Bloomberg Audio Studios, Podcasts, radio news. This is Bloomberg Business Wait inside from the reporters and editors who bring you America's most trusted business magazine, plus global business, finance and tech news. The Bloomberg Business Week Podcast with Carol Messer and Tim Stenebeck from Bloomberg Radio.
Steve Marsh is with us, a chairman and founder of Smash and joining us here on site. First of all, compliance is a big issue, and it has been growing, I think, coming off the Great Financial Crisis, and I think it's interesting to hear how people are talking about it in regards to AI. But first of all, take a step back twenty years ago when you started your company and kind of where we were.
Sure, so there's probably two thousand and one, I think when I first started Smash, and so twenty three years well then, so yeah, the time flies, but yeah, really, I was doing some insulting for financial services firms and had a few of them all around the same time asked me to help them comply with what were then relatively new rules and requirements forcing them to capture their email.
So it was really just email that was a problem, and most organizations just needed to find a way to retain it so that the compliance departments could produce it when a regular came asking for it, and I helped a few of them do it and eventually found that there was a bigger and bigger business opportunity. And that's how it all started.
What was the way that you were able to do it back then that other people weren't doing. What was the value add that you brought that the industry wasn't saying yet?
I think the biggest value add was that I had come from the financial services industry, and a lot of my competitors at the time, and there were quite a few were really web hosting companies or internet service providers that thought they would just get into the email retention space and sell an additional product. We were very different from day one, only focusing on broker dealers and and investment advisors and really understanding the regulatory requirements that they
had to comply with. That gave a lot of the companies that we worked with much more comfort that when a regulator came knocking on their door, we would understand exactly what needed to be done, the step thing to be taking the proof of you know, the steps that we're taking or that were taken and helping them retain their their compliance.
It's interesting, Steve, if you think about it, right, like, in terms of where communications were twenty three.
Years ago and how they have evolved.
We communicate and then you know, layer on the pandemic on top of it, things have gotten much more complicated. How has that changed your business and what you guys do?
Well?
Early on, you know, as you alluded to, it was really just email that companies needed to deal with, and then eventually it was AOL and SIT messenger and of course Bloomberg's messaging protocols as well.
So you know, over the.
Last two decades, that list of relatively few communication channels has exploded to now include well over one hundred and hundred and fifty different types of communication, and some of the largest organizations that we serve we'll have you know, dozens fifty one hundred different types of communication. So that has created a lot of opportunity for us to up new products and new solutions to help our customers, but it also creates a lot of challenges for those that have to to work with them.
I always think about in COVID, right we were talking about you know, in terms of spreading the virus, like the touch points, and I just think about in terms of the financial community, the touch points as information is shared and moved around, they have increased and that means greater risk potentially absolutely.
I mean you have to you have to look at all those different endpoints you have. You may follow a conversation that starts on text message and then moves to email and then is picked up later on WhatsApp or you know, some other communication channel. If you don't have, you know, a good sense of what's happening in your organization, you're not going to be able to follow the entire conversation. It's not single thread anymore. It's not just taking place in one venue.
Okay.
So a big issue with the SEC has been so called disappearing message services. How do you guys deal with that?
Well, there are certain ones that were designed specifically not to be captured and retained. There are others that you know, we can help with from a technology standpoint. You know, if something is specifically designed not to be viewed in mind, and I think that that's where policy comes in for most organizations. Right wherever possible, we develop different mechanisms of capturing the messages so that they can be sort of archive.
What if you're working with an organization where okay, yes, my work accounts are ones that can be captured, but a lot of my communication happens over my personal devices or my personal services.
How does that work? Again, it's kind of nuance. It
depends on the communication channel. Some of the early social networks introduced that very problem, where with Facebook, for example, you only had a personal profile if you were also using it for work, well, that meant that the organization had to effectively retain your personal communications and you had to authorize them or you know, acknowledge that you were going to use something like Facebook for personal and business communications and you'd give the firm basically the ability to
capture them.
You know.
One of the things I love about that we kind of try and do at Bloomberg, and I think we do it pretty well, is just kind of open windows into worlds that maybe people don't know about, but is just such a big part of our world. And we did it today with an earlier story had to do with roans and so on and so forth. But I think about this is such a part of the financial world, you know, and kind of reading in tim and I, you know, I think nineteen of the world's largest twenty
banks are your clients. Like, this is something that every financial institution is involved in a big way and has to be absolutely in terms of what you do in the services you provide.
Yeah, it's not always the most well known service, you know, among the public, but every broker dealer, investment advisor, or bank, you know, hedge fund, you know, really has some regulations they need to comply within where they're often behind the scenes or behind the scenes as one of their most critical partners.
Is it getting more complicated?
And I think about with financial disruption, and I think about, you know, layer kind of what we've seen in cryptocurrency, and I don't know the financial industry, it's just like more and more things are being thrown at them in different ways. And I always think about is a regulatory oversight and the systems in place to kind of keep up with it.
It definitely gets more and more challenging, and I think, you know, over the past two decades, it's gotten to the point where the compliance function is probably one of the most sophisticated within a financial services organization. I certainly don't envy some of the professionals that have to deal with other aspects of compliance, you know that's marsh doesn't even really touch or play in, you know. So it's a challenging job and it's a significant area of focus for the financial industry.
One thing that's so interesting about what you do is you have so many different clients, you have so many touch points on the economy. And one thing that I'm interested in is here we are in twenty twenty four where it's sort of like if we were doing this a year ago, the question would be, Okay, when's the recession? But the economy it seems like it is firing on all cylinders right now. What are you hearing and certainly
that's what the economic data is indicating to us. What are you hearing from your customers right now when you're talking to them about different products, different services when it comes to how they're doings of how they're doing, yeah, how they're doing.
Because it like you wonder do they pick and choose and say, I mean compliance they have to do, but do they pick and choose a little bit because they're a little bit worried about the account the outcome, or do you never see that.
