting many years’ worth of documents, it is not unusual for data sets to exceed many millions of documents and several terabytes of data. Unfortunately, it is estimated that 80 percent or more of the documents they manually review are nonresponsive or irrelevant. The time it takes to conduct a manual review could take months, and the costs would be staggering. Predictive coding and other technology-assisted review (TAR) applications can help cull nonresponsive data prior to review, but these technologies are expensive to own and maintain, and they require the entire data set to be uploaded for them to work—a costly proposition when paying to store data by the gigabyte. Other technology solutions have recently become available that review the data pre-processing—the rationale being that the more data that are eliminated toward the left side of the Electronic Discovery Reference Model, the greater the impact will be on lowering downstream costs and speeding up the review process.
By the time the regulators get the data, their deadlines and court dates have already been pushed back numerous times—much to their chagrin, as well as the judges’. If the legal teams have done their jobs properly, the data would be collated by date and time to make it easier for regulators to review and reconstruct who knew what, what happened, and when, to find the truth—or a smoking gun. If not, regulators will have to sort through this unstructured data themselves. A single conversation may span multiple data streams—email, internal chat, phone calls, Bloomberg messages, or mobile-phone records. Piecing them together is akin to solving a jigsaw puzzle for which you hope you have all the pieces. Now, multiply this by the multitude of conversations spanning the course of several years across multiple banks that regulators need to present their case in court and you begin to understand why the process is taking so long.
Hope Is on the Horizon
The lessons learned from the global financial crisis is that banks and other highly regulated industries need better technologies and processes to keep pace with the growth of electronically stored data and to comply with regulators.
New Dodd-Frank regulations require banks to use cutting-edge technologies that capture all forms of communication, as well as tag and index data for easy search and retrieval. Information searches that previously might have taken weeks or months will have to be done in seconds—complete with the ability to listen to archived phone and cellular conversations.
Another recent paradigm shift is changing the way that inside counsel and external law firms review and process data. Instead of uploading their entire data set for processing and then culling millions of documents during manual review, the smarter approach is to cull the nonresponsive data prior to production, thus creating a smaller, much more responsive data set for reviewers. This process eliminates an average of 80 percent of the documents that lawyers have to review, which greatly accelerates the review process and dramatically reduces costs.
Changes are being made, slowly, and whether they have any material impact on addressing the fallout from the financial crisis remains to be seen. However, these changes will enable banks to comply with regulatory requests much more expeditiously, should our financial system ever find itself in a similar situation.
Keywords: litigation, corporate counsel, information technology, IT, Dodd-Frank, financial crisis
David Canfield is a senior managing director at UnitedLex in the Philadelphia, Pennsylvania, area.