The true cost of digital compliance underpinned by legacy tech

Nicola Cowburn
Nicola Cowburn
January 4, 2017


You wouldn’t believe how many organizations still rely on technology designed for e-commerce customer struggle analytics to satisfy regulatory compliance. Many such systems (Tealeaf being one of the most widely used) are great at what they do, but they are not compliant in highly regulated sectors, like financial services.

If your firm is using the “wrong” kind of technology for compliance it could prove costly.

The ultimate cost of a compliance or conduct risk breach

Sally Quillian Yates, deputy attorney general at the U.S. Department of Justice, said, “One of the most effective ways to combat corporate misconduct is by seeking accountability from the individuals who perpetrated the wrongdoing.”

Compliance and risk just got personal! With sanctions for non-compliance ranging from hefty fines to incarceration, there has never been more senior executive focus on compliant digital record-keeping.

The technology underlying all systems designed for e-commerce customer analytics (affectionately known as “TCP-IP sniffing”) is not capable of 100% capture – so it is inherently non-compliant. E-commerce struggle analytics do not require 100% capture, because focus lies on assessing aggregated (often anonymous) behavioral trends, rather than building an indisputable audit trail. But if you are capturing only 84% of customer interactions, and the one that could send you to jail is in the missing 16%, you are in quicksand.

Time and $$$ wasted searching and fixing

Force fitting an e-commerce analytics system into a compliance environment has hard-dollar consequences.

  • Implementation is costly, lengthy and pointless. Even if your firm has several million dollars to fund a vendor and an army of consultants for many months, while they try to make your analytics solution fit for purpose, its technical limitations will prevent you from ever being able to prove exactly what every customer saw, to the satisfaction of the regulator.
  • e-Discovery can take days or weeks. The cost of finding or recreating anything that happened online can spiral, while IT attempts to decipher a multitude of back-end data and log files, extracted from multiple systems.
  • Maintenance costs are high and escalating over time. If several dedicated staff members are required for ongoing maintenance and updates, when there are next generation alternatives that require none, you are spending unnecessarily.
  • Every release of your website breaks your recording and replay capability. The need to fix systems like Tealeaf, every time a website change occurs, has spawned an entire high-cost consultancy eco-system that is feasting on the technical failings of e-commerce analytics solutions.
  • Lack of agility will cost you, in an ever-changing world. Agility and legacy technology rarely feature in the same sentence. Whether you are grappling with the implications of Brexit or Trump, or simply looking ahead to a time when you will have no option but to record social and mobile interactions, lack of agility impacts profitability and growth.

The unthinkable compromise: security vs. compliance

The technique used by e-commerce analytics solutions to record customer struggle is known as a “man-in-the-middle” attack or “active eavesdropping”. Essentially, it is the same technique used by hackers to intercept traffic and perform network assaults. Most IT teams have security safeguards (like Diffie Hellman) in place to detect, sabotage and prevent such attacks.

When using a system like Tealeaf, the legitimate use of this technique to capture data for compliance purposes represents one big risk and security migraine for IT.
The only way to maximize data capture is to lower your guard, and allow free-flow traffic capture. This high-risk strategy weakens security and increases the risk of malicious traffic slipping through unnoticed.

Having to choose between security and compliance puts you between a rock and a hard place.

Next steps?

Why leave compliance to chance, simply because your e-commerce analytics solution is not up to the job of compliance?

Get your free white paper now “Think you have digital compliance covered? Think again.”

Learn how to create a fully-compliant digital business, which will make the regulator smile and ensure your senior executives sleep well at night.

Let us update you

We promise not to spam you, or give your contact details to anyone else. We will simply update you from time to time, when we have relevant news to share.