I mean, most of the conversations we have are more specifically related to their compliance and technology challenges, the types of communication tools they're using, you know it. Maybe we'll see a little bit in terms of how they're they're expanding or contracting the organization, right not even really we don't know always have a great sense of that either. So as far as like their views on the economy and what's happening globally, and we don't get too much
of that. It's more, uh, it's more focused on compliance.
Does crypto come up? How does does crypto come into your world?
As well?
It does? And I think there was quite a bit of buzz about it, especially a year and a half two years ago, about you know, how crypto was going to be regulated and really for us, you know, what what is Marsh's role, what in what are our client's role in that. I would say it's not the biggest issue, you know, but it's still in the background.
There.
There's a lot more discussion today about artificial intelligence and how how it should be regulated and how it can be used to help with you know, communication, you know, monitor and surveillance.
I mean, we're gonna have a bunch of conversations about that. How are you guys preparing for it? I know we're gonna have some some future conversations that are going to dig a little bit deeper into it, But how are you guys getting ready for it? Or how have you been planning around it? What are your clients saying, Pea, Steve, are you working on this?
Yeah, we've We've had an aspect of artificial intelligence as part of our services for many years, and really it's to address the reality that the data volumes just are growing constantly, so our customers are faced with a challenge where they have to sift through not only growing number of communication channels, but the number of messages that are sent,
you know, within each of those has grown exponentially. And it used to be that human beings could inspect and look at the messages that we would get flagged for some sort of potential compliance violation. Now it's becoming increasingly difficult. So the use of artificial intelligence helps them manage that workload. So that that's probably the biggest use case in the
biggest area that we hear about. But there's also certainly a discussion about how firms need to think about their own use of artificial intelligence, and if that if that becomes a communication itself that needs to be archived and monitored, or or if they have you know, a bot on their website that's communicating with investors, you know, how does that fit into the compliance obligation?
I didn't even think about that, like monitoring the bot right, Like it's going to be part of it.
Who monitors the bot? That's monitoring the bot?
That's the question?
Another bot?
Yeah, okay, okay? So what about when it comes to the AI, are you deploying the AI or is the AI being deployed by these companies internally?
Uh?
For the surveillance, Yeah, and monitoring. We help the customers deploy that, but it's with their own They are their own input in terms of what they want to look for and what they're they're trying to use it for.
Have you had to make specific hires around that type of technology that in this environment?
Many?
So?
How is that? Because I mean it's like a serious talent we're going on.
Yeah, And I think we've we've been very fortunate that our that our use cases is interesting. I think to the professionals that get to work get to work on artificial intelligence. We've got very large data stores, you know, high significance use cases to get people excited, so it's always been relatively easy to find high quality tech talent. It's mart just because we've got high security use cases, big data, always on the cutting edge of the communication tools that people want to use, so.
They want to be a part of it.
I'm just thinking about the Bloomberg audience, investing audience, just people who want to know on trends and waves. Just got about a minute or forty five fifty seconds left here. What do you think they need to know about? Kind of the world that you're seeing and smartsh connect Like the leaders that are here, whether it's AI, compliance technology, what do you think they need to be aware of?
I think they need to be aware that we are working as hard as we can every single day to make sure that our clients can continue to use the communication tools that they want to which in essence, is really just allowing investors to use the communication tools they want to use when they engage with their financial professional. Sounds like a real, relatively simple order, but it's a it's a it's a big ass because there are so many different ways if people want to communicate and everybody
has their own unique preferences. We're out there working with you know, our partners and our employees to try to make that all possible.
Well, we talk about transparency, right, or making sure that financial systems are fluid and they work really well. Like this is a part of it, right. It's kind of a cog in the in the wheel, if you will, in terms of doing so.
Thanks so much. Thanks for inviting us here.
Really cool stuff and I'm glad you could join us.
Yeah, it's really fun to be here. We would like to be outside though, it's really beautiful.
Can we work next sure, next year, we'll do it outside.
Just kidding.
Steve Steve Smarsh of course, he's founder and chairman of Smarts. So we are here at smash Connect in midtown Manhattan. I'm Carol Masser along with Tim Stanevik. Life here on Bloomberg Business Week. Conversations are continuing. We're going to talk more about digital transformation and the role of all of it in compliance and managing risk for firms. We're coming back right here on Bloomberg Business Week.
You're listening to the Bloomberg Business Week podcast. Catch us live weekday afternoons from two to five pm Eastern list on applecar Play and and Broud Auto with a Bloomberg Business app, or watch us live on YouTube.
Well, what is Capital One, Bank, Loomy, the London Stock Exchange Group, NUMBERA, MasterCard and HSBC all have in common? Well, they're all financial services firms that use Amazon Web Services, also known as AWS. Our next guest knows that because he leads the worldwide business and market development efforts for financial services at AWS, having also been an executive director at JP Morgan Chase, also working at NASDAQ, bear Stearns
and City. John Kain is head of financial Services market Development at AWS, and he joins us on location here at smash Connect. John, how are you good?
Thanks? Hey?
How's how's business right now?
That's pretty good. It's hard to imagine. We're actually in the second decade of cloud adoption in financial services, and some of the things when I joined AWS seven years ago that we wouldn't have thought were possible at all to kind of run in the cloud from a financial services infrastructure perspective are almost becoming sort of everyday story.
Did you not think it was possible because of regulatory issues?
That was one of the big concerns when we had those initial conversations from customers earlier in the day, it's like, how would our regulators think about cloud? About security? What about compliance and resilience? And over the course of the last decade, you've seen some of the most important systems actually move and run on the cloud. Was two years ago that Nasdaq moved its matching engine onto AWS Technology
runs MREX their Options exchanged. Last year, the SEC gave a no objection letter to the Options Clearing Corporation to move their risk and settlement systems to the cloud. And those are the type of crown jewels in the industry that you are always aspire to run. And I think that was a twinkle in our eyes when we started on the financial services side of ABS, and now it's sort of the reality of what we're bringing to the industry.
I mean safe to say, John, when we break down like Amazon earnings, we talked about AWS. It's like streaming, right, and we're talking about the cloud. And I think so much of general consumers that's what they think about. How much of what you do in the cloud is financial services based?
