Skip to content

Hearsay Cloud is now SOC 2 Certified: That’s an extra layer of data protection for your customers…

Today, virtually every website you visit is collecting various amounts of your data, with varying levels of security. And chances are good that within the last week or two, you either heard a news story or got a notice of a data breach.
Even in financial services where regulations enforced by FINRA and other agencies are strict, customer data is compromised far too often. Like every other industry, financial services firms store almost every bit of customer information online (i.e., in the cloud). The data gold mines that are wealth and asset management firms, insurance providers, and banks are a tempting target for hackers.

If you’re using Hearsay, your customer data just got safer. We recently underwent a SOC 2 audit by the American Institute of CPAs (AICPA) and were awarded SOC 2 compliance. SOC 2 is one of the most common compliance requirements that technology companies need to meet today. It is specifically designed for service providers storing customer data in the cloud. While considered a technical audit, it goes beyond technology to establish strict information security policies and procedures for managing customer data based on five “trust service principles” – security, availability, processing integrity, confidentiality and privacy. To be compliant, service providers must have clear, well-documented, proven strategies around all five of these topics.

Source: AICPA

Why does SOC 2 Compliance Matter to Hearsay?

If you’re in IT or have any experience in the world of infrastructure, you may know that SOC 2 compliance isn’t a requirement for SaaS and cloud computing vendors. Even most financial services clients require that vendors who store their customer data in the cloud either be SOC 2 compliant or “leverage a provider who is compliant”. Many providers do indeed rely on their IaaS or managed hosting provider – i.e., AWS, Google, Microsoft Azure – to meet the SOC 2 compliance requirement.
However, the SaaS and cloud computing companies who are truly serious about data protection know that simply meeting SOC 2 through leveraging AWS’ certification, for example, is no longer sufficient. With Hearsay’s SOC 2 certification, customers can be assured that Hearsay has end-to-end defined security controls across the entire organization, ensuring an extra layer of protection for your customer data.
As data security becomes an ever-increasing concern and attacks become more sophisticated, we believe this is crucial for every SaaS and cloud provider that does business with financial services companies. Handling customer data according to strict guidelines is at the forefront of our operations. It’s more than ticking a box – it’s a reflection of our commitment to building trusted client relationships.
If you’re going through a security review or doing pre-sales due diligence, we can share our own internal SOC 2 report – just ask.

Introducing New AI-Powered Compliance Controls and Risk Meter

There’s little doubt that we are now in the machine learning age. From Amazon’s shopping recommendations based on your past purchases, to Google Maps predicting how long it will take you to get from point A to point B, predictive technology is at work in our lives every day.
Our team is always looking at ways to improve our technology solutions by using artificial intelligence and predictive data. We believe that, in many cases, machines can do a better and more efficient job on the front lines of compliance, so human supervisors can focus on the highest-risk violations.Hearsay compliance platform
Today, I am thrilled to announce the next generation of Hearsay’s compliance platform with the new Risk Meter and AI-powered compliance controls for better coverage and defense against digital risk. Our team has worked closely with supervision and compliance professionals to build leading edge solutions that truly make their jobs easier.
New functionality in our latest compliance solution includes:

Risk Meter

Hearsay processes nearly 100 million interactions every year across more than 150,000 advisors, agents and loan officers around the world. This wealth of data allows us to train our machine learning systems to recognize activities that are likely to cause compliance issues, so we can surface the highest-risk violations. Our new Risk Meter uses machine learning to prioritize highest-risk offenses to supervision teams.
The Risk Meter shows alerts as high, medium or low risk based on alert data from millions of digital interactions. Supervisors can efficiently parse through hundreds of compliance items in our Universal Supervision Dashboard and quickly identify high-risk items with the Risk Meter. This is a simple way to catch the highest-risk offenses early to ensure advisors meet industry and company regulations.

Intelligent Alert System

Our data science team built the Risk Meter’s algorithms using regulatory requirements for both industry and company-specific policies. But is your existing supervision catching items that truly pose the highest risk to your firm? The Intelligent Alert system catches digital violations based on more than just a firm’s lexicon (prohibited words) – it uses artificial intelligence to catch violations based on the validity of historic alert data. In this way, the entire Hearsay compliance platform gets smarter and more accurate over time.

Auto-remediation

Some activity is so clearly against policy that a supervision professional doesn’t need to review it to know it should be deleted or reverted. Hearsay’s auto-remediation functionality allows teams to automatically correct posts or content when they are a clear violation of policy. This functionality gives compliance teams more control of how their firms are being represented in public forums. It also saves them the time it might have taken to review activity and work with the offending advisor.
For example, if an advisor posts natively to Facebook against company policy, Hearsay will remediate (e.g., delete) the post immediately. This functionality also allows supervisors to revert profile changes back to the most recent approved state if an agent makes an edit that requires pre-approval.

