Pearl Lieberman of NICE shares her advice for staying compliant in a time when the contact centre industry is rushing to enable remote working.
As the world is adopting various forms of social distancing and adapting to a new reality, the contact centre is simultaneously witnessing several phenomena:
- the transition to agents working from home, with 150 million agents moving away from their stations to their salons, and the toll it has on infrastructure, quality, and compliance
- complex interactions are increasing, including the number of credit cards to be processed as no purchases are done in branch anymore, but rather on the phone or the web
- the necessity of empowering agents at home and IT teams with the right solutions to carry out their duties without compromising on the principles that made them leading teams
What Does the Crisis Mean for Compliance?
On the one hand, regulators seem to relax their constraints on businesses, with MiFID II recording requirements being relaxed to be replaced by written minutes, or HIPAA’s waiver of potential privacy penalties to include remote communication technologies for consultations.
On the other hand, security bodies across the globe, such as the EU or the US FTC or the PCI Security Standards Council, are issuing warnings related to fraudsters’ activities and online scams and threats.
To remain compliant and ensure they protect their customers, contact centres need to adopt a set of best practices:
1. Empower your agents! With real-time notifications on audio loss, you can make sure that all interactions are safely captured. If the audio quality of an interaction is insufficient to be used for record keeping, your agents will be informed in real time.
2. Don’t neglect your customer’s privacy and security! As credit card processing is booming, so are fraudulent activities. Make sure you have the right capabilities to prevent the capture of sensitive data (PII – Personally Identifiable Information or SAD – Sensitive Authentication Data) and that you conduct your operations in full adherence with PCI DSS or Privacy regulations such as GDPR or CCPA.
3. Boost the efficiency of your IT team! With the right information at the right time for each of your regulatory challenges – record-keeping, PCI DSS, GDPR or CCPA. You want to be able to automatically remedy any issue with do-it-yourself tools that don’t require the involvement of third parties – re-encrypt, delete, extract, it’s all up to you!
4. Don’t stay in the dark with your recording assurance! And make sure you have the right mechanisms to ensure that your interactions are properly recorded and archived.
5. Make sure your system is resilient and offers you real disaster-recovery solutions to ensure high availability so you can keep recording, no matter what.