Well, for me it's a hundred percent, right, Yeah, But for AWS, it's a large chunk of your business. We don't break down the individual segment, but financial services is just one of the largest consumers of technology, as you can imagine, of course, and just because so much of what they do is just moving one than the Euros
and data around. Almost everything is dependent on technology, and when we look at where our customers are focused, it's bringing more personalized experience with less friction and bringing down the kind of costs across the industry.
I just want to jump in with a red headline crossing the Bloomberg terminal has to do with Boeing. The Boeing whistleblower is set to testify an April seventeenth Senate hearing. That Boeing hearing has been confirmed by a spokesperson for Center Blumenthal checking in on shares of Boeing right now in the after hours. Shares of Boeing right now moving well, really unchanged as we speak, but did fall about one percentage right.
We had some news earlier today in terms of Boeing deliveries getting.
Back there on percent today.
Excuse me, all right, good to know, JOHNKM.
We're talking with the head of Financial Services Market Development over at AWS what are like some of the top priorities that clients come to you and say, here's what we need to make sure that you know we're going to play with you in your cloud, in the in the Amazon Cloud or AWS, and just what is top of mind for them in terms of security and risk and compliance.
So I think it's that's the secondary concern. If we think about sort of why firms adopt cloud first, it's to change the business dynamic. Right. It moves them from having to make three and five year capital investments to be able to buy what they need when they need it, only pay for it. And when you think about.
Like the desert versus on premise enterprise exactly.
And when you think about something like mortgage refinancing, right, being able to tie your business costs to the volume of business you do as opposed to an investment you made three years ago, it allows you to be more dynamic from a product and services perspective, right, So it changes the way you think about your business. But security and operational resilience are table stakes for us to be
successful in the industry. Right, primary focus above all else is making sure our customers are secure and their data secure, and that our systems are running as close to perfect as possibly can be, but.
It also means that you guys are taking on that capex risk.
Yeah.
Absolutely. One of the benefits though, kind of being at our scale and our approach to the business is the larger you are, the more you have that ability to kind of work demands across industry segments and they offset each other. And if you're very much thinking about from a financial services perspective, it's a little bit like what a clearing house or clearing broker brings to the table.
If they have some customers or long positions, some customers short, they can manage that risk better than any one participant can. And from a technology perspective, we take advantage of that kind of scale to be able to do the same thing on behalf of our customers.
Is Jenai Generative AI changing any of that, because you know, we've been having discussions kind of back in our newsroom about the on premise enterprise and whether or not they're going to be companies, whether it's financial or otherwise that are going to do kind of a hybrid approach and want to have some facilities on site that maybe there is some data information or processing that they want to keep kind of closer to home versus tapping the cloud,
and I'm curious how that is impacting your discussions you guys are having around that.
Yeah, I think in a different way. So almost all our customers start on premises, and we have to work with them from a hybrid perspective to help them take advantage of the cloud, and we want to make that
infrastructural is transparent to their existing infrastructure as possible. I think Jenaia that accelerates the move to the cloud as opposed to kind of keeps it on prem When you think about the sheer computing power necessary to drive these foundational models to kind of see that expertise, it's beyond the ability for most firms to be able to make
that investment. Right, when you think about the risk you're taking to buy that much specialized compute at scale to train essentially almost all of human knowledge to kind of build on these models, you can't take that risk on as an individual enterprise. You've got to figure out how to leverage kind of best of breed providers, and we have the ability to kind of invest enough in our infrastructure to specialize it so it works both at scale
and at a lower price point. We even build our own silicon chips to actually make those things more efficient. So we see, especially in the generative AI space, that need to leverage the cloud to both be successful in building new foundation models, but more importantly, how most of our customers are actually going to take advantage of it.
They're going to use one of the existing foundational models that are out there from an anthropic or kind of a meta or coher and want to use it themselves, and we want to make that available, and we want it so they could use it right away, right, So they're not going, hey, how do I build out a technology plan, how do I findinance this? With macfo, It's like, oh great, we can go try this right, and we make that immediately available, and we think that just accelerates the value of a tobis.
So you're not seeing really any kind of shift in terms of people wanting to have it more on premise.
No, actually, I think it's just the other way around the way around.
Okay.
Yesterday Jamie Diamond over at JP Morgan Chase his annual letter, he likened AI to the steam engine. Do you believe we're at an inflection point that is indeed that drastic.
I think it is when you talk to our customers, the sheer amount of ideas that are both driven from top of house from this CEOs that are saying, look generated as a priority for us, right, we need to think about how this changes our business. But also sort of from the rank and file, anyone who's ever gone to a GP backpot and actually asked a questions sort of suddenly understands how efficient they can drive their own business.
It was Travelers who kind of in their own use of generative AI so saved one hundred million dollars from an operational expense perspective, just by automating those tasks that tend to be very document labor, human intensive to kind of be able to be more efficient. You know, we're
talking at this Marsh conference today. From a compliance perspective, we've seen firms like Nassex, everyfin who does any money laundering, you know, be able to reduce, you know, the time it takes to investigate a fraud alert by like sixty percent. And when you think about those operational savings at scale, you're seeing sort of just huge excitement about the potential
for adoption. And I think we see it really being embedded in almost every application, So no matter what you use, it's almost going to have that kind of capability.
Is that what's kind of surprising because we do you know, John, we talk about that AI is not anything new, It's been around. It's just now we're talking about kind of next level right when we when we talk about machine learning and generative AI. But I think about our audience who are listening, like, what would surprise them about what you are seeing when it comes to generative AI and the usage, it's not just about what it maybe can do, it's what it's already doing, it feels like in.
Any ways, part of it is that the pace of change over the last year has been so dramatic and just with the models are capable of really yeah, I mean we saw just sort of we work part closely with anthropic commit equity investment in them and just sort of seeing the difference between sort of Claude two and Claude three in both its performance but also its cost.
