* Work was done while author was at IBM.
Supervision and Discovery of Electronic
Communications in the Financial Services Industry
Stefan Edlund, Tyrone Grandison, Joshua Hui, Christopher Johnson*,

IBM Almaden Research Center, 650 Harry Rd, San Jose, CA 95120
{sedlund, tyroneg, jhui}@us.ibm.com, chrisjohnson@mba.berkeley.edu
Abstract. Current SEC and NASD rules require securities brokers and dealers
to maintain, supervise, and periodically review electronic communications. We
present a solution called Galaxy that provides automatic supervision and in-
depth discovery of email, instant messages, and other electronic
communications to enable compliance with these rules. Galaxy’s supervision
component analyzes these communications to enforce company policies and
detect potential violations. It allows compliance officers to generate powerful
and flexible rules to implement information screens within an organization and
detect suspicious text patterns in incoming and outgoing communications.
Galaxy’s discovery component enables companies to respond to litigation
discovery requests efficiently. It also supports internal investigations by
allowing analysts to focus their results along various search dimensions and
visualize relationships among entities. In this paper, we describe Galaxy’s
architecture, illustrate the functionality of its supervision and discovery
components using financial services scenarios, and propose topics for future
research.
Keywords: Compliance, Supervision, Discovery.
1 Introduction
The United States Securities and Exchange Commission (SEC) and National
Association of Securities Dealers (NASD) require securities brokers and dealers to
maintain and supervise incoming and outgoing communications to ensure compliance
with federal securities laws. These rules require improved technologies to monitor
and search electronic correspondence. SEC Rule 17a-4 [1] requires exchange
members, brokers, and dealers to maintain all email and other communications sent or
received, including all inter-office memoranda and other communications, for a
period of three years. NASD Rule 3010 [2] requires its members, which include
brokers and dealers participating in the over-the-counter securities market, to establish
and enforce procedures to supervise incoming and outgoing written and electronic
correspondence. Rule 3010 also requires members to conduct periodic reviews of
their business activities to assist in promoting compliance with, and detecting
violations of, applicable securities laws and regulations. SEC Rule 10b-5 [3] and
supporting case law prohibit companies and individuals from trading on inside

62 Proceedings of GRCIS 2008


information or otherwise engaging in fraud or deceit in the purchase or sale of
securities.
Galaxy is a communication management system that enables: 1) the supervision
and discovery of electronic communications to facilitate compliance with SEC and
NASD rules, and 2) timely and efficient responses to litigation discovery requests.
Galaxy leverages prior research in the field on multi-faceted search [4] and text
analytics [5]. Given that most forms of electronic communication contain a high
proportion of free-form text, the Galaxy solution must: 1) detect and resolve errors,
abbreviations, and acronyms, 2) provide an acceptable balance between false
positives (precision) and false negatives (recall ratio) for compliance violation alerts,
and 3) minimize the performance impact of the technology on daily business
functions. Galaxy’s analytic capabilities allow companies to intercept suspicious
electronic communications in transit, detect suspicious text patterns in archived
communications that may indicate violations of securities laws, and reduce the time
and cost necessary to comply with the litigation discovery requests.
The application of a general system for discovery and supervision to real problems
in a specific industry demonstrates the value of domain-focused solutions. In section
2, we define key terms necessary for our discussion on compliance in the financial
services industry. In section 3, we describe the architecture of the Galaxy technology.
We present the supervision and discovery components of Galaxy in sections 4 and 5,
respectively. Finally, we discuss related work in section 6, future work in section 7,
and conclusions in section 8.
2 The Environment
As this instantiation of Galaxy is intended for the financial services industry, we
explain a few foundational terms and concepts before proceeding with the technology
discussion. Specifically, we define the following example roles for managing and
monitoring corporate communications, and the responsibilities of each role. We refer
to these roles in describing the Galaxy technology and application scenarios.

Compliance officer: At the direction of senior management, this role is
responsible to implement policies and procedures, such as information screens1 to
supervise electronic communications in compliance with applicable securities
laws. The purpose of an information screen is to monitor certain kinds of
communication between people or groups and to block any communications that
violate company policies and procedures. Because this is a sensitive role that
frequently handles confidential internal information, companies may designate
multiple officers, each responsible to supervise a subset of communications.
Thus, it is desirable to control access to certain information about monitoring and
supervision.

Internal auditor: When a communication is flagged and intercepted for potential
violation of corporate policy, an internal auditor receives it for further review.
The auditor can either take no action if the communication complies with policy,

1
Information screens are mechanisms that prevent information in an organizational silo from
being disseminated in violation of company policies and procedures.