Wall Street Firms Cope With Surge in IM Traffic

By Maria Trombly | Securities Industry News | Mar. 17, 2003

About 18 months ago, equities trader Melanie Vangopoulos at New York City-based Burlington Capital Markets started using free instant messaging to chat with friends, clients and colleagues. Your traders probably did, too. Sure, there's Bloomberg, Reuters, Communicator, IBM's Lotus Sametime and other messaging platforms specifically designed for secure, enterprise-quality communications. But while Vangopoulos does occasionally send the messages through the Bloomberg system, AOL Instant Messenger is her platform of choice.

"AOL is the standard on the Street," she said. "The trend probably started a year and a half ago, and more and more people were on it." She uses it all day. "I communicate with most people through AOL IM," she said.

Vangopoulos didn't talk to the IT department, she just went to the AOL Web site and downloaded the client. A few minutes later she was up and running. Was she worried that the messages weren't secure and weren't archived? Not particularly, she said.

Burlington, an agency-based institutional brokerage firm, wasn't the only Wall Street firm with employees using public IM services. According to estimates from Boston-based Yankee Group, there are currently more than 25 million business users of IM in the United States, most of them so-called "stealth IMers," using public IM services on an informal basis without IT approval.

The Securities and Exchange Commission's Rule 17a4 compels firms to retain all documents, electronic and otherwise, that relate to their "business as such," for three years.

Regulators now more than ever are looking at IM as well as e-mail messages for compliance.

If a company decides not to curtail all use of instant messages, then it has to take action to make sure that the messages are archived. Even if, at first, the penalties and fines for noncompliance may seem small compared to potential legal liability if incriminating messages are found, this will not always be the case, said Dan Regard, managing director of the electronic evidence and consulting practice at Annapolis, Md.-based FTI Consulting.

"And it's not just the regulation fines that you need to be aware of. Your big danger comes from civil liability, where there is no cap on the awards," he said.

For example, if a brokerage is sued and the instant messages that should have been archived are missing, the judge may assume that they were damaging to the brokerage and may instruct a jury to decide accordingly-or may simply award the case to the opposing side, he said.

"We call that an adverse inference," he said. "I think that firms, rather than ignoring instant messages, should embrace the technology and control it and, based on the content, make the decision whether it needs to be archived and preserved."

Firms are now taking three basic approaches to solving that technology problem.

The first is to forbid all use of public IM services and offer employees approved providers instead. These include enterprise-class instant messaging services such as IBM's Lotus Sametime, and industry-specific services from Reuters and Bloomberg.

For example, public IM services like those of AOL are blocked at New York City-based Alliance Capital Management L.P. Instead, some 40-odd members of the firm's global fixed-income group use an instant messaging service from White Plains, N.Y.-based Communicator's Hub IM product.

"Personally, I have an AOL account and I cannot access my instant messages at work," said Andy Aran, SVP for the firm's global fixed-income group. "We are not allowed to use AOL IM internally for security reasons."

Having Hub IM not only allows the firm's corporate manager to stay on top of the live market forums that are hosted by Communicator, but also allows for one-to-one instant messages, just like AOL IM does.

"While most of us are here in New York, we also have some corporate managers in Westchester and some in Minneapolis," Aran said. "This allows us to make sure that everyone knows what's going on."

The downside to Hub IM, however, is that it's primarily forum-based, and employees have to be specifically permissioned to use it. As a result, other employees at the firm don't have an IM product that they can use.

"Frankly, from my perspective, our internal Lotus Notes [e-mail] capability is sufficient," said Aran. "And there's always the old-fashioned way of knocking on someone's door or calling them on the phone if you need them ASAP."

The second approach is to allow public IM services but to use software or an appliance at or near the company firewall to track all incoming and outgoing messages, archive the ones that need saving, and flag the ones with objectionable content. This is the approach that is gaining ground on Wall Street, embraced by vendors like Foster City, Calif.-based Facetime Communications and Boston-based IMlogic. Disadvantages include the lack of encryption for many outward-bound messages, difficulties tracking Java-based messages, and a lack of archiving for employees who are on the road or telecommuting and access the Internet from outside a corporate firewall.

Yankee estimates that some 45,000 licensed users have opted for Facetime, which has deals with IM providers like AOL. The next release of the AOL enterprise edition IM client is expected to have encryption built right in.