And that's over less than a year period. And what you're seeing is that there's such a variety of models and the models are getting so much better that it's not just that you're seeing immediate benefits and production with some of these productivity applications. Is that you're all thinking, oh gosh, if this keeps going, this is going to change the way I look at almost everything. And you know, generally I don't focus as much, but we're seeing that
on the developer productivity side. If you're a programmer and you're looking to write code or update code, the tools are getting so powerful and you're just seeing these massive efficiencies and being able to kind of innovate from our product side, it's hard to know where it stops. And I think that's why everyone's so excited.
I should note the investment in Anthropic is a huge investment, an additional two point seventy five billion dollars just a couple of weeks ago.
Yeah.
Well, and then the second transhot exactly as part of that. Not only do our customers get the benefit of being able to use the Anthropic model, Anthropics committed to sort of integrating with our platform to get better price and performance for our customers.
Yeah.
So interesting, the integration of it, John, thank you so much.
Oh my pleasure.
This is great.
John Kaine, head of Financial Services market Development over at AWS, joining US here at smash Connect, you're.
Listening to the Bloomberg Business Week podcast. Listen live each weekday starting a two pm starting on Applecarplay and Android Auto with the Bloomberg Business app. You can also listen live on Amazon Alexa from our flagship New York station Just say Alexa playing Bloomberg eleven thirty.
It's a little bit of sound in the background. We are here at smash Connect in Midtown Manhattan. We've stepped outside Bloomberg headquarters. They're going to bring down the volume a little bit, but it's exciting.
This is people are partying.
Well, it is people are partying.
It's a moment where they bring in clients and customers and they're talking things like technology, they're talking AI, they're talking compliance, and so there's a lot of good energy.
Well, speaking of AI, Carol, Intel rolling out a new version of its artificial intelligence chip, aiming to challenge in VideA in one of the fastest growing parts of the semiconductor industry.
Right out with an updated processor, it will be widely available on the third quarter. It's designed to boost performance in two key areas, helping train AI systems and also a process that involves bom barding them with data. We know that, and also running the finished software. It's all about AI.
We know that.
We've been talking about it NonStop for over year now. And someone who knows a lot about it is Brandon Carl. He's executive vice president of AI and Product Strategy at SMARSH with us on site here at SMARSH Connect.
So good to have you here with us.
Thank you for having me.
Thank you for inviting us. Actually we're here in your home AI. There's so much going on every day. AI is not new, we know that, we say that all the time, but next level machine learning, generative AI and what it can do. How do you get your head around what really matters? It's something we ask our AI reporters. What matters, what doesn't? How do you figure that out?
One of my favorite quotes in this space is AI is always what the computer can't do now right and what it could do yesterday. And so when you take a look at this, what we take a look at is what a outcome.
The customer is trying to achieve.
And when we look at things like AI and machine learning, they are about a dozen different technologies we use in terms of taking customers into production and their software. So when we use these and when we see things like generative AI, they're incredible new things that this technology can do, and that enables us to do incredible new things for our customers.
I think back to when a I got on a lot of people's radar, not people in the space, but like investors who really started to think about it as a new category for them or lay people. Really it's this idea like kind of playing with CHATCHBT for the first time, perhaps in the fall of twenty twenty two. When did it get on your radar?
A long time ago? So we have been how long We started work on natural language processing back in two thousand. It was a company Smarsh acquired called Digital Reasoning, And then we started working with the financial services industry in twenty fifteen and twenty sixteen, and we started doing very large scale deployments then.
So we've been working for a long time.
Why was there such a long period of time between two thousand and two fifteen twenty sixteen when you started actually implementing it.
Sure, the early customers were actually government customers that were interested in national defense and security, and it wasn't until after the Libor crisis you had about three to five years where budgets increased and suddenly people said, there's got to be a better way to keep the markets safe.
How does crisis and lawsuits and fines and things like that kind of shape what you guys are doing.
In you particular?
Sure, I would like to think that the industry could be wildly proactive. But typically what happens is some event happens, right, and then firms get budgets and they say, we need to prevent that from happening again. So there really is a unicause and effect that plays out there.
Is it getting a lot more complicated though?
It is mostly because the number of ways people communicates.
Something we've been talking about. I mean, he has been working for years on art all. They had issues with WhatsApp, for example, just one platform.
How do you put that to process more than one hundred different platforms? And if you think about this even five years, three hundred million today. So whether it's Slack, team, Zoom, WhatsApp, we chat line, signal, like, there are all different ways people communicate.
I was in doing research for this this interview. I was I was trying to find information about how many messages a bank typically processes in a single day. Yep, couldn't find that data anyway. Yeah, give us some numbers.
It really depends on the firm and the type of firm. Typical employee is like anywhere from one to five hundred messages a day, but.
To each employee, one employee, Yeah, yep, okay, so give us some huge numbers here about the processing that you're doing in a real tier.
Yeah.
So so firms can you know, generate as many as tens of millions of messages every single day, right, and we will process billions and billions of communications. So if you imagine all of the comms coming together, that's what we really have to process.
If everyone's here today, who's processing the communications?
Yeah?
I really I'm worried about that myself.
Yeah, you know, I'm looking at the notes that your team shared with us and regulatory grade AI what exactly does that mean? Because I do feel like it's going to be a term that we're going to be using increasingly.
Yeah.
Absolutely.
So.
On one hand, people can log into chat GPT and just use it, right, Yeah, But when you think about a regulated industry, you have to protect against things like bias. You need to make sure that you understand how things are actually working. You need to make sure that you can rely on that over and over again. So it's really a higher standard in terms of how you approach things.
I want to ask you because you do have Probably you guys in particular, have a great We tried to ask ste like, who are your clients? But he's really quiet, But we know you guys are well in trench, certainly
within the financial sector. But I do wonder, Brandon, when you look at things, I mean, how equipped are is the financial community when it comes to compliance and risk and transparency In a world where increasingly, as we said, there are more and more touch points that create risk, and in a world where there are more and more oversight and regulators looking and looking for problems.
It's a hard problem to tackle, particularly for firms to have global regulation on things. Yeah, what I can say, we genuinely have fantastic customers within this space, and what you typically see is you see a handful of them really trying to trailblaze and lead the industry forward, to make markets safer and to make their firms safer. And they help the trail blaze to create the paths for the rest of the firms to follow.
Us and bring along like their supply chain with them.
To some extent their supply chain, but typically less so in what we do.
Okay, you know, I.
Hear you and Steve speaking, and I think about another highly regulated industry, medicine and also an industry that is trying to figure out how to use AI. Any any talk discussion about getting into medicine. It has the hipA stuff when it comes to communications between patients and doctors, has the regulatory issues as well. Is that all Does that all come up on your radar?
It does come up on our radar.
We really look at regulated industries as areas that we can have the biggest impact. So pharma is one of those energies and other and then financial services. So we do think we can have some impact, but we're really squarely focused on solving these markets use cases as best we can in the near term.
So again, like I think about, I keep thinking about the Bloomberg audience.
So what are you guys.
I'm sure there are scenarios you play out. Okay, these are the risk scenarios that we need to be thinking about in a world increasingly that is ruled machine learning, generative AI, what are the risks that you think that we should all be kind of preparing for because we're not going to catch everything.
Yeah, we will.
Unfortunately we won't catch everything. And typically what you'll see sometimes you'll see nefarious bad actors within firms, right, and then other times there are people who just don't know any better. And you really want to help the people who don't know better to say, hey, you didn't intend to do this, like this is the right way to do things. But we also have to keep an eye towards the people who are ruining the reputations of their firms or you know, other people who are trying.
To do the right thing.
So really bad actors, there.
Are bad actors unfortunately that are out there.
Are those usually internal with an affirm in in trying to have some sort of inside edge when it comes to making money, or they usually bad actors from the outside.
It can be both, right, Typically the outside bad actors are more from an information security standpoint, right, And sometimes there are people internally who are just trying to make a buck and not do the right thing.
AI.
The conversation in a year from now just got about thirty seconds left here, Sure do you think it'll be dramatically different or just more the same.
It will keep improving, absolutely, and we need to keep figuring out how we can actually use these technologies and the right way to improve the world.
All right, really interesting stuff.
I don't envy you, because you've got a lot coming at you. Brendan carl Executi, vice president of AI and Product Strategy at s Marsh joining us here on site at smash Connect.
Really really cool stuff.
You're listening to the Bloomberg Business Week podcast. Catch us Live weekday afternoons from two to five pm Eastern. Listen on Apple car Play and then brout Auto with a Bloomberg Business app or want us Live on YouTube.
Last week, SEC won a jury verdict and its groundbreaking insider trading case that seeks to bar employees from using non public information about their own company to place bets on rival stock. Also, a former Flow executive and his cousin recently admitted to insider trading on confidential information about a pandemic related government loan to Eastman Kodak. All of this happening, Carol, while the agency has been dealing with a number of high profile crypto cases, and I got to tell you.
We could go on and on.
This is just a sampling of what I found when I typed into the Bloomberg terminal and I.
Fraud and I fraud. Yeah, there's a lot. So I'm guessing it's not going to come.
As a surprise fraud an alleged.
Frauduct To be fair, we're guessing this will come as a surprize to our next guest. Rob Mahra is with us. He's a principal in EYS consulting practice. He spent decades working on risk and regulatory compliance, tech and operations, think sanctions, anti money laundering, fraud management, and of course working with regulators. It feels like it's all the courses that we take at Bloomberg to make sure that we are compliant and very careful.
Welcome, Welcome, Nice to be talking with you, Thank you, good to be here. Tell us about your world.
Many stock tips.
We are a public, We're all like we've got a public lads.
Doctip's a bit of a problem. So basically, the way I kind of put my job overall is, you know, I help financial institutions get out of trouble and stay out of trouble. You know, if you just see all the different things happening in the news. You know, you
mentioned insider trading in just a second ago. You know, there's all sorts of different types of regulatory compliance matters that hit institutions from any number of areas, and they're very complex, you know, particularly when you start dealing with
a large multinational firm. The regulations may be different. In some cases, they may be conflicting between different jurisdictions, and trying to navigate that to figure out how you can do something and do the right thing is a bit of a challenge, is it.
Though, Because Okay, I gotta tell you what I was going.
Through all that. When Tim does that, is it that is fraud.
And alleged fraud? I mean, it seems like a lot of this stuff is pretty clear cut, and you get people the stuff that I'm reading about, mind you, Yeah, it's pretty clear cut, like okay, yes, this is okay, no, this is not okay type of stuff. And it seems like it's not necessarily the firms. It's certain individuals within firms that are just looking to make more money.
It can be a combination of both. And while some of the things are very very you know, black and white. You know, if you look at you know, like front running, somebody's trade, very very straightforward in terms of how that's done, but if you start to think about how that actually
works out. You know, front running, you understand the concept, but think about you have you know, thousands, if not you know, hundreds of thousands or even in some cases millions of trades going through a day, and all the particulars around those trades. So let's take a very simple example. Suppose that you place a trade on behalf of your customer, and or you place it on behalf of a bunch
of customers, and then you reallocate it afterwards. Well, the way that it might show up in terms of how it looks in the data is it's actually looks like front running because you traded before the customer actually the customer order went through, but you were trading on behalf of a customer. Does that count as front running? No, obviously it doesn't. And then there's certain exemptions, it's a
black box exemption. There's alsort of these different variations. Now, yeah, it doesn't mean that there aren't some things that are just straight white. You know, you mentioned some of the insider trading questions, you know, but there are other things where it becomes more of a risk question. You know, if you look at money laundering activity, other types of things like that, where it's like, well, you know, how much do you know? Versus how much should you have known?
Versus how much was hidden from you?
You know?
Versus you know, what are your employees doing? It becomes a bit of a challenge. Again, doesn't mean there's not some black and white stuff. There's definitely some black and white stuff, but unfortunately there's a decent amount of grayness.
But in a world that is increasingly digital, if not all digital, I think about, even as a journalists, go back how many years and I didn't spend as much time on a computer. Now I live on a computer. No matter what I'm doing. My whole life right now is on a computer. Does it make it easier in terms of tracking down compliance and risk or figuring out, okay, did something really wrong happen here? Or does it make it easier or more complicated?
It's another little bit of both, because one thing that kind of comes into play is just the sheer volume of data. Yeah, I work within a number of customers, and if you just think about it just the data that's coming think atm footage, just the videos coming out of that that can be literally petabytes of data.
Wow.
Yeah, you know, if you look at the number of emails going through, or you take a large US financial institution, one of the top four, a billion transactions per day, you know, not counting the trades, not counting all the other things that are happening, all the other events onboard.
So what do you do with something like that? How do you scrape through or figure out what I mean? Do you have to is everything gone over every How do you deal with that?
So you you definitely rely on a lot of automated and analytics type of activity, but you're you're constantly tuning and adjusting it. You know, like I do a lot of work in the fraud space. As an example, every time you swipe your credit card, there are literally, you know, hundreds of algorithms running in the background to try and figure out whether or not this is actually you Does it make sense? Is it something that you know we
should block or we should allow? And they have to make that decision in milliseconds because otherwise, you know, you're getting a rejection and you want to minimize that and that behavior is going to continue to evolve, and so you're constantly bringing in new data, you're tweaking your algorithms, you're adjusting these things, and then multiply this by the you know, literally thousands of compliance regulations you need to
check too. You have to rely on the automation, and then you know, people are getting very very very advanced in you know, you've seen deep fakes. You know, how can you tell the difference between a deep fake activity and non deep activity?
Let's talk about that little bit.
How can you so if you're an if you're an ethical company who's built the technology to do this, and they talked a little bit about during the conference today. You can tag images, you can tag different types of things as being you know, generated by AI. If you're not an ethical company, or you're a fraudster or you're you know, some type of scammer, you are going to not put those tags in and you're going to do
your best to adjust them. It doesn't mean that you can't detect them in different ways.
I don't know how many how many times a day do you get text messages from somebody who's trying to spend who's literally trying to take money from you.
Literally one of my favorite questions I asked people want to you know, the other one being that everybody's information is compromised and you just kind of have to accept it and protect against it. But yes, you get I got one a couple of weeks ago from the electric company told me if I didn't pay in forty five minutes, they're going to shut off my power, right, you know, And because I work in the business, I'm like, yeah, this.
Is I guess what I'm saying is there's no shortage of bad actors. No, like there you know, there's no chance that the bad actors are going to tag their jenai with any sort of metadata that will show that it was generated.
No.
No, but there are ways and analytics techniques that can be used to detect different types of activities.
But the problem is that it's only the best line of defense is a person right oftentimes, and people don't have that type of training.
No, they don't. I mean I've I've told any number of people you know, pretty much, don't click on any link in any email, don't click on any pop up ad, don't you know. But you know, the fraudsters are getting sophisticated. In fact, a current trendy is now that the old style fraudsters are no longer committing fraud. They're just creating toolkits personas you know, mule accounts, other types of things, and selling the fraudsters actually commit the actual fraud.
Now and shovels where that's where the money is.
Are we more secure than we used to be? Are we more vulnerable because there are a lot of tools out there to enable people.
To trick us.
I think it's a constant battle. I think in many ways. You know, despite you know, my earlier statement that everybody's information is compromised to some extent, I mean pretty much, you know, your social Security numbers out there, address name, all that type of stuff's out there. But how you know, and there's definitely identity theft happening, and it's and it's on the rise, and it continues to occur. But is
it a daily occurrence for most individuals? No, you know, is it reasonable to say that at some point in your life, you know, probably within the next five to ten years at most, you know, everybody will have some type of identity compromise of some sort. Yeah, I think that's that's a legitimate thing.
But what does that mean is that just the case of a we tapped into your health insured your are you doing on that level or something more serious?
When you say that it.
Could be more serious. It could be that they opened up a credit card in your name, you know, and then the first thing you notice is when it shows up on your credit report, which hopefully you check regularly, and then you see that and then you can deal
with it and get rid of it. It could be that you know somebody somebody like there's been the cases lately with houses where people are selling houses that they don't own, you know, and are you actually able to, you know, rely on people to find this stuff for you? And who do you rely on? I think that the tools are out there to make it better overall, and in one sense you are more secure, but you're constantly fighting a battle.
Wasn't this the promise of the blockchain? And it's kind of a perfect segue to talking to you about crypto a little bit and how your life has become more complicated in a result of crypto. But wasn't this the promise of the blockchain that we'd all have our own identifying information with us at all times. Our house was our house, because it's said so on a ledger.
It could be to a certain extent if it is out, you know, if it's already everything was already on the blockchain, but it's not. One of the challenges I think overall with the blockchain is that you know, bad data as well as good data becomes permanent. That becomes a bit of a challenge when you start dealing with, you know, some of these things along the way. You know, blockchain
is not everywhere at the moment. So like you mentioned owning a house that's not on a blockchain right now, there's a fairly good chance it's in some you know, local county clerks, registrars or.
Sound like you think it will be either in the near.
Future not in the near future. I think aspects of it definitely. I mean there's a lot of activity and you know, decentralized finance, you mentioned cryptocurrency. You know, there are some definite areas where I think that it already exists and it will continue to grow in some of those areas. But is it something that is going to happen in the next you know, year, two, five years, ten years. I don't think quite so much.
I mean, I hate to play like Armageddon and like you know, the Dark Day, But I mean, is there a moment in time that you would anticipate just because things are getting so much more sophisticated and the tools are out there and everybody's doing compliance is certainly trying to keep on it. But there's going to be a point where you go to access your bank and you can't, or you go to look at your investments and they're wiped.
Like is that the scale? And again, I'm not trying to be aclammatory, but I'm just trying to be realistic.
Of I don't think that it's going to get quite to that because, if nothing else, the financial institutions have some pretty strong controls in place for things like that, and they also, you know, many of them will you know, reimburse you for different types of activities that happen along the way. And I mean, if you went into your brokerage account all your investments are gone, you know they are going to be taking a look at that to
figure out what happens. But most likely when they saw somebody trying to sell out of your entire portfolio and transfer the money it would raise twenty seven red flags along the way, and they would have blocked it a little bit.
Right when you're traveling in credit card company calls and says it's is you because.
Yeah, exactly, really there good stuff, but it puts it on but it puts it on you.
It does put it on you because if you didn't answer the text, well, then they're going to block it. And then that means that your credit card might be locked in a particular country because you didn't your text.
And so there's an awareness on like all levels, right.
Yeah, And it's not like every asset is protected at the same level. Like you know, somebody is selling your house. I mean, it's that's protected at one level somebody. You know, if your credit cards are protected differently from your debit cards, which are protected differently from your brokerage account, you know, there are different rules in place for all of those, you know, and it means that you can't be oblivious.
You know, you have to be somewhat vigilant. You have to check your credit report, you have to make sure that like you know, if you do get a text from your bank, first of all, make sure it actually is from your bank, right, you know, and then you know.
Just plenty of stuff there to keep you busy.
Check your credit report to the to do list. Okay, I do absolutely good, right, That's what I like to hear. Rob Mehra is a principal in EUIs Consulting Practice, joining us here at a smash connect.
You're listening to the Bloomberg Business Week podcast. Listen live each weekday starting a two pm Eastern Apple card Play and and Royd Auto with the Bloomberg Busines. You can also listen live on Amazon Alexa from our flagship New York station Just Say Alexa playing Bloomberg eleven thirty.
We just had kind of a sobering conversation with all the risks associated with AI, with data, our data being out there.
Still telling us stories about fraud and just romance, fraud, pig butchering, which we've done stories, our team has done reporting on that. Like it's just every day, there's tons of stuff going on.
Needless to say, I think it keeps a lot of folks up at night who are thinking about risk and risk management. And that's exactly what our next guest focus is on providing compliance and risk technology for nineteen of the world's twenty largest banks in addition to serving other customers of smash. Tom Badget is president of Enterprise Business at smartsh He's here on site with us at Smarsh Connect. Tom, how are you.
I'm doing well, Thanks so much for having us here. Thanks for joining us. Tim Carroll great, Yeah.
How would you describe what you do here?
Great question? So we really so what I do personally personally, so I've run so we have really two segments of our business. We have small medium business think registered independent agents, small shops ten to one hundred people. And then we service the largest financial institutions in the world. And in what you find, while we delivered similar sets of capabilities,
very very different needs. So when you're talking to the largest financial institutions globally, they're worried about things that maybe are a little bit different than some of the smaller companies. Still regulated, but looking for a lot of complexity that maybe isn't inherent in all smaller organization.
I always say that conversation that Jamie Diamond did, I don't know is it now, ten years ago, fifteen years ago up on stage and he said like they were like, what's the thing that keeps him up at night, what's the number? We think he was talking about cybersecurity guys and the technology spend and that he was focusing on it, And I think about, Okay, here we are over a decade or so later, and I can just think top of mind, what the executives say that they need to be thinking about.
It's a huge board level topic. Yeah, right, what are the risks we're exposed to? Obviously two thousand and eight had a huge impact on this space, so the ability to and what's really exciting now too is we've gone from a world where we've we've gotten all this information, petabytes and petabytes of information, all the communications with customers, and it's been really more of a okay, what can we personally find out there that might be there and
utilizing AI to do that? I know, buzzword AI, right, But now it's turned into a world with generative AI. Okay, what can the machines tell us that maybe we never thought? How can we take this information whis hugely critical to protect our institutions but also make us better at what we do?
Why will generative AI machine learning kind of make us be better when it comes to risk and compliance?
Yeah? So it helps So think of it this way, and it can get like some I'm even like, what the heck? So we've been using a all of us have been using AI.
For a long term, and we keep saying that too as it's not a new thing.
Yeah, it's not a new thing.
So what it can do its capability.
So think part of what we're doing now is generative. We're bringing things. So it's that difference between Okay, I'm gonna tell it what to look for and what to ask and then it comes back and gives me something based on loads and loads of information. Generative is the machines really thinking and thinking things that Caroly, you didn't think of, Tim, you didn't think of, I didn't think of, and wow, I never thought of that, And wow that could now protect me in a way that I never
knew I even even to look at. It's really really exciting.
I understand this from product development perspective. I understand it from a drug development perspective. Carol, and I've talked to our colleagues at Bloomberg who've reported extensively on those. But when you think of financial services, what can it provide that that we don't know is out there?
There's so much so, So first and foremost, let's think better, better service, right, So think about what we deal with for for your your listeners are communications intelligence. So all communications data that a financial institution might have with their customer has to be stored archived. Okay, So the ability to go in and say how many how many things you see out there, like, well, what do our customers
really want? What do they need? Well, you now know and can see and understand and hear firsthand what it is they're looking for, and it's oftentimes it's so buried in massive volumes. It's beyond looking for a needle in a haystack and haystack and a haystack. It's even more well, now the machines can go through and figure that out and provide a better level of service or potentially protect the organization.
Where they make sure that the machines that are going in and either providing or going to provide better service or better you know catching you know, problems where there's kind of risks if you will, how do you make sure that they're going to do the right thing? Because it's only as good as the information that goes into.
It, and you just hit on the magic question, which is, okay, do we just turn these loose in a way we go to answer that is no. So you need to make sure that the large LLM large language models that are being used, that there's some level of oversight on those and what is included there. So the machine can go off in a way that you never intended to. Right, So there also needs so they call it drift machine drift it starts to drift off, there needs to continue to be This is why it's a bit of a faucy.
You'll hear all jobs will be gone. That's not true. Jobs will change, they'll be different, but you'll need people to look and say, this model is starting to drift in a way we never wanted it to, or a minute to hey let's rain this back in.
What jobs do you think all at risk?
You know what I would say is anything that is is and I don't think it's risk isn't necessarily the right word, But hey, what are ones that the machines do really think repetitive in nature? So let me give you an example. So one of the areas on AI right now some organizations had historically used was okay, I just got at one point in time we would get we would get a thousands, very cute, a thousand notifications
of things. It might potentially be risky communications. All right, so you may have a team of people that go through that in a in a email. Let's use email, email by email. What did Carol really mean here? Well, when she was talking about her children at home, she really meant her children at home. I asked that question.
Yeah, so there's a machine that can help me.
That's a that's a level of and very rarely do speople. I love doing that. And now think about it this way. What used to be thousands of identified now is millions. Well what had been a solution is okay, we just need to get a lot of people to look at that.
So what do they call it? Tech adjacent or human?
Like?
Right?
That?
Bas think technology adjacent with human or like working together side? I forgive me if I'm mangling the term.
Yeah, very much.
So you know, I'm listening to you speak, and I know the financial community is kind of your bread and butter, and that's your guys focus. But I'm thinking about the world of social media in general and the problems that are there that why can you It sounds like from your knowledge and expertise to create something that can also go in and scrape the things that are incorrect, false, wrong, dangerous. So for me, is it that potentially easy?
The technology is there? Yeah, So from from our perspective, we do.
So.
It's one of the communications.
That we need to do right to protect this.
Absolutely. So our customers have to make sure that tim works for our institution and you have a Twitter account, we have to make sure that that is something that we can capture, that we make sure that nothing's going out in a way for that financial institution. We absolutely do that.
But I mean bigger broadly in terms of social media.
You know that I'm not necessarily trying to put you on the spot, but this idea of social media and all of the bad information that's out there, and it doesn't seem like we can get a grasp on it, but it sounds.
Like technologically the ability. Now, then you get into other like, hey, what do we want to do? I won't I won't get into that, but hey, what do we want to be able to look at? What do we want to limit? But the technology and keep in mind too, we don't say not what you can to do, but we will identify, Hey, this communication that went out is not in compliance with your standards. That is something that we absolutely do, and financial institutions are all over that.
Give us an idea of how often that happens.
Yeah, gosh, it's crazy and oftentimes here the biggest challenge of financial institutions have are false positive.
So so let's happens a lot.
Yeah, sure, because what can happen is the bad folks are really really creative. So you know, I'll use an example. I always tell my wife, she's like, what do you do. Nobody's gonna say, Hey, I think I'm gonna do an insider trade. I'm feeling like this is something I need to do. Now there's gonna be they'll go from chant what we say, cross channel, Hey, let's take this offline. Yeah,
those are the types of things. So the machine can go in and identify intent even and say, hey, you probably need to look at this.
One, meaning asking somebody to take it off to a different form.
Of Tim Tim said go pick up my children from school. Tim really meant go pick up my children from school. Or Tim said go pick up my children from school, and somebody else said, well, the children at school waiting for you to pull the all of a sudden, the machine can pick that. And again one of the challenges that now the volumes of data are so massive, which really a lot of that came from COVID, where I used to be able to dictate and mandate to you, Tim, you can't use plug into a name.
Well, okay, so are you capturing You capture communications on the phone.
Over one hundred different channels of communication, but voices something it's a little more difficult, something that we are working on a lot. But you get in a transcription. The crazy part about voice that gets into is and it's funny, we had we have this conversation constantly. Spanish is not Spanish, is not Spanish, It's not Spanish. English is not English.
So you have to The machines are still not great at that, but from a technical person perspective, it is absolutely something we look at.
So so phone's part of it, voice part of it, and zoom teams all that stuff.
Yeah, yeah, so so all those and so use those those examples. Pre COVID, I as a financial institution con mandate you can't use this. You can't use this tool to talk to your customers. All of a sudden, you have to use it to talk to your customers. So there's been such an explosion of data. You know, it's funny. I joke sometimes with our customers. I say, we adopted this crazy concept back in twenty seventeen. I think you talked to Steve earlier called the cloud well, and truly
at that time people thought we were nuts. People said, nobody will ever put their compliance data in the cloud. It will not happen. Now it's the only way to scale. So COVID hits now we have these on prem. I'm you know, I'm using these terms on prem.
PREMI yeah, enterprise systems and so.
All of a sudden, I'm an internal financial institution. I have an on prem system and massive volumes of data. The hardware costs alone to keep up with that. Versus if you partner with a partner like us. We partner with AWS Francis, they can scale like a globally.
What about speed and reliability? Like so I might say, he listen, I want to have it closer. So maybe I'm going to have a hybrid and I'm going to play around cloud and you know, a little bit of combination.
Yeah, I don't know if that's a hunting you guys at all it.
Does, and it's a conversation.
A lot of what we do is if you say, don't do it, no.
No, So what we say and we show and a lot of what we do is prove it's actually a lot of the assumptions are not valid. So speed and reliability and safety is actually higher in the cloud. So these are institutions that that you know, these big hyper skills. This is what they do and they're used to handling those massive volumes.
Okay, oh go ahead, Well I know we have to wrap thirty seconds. So I'm thinking about we Bloomberg investment community and thinking about Okay, I'm listening you know to Tom talk here.
So what does that mean?
Do you think you know, cloud is just it's just going to grow even more exponentially, Like what what's the investment thought?
Our thesis off of yeah, you are sick.
Cloud is here to stay, that's not going anywhere. And in fact, oftentimes you get to a point where's like, well, of course that's how you're going to scale it. Their their organizations and companies. This is again what they do. And when I say, what they do not just scale, but they're used to those bad actors that are trying again. They deal with that all the time. So again not to get into too much technology, but we are a what we call triple active architecture. So think at any
given time, your data is in three potential areas. So if all of a sudden there's an event that happens here shuts it down, you run with you never even the other.
We got to run, but next you got You have nineteen of the twenty largest banks when we talk to you in a year, you can have twenty of twenty. I'm pretty sure I want to share their names there it is.
I got close a couple of times.
Tom Paget, Thank you, Thank you, really fun Tom Paget. He's president Enterprise Business here at smash.
This is the Bloomberg Business Week podcast of a Little Apple, Spotify and anywhere else you get your podcast. Listen live weekday afternoons from two to five pm Eastern on Bloomberg dot Com, the iHeartRadio app, tune In, and the Bloomberg Business App. You can also watch us live every weekday on YouTube and always on the Bloomberg Terminale.
Na