Why Banks Are Using Document Management Solutions to Manage Subpoenas

Financial institutions are turning to SaaS platforms they’re already using to save time, money and mitigate legal risk in the subpoena response process.


21 September 2018

Why Banks Are Using Document Management Solutions to Manage Subpoenas

“The dark cloud of subpoena non-compliance looms heavy with its potential for criminal and civil penalties, data loss, data privacy violations and bad press. But banks utilizing existing SaaS collaboration solutions for subpoena response are seeing the light by moving from a manual, time-consuming, risk-prone process to a bank-proven, streamlined, encrypted method that is fully auditable.”

Hopefully you haven’t had to spend much time dealing with subpoenas. As custodians of the nation’s financial records, however, banks deal with hundreds of third-party document subpoenas daily.

What exactly is a subpoena, you ask? A subpoena is a writ — a written command from a court or other legal authority — to compel testimony by a witness or production of evidence. The Latin roots of the word, sub poena, literally mean "under penalty." A person who receives a subpoena but does not comply is in contempt of court and could be subject to civil or criminal penalties, such as fines, jail time or both. ROI in this instance takes on new meaning — risk of incarceration. 

For banks, most third-party subpoenas are for customer financial records