Facetime is currently a leading provider of IM compliance, monitoring and archiving tools, and has recently signed a partnership deal with Legato Systems, a major Wall Street storage provider. Facetime claims six of the top eight banks as customers, and said the company has done more than 50 deals in the last year.

"It has gone from an initial adoption by the early adopter market to mainstream adoption," said Facetime COO Medhi Maghsoodnia. "Anybody who's doing buy-side or sell-side trading is buying into an IM solution."

Imlogic, by comparison, has 125,000 licensed users according to Yankee Group estimates, and claims five out of the top 10 financial institutions as customers, including Merrill Lynch and Bear Stearns.

Meanwhile, encryption may not be that important for Wall Street firms-at least, in the immediate future. Even though instant messages travel the Internet as plain text, the already fragmentary conversations are further broken down into tiny packets, and so far hackers have shown little inclination to try to stitch them together and reconstruct what might turn out to be trivial conversations.

Mike Liker, CTO at Minneapolis-based Craig Hallum Capital Group, Llc, was recently shopping for a way to archive instant messages, and narrowed the field down to two vendors, both of which have products that sit at the firewall. Shutting down IM altogether wasn't an option.

"We are an institutional brokerage firm and the heavy users are our salesmen and the traders, and what they're doing with it is shooting a quick note over to a client or a fund manager asking them a question, or vice versa," he said. "I see it starting to take the place of e-mail. It's so much faster and quicker and with e-mail it may take five minutes to get back to somebody, depending on where it's going. With IM, you can see immediately if someone is online and you can hit them right now. That, I think, speaks to our whole industry. Time is of the essence if you're doing a trade and need a quick response."

The company has eight Bloomberg terminals, which the traders use for some IM communication. Besides that, the biggest IM usage is through the AOL IM client. Some employees also use the MSN and Yahoo! instant message clients.

Liker is more concerned that users can exchange files on IM-files which aren't scanned for viruses as e-mail attachments are. The products he's considering, including Facetime and IMlogic as well as his current favorite, Akonix Systems, all do some kind of file scanning. Akonix adds an extra security enforcement tool.

Whichever system he decides on, Liker will be keeping an eye on how it actually works in practice, because users don't always like to be watched. "If they can find a way around it, they will," he said. "I would say that's a huge concern, and coming from a compliance perspective or legal perspective, that just wouldn't fly."

Burlington Capital Markets chose a third approach to capturing IM traffic a few weeks ago, using a desktop-based application to monitor IM traffic at the employee's computer. One challenge here is that a company has to install the monitoring program on each computer. In addition, it's a new technology and currently only IM-Age Software, a Houston-based start-up, takes this approach, though other vendors may soon follow.

However, one of the best features of desktop-based products-that they are able to do instant and easy encryption of any IM message-can cause problems for other companies that use a gateway-based archiving system that can't read those messages.

"I think the market seems to be trending toward a gateway-based solution to avoid that type of problem," said Christopher Saunders, managing editor at InstantMessagingPlanet, a publication of Darien, Conn.-based Jupitermedia Corp. "But it is too early to say definitively. The IM space wants to be open, and that's one of the reasons why you're seeing pressure being put on the providers to make their systems interoperable. A company is going to use an IM system that allows them to communicate with the widest possible pool of customers."

The way the IM-Age product works is that the desktop-based client checks regularly with the corporate server to upload archived messages, to verify if the employee is still allowed to use IM and how, and to send alerts about the contents of the messages, such as when an inappropriate phrase is used.

To make the Big Brother-ish aspect more palatable to users, the product also offers some extra tools to make their IM experience easier, including user-defined buttons that can do everything from turning on encryption to sending a copy of the entire conversation to oneself or a colleague in an e-mail.

In addition, users can get access to old IM conversations. "If a client comes back and has some sort of problem, you can go back and bring up the instant message information," Vangopoulos said. As a result, she doesn't mind having the product, she said.

"It makes sense," she said. "In our industry, a lot of trades are negotiated with instant messages. You need some sort of method to track what happened in case there was a discrepancy."

She has become more careful about what she says online, though, since the oversight started. And if she forgets, there's a constant reminder. "When you type an instant message a disclaimer appears, stating that the firm is monitoring the conversation," she said.