Flexible Sampling

Flexible sampling is an additional way of providing a “compliance checkpoint” as supervisors continuously monitor advisors’ activity across channels. It gives supervisors a method for reviewing a percentage of content based on type (including text, photos and links). According to a recent Hearsay survey, 34 percent of our customers are currently using a version of sampling to ensure their teams are meeting compliance requirements. New sampling functionality lets teams create custom rules on when and how they sample advisors’ digital activity. With fine grained controls like sampling images posted to social media at various frequencies rather than link posts, compliance teams can configure exactly how they want to supervise digital communication.
We’re already started rolling out our new compliance platform and Risk Meter to customers and have received incredibly positive feedback. With our new solution, supervision teams can now focus on high-risk compliance items, while machines efficiently and programmatically defend companies against digital risk.
For more information, check out our press release. Interested in a demo? Contact your Hearsay customer success team!
Related:

New Compliance Technology for Highly Efficient Supervisors and Advisors

hearsay complianceAs a product team working on technology solutions for the financial services industry, we’re constantly tackling the challenge of building compliance functionality that compliance teams actually like. Likeable compliance technology makes supervision teams more efficient while making review processes faster and more thorough.
But we can’t stop there. More than 150,000 advisors, agents and loan officers around the world use our applications to communicate with clients across digital channels. Before they can build those important advisor-client relationships, they have to cross the compliance hurdle of setting up digital profiles.
We’re excited to announce new features and functionality to help make compliance teams and advisors more efficient … and hopefully, a little happier.
A custom Universal Supervision experience and new filtering: It’s a lot easier to enforce compliance policies when you use flexible supervision technology. Last year, we streamlined common compliance workflows when we released the Universal Supervision experience. Today we’ve released new functionality that allows each member of your team to see a personalized view of the Universal Supervision dashboard.
With custom filters based on frequently run searches, team members can review their most relevant workflow items faster based on their location and team. New filtering options also give your supervision team the ability to search for advisor actions between specific timeframes.
Prioritized compliance coverage and review of more social content: A common challenge we see across compliance teams is the need to prioritize the review process – some items that come through your workflow are higher risk than others. Our data science team built a set of models to help identify which compliance issues are likely to be “high risk” so supervisors can focus their attention on those items first. This is really helpful for sorting through large lists of compliance issues and improving the lexicon of what triggers a compliance event to begin with.
Our new compliance functionality helps save supervision teams save time so they can be more efficient when reviewing advisor social media profiles and activity. New compliance coverage across Facebook and LinkedIn lets supervisors monitor more social content and reduce the risk of potential infractions.
Sampling to enforce compliance across content type: We’ve also introduced sampling to help supervision teams structure their compliance review to ensure items aren’t slipping through the cracks.
Today, a team will review 100 percent of social posts that are set up for review based on lexicons, compliance requirements and policies. Sampling helps ensure your team is reviewing appropriate content – it gives supervisors the ability to review a percentage of content based on type (links, photos, text, etc.) so you can be more confident that your team is meeting compliance requirements. Sampling decreases the cost and effort of traditional email-based supervision and helps supervisors stay productive by identifying what content types need various levels of supervision over time.
A streamlined social and websites experience eliminates the guesswork: In order to get started on digital, first advisors need to set up their social profiles and websites. This simple process can take days, or even weeks. When we looked at the more than 700,000 profile changes we process every year through the Hearsay system, we saw friction in the communication between supervisors and advisors around profile approvals. We knew we could make this process more efficient.
With our new two-click profile reviews, supervisors can suggest content changes and advisors can accept changes. This new feature reduces approval times and makes the process of setting up a social profile much faster for advisors. When advisors onboard more efficiently, they’re able to start building relationships with clients immediately and drive business.
We’re always focused on improving our compliance technology for both supervisors and advisors. With more efficiencies around the review process and content supervision, supervisors can streamline their workflows and advisors can spend time building relationships.
For more information, check out our press release.
Related:

Delivering Innovative Compliance Solutions to Our Customers

shutterstock_315885482One of our core objectives at Hearsay Social is to deliver industry-leading compliance and governance solutions to our customers. Developing truly innovative compliance technology is multi-faceted; it’s not just about coverage or control, but also about effective governance solutions that must be scalable across an organization.
At Hearsay Social, we are focused on building technology that empowers our users to work more productively. We closely study the workflows of our users including compliance professionals, and concentrate our engineering efforts on building powerful technology that makes their daily activities more efficient.
Today, we announced a variety of new compliance functionality that provides additional risk controls and increased efficiencies for the compliance teams we work with.
These enhancements include:
Updated text change reviews: With many tools, it is common that compliance and supervision teams scan static content such as profiles or posts word by word to identify changes. This can be a huge drag on time. We’ve tried dramatically to speed up our customers’ compliance flows by providing visualized change management for text fields. The new solution from Hearsay Social visibly highlights edits in text fields, including additions and deletions, making it possible for compliance teams to clearly compare requested copy changes and make efficient supervision decisions.
Customizable supervision dashboards and saved queries: With the launch of the Universal Supervision dashboard earlier this year, we delivered greater visibility and control to compliance professionals. With customizable dashboards, each member on the team can make their own view according to their supervision responsibilities and risk areas they monitor. Instead of requiring a user to repeatedly make the same query, compliance professionals can now save the supervision views and queries they use often in order to more efficiently do their job.
Flexible lexicon controls: There is not a one-size-fits-all lexicon for social media compliance across an organization. Different activities across social networks require different policies and controls. Over the past year, we have greatly enhanced the ability for companies to add and manage lexicon terms by activity type, limiting alert and approval queues to activities that are against the rules for each distinctive activity type.
On behalf of the entire Hearsay Social team, we’re truly excited to bring these latest innovations to our customers and their supervision teams to ensure social media compliance even more easily, quickly and accurately.
For more details, check out our press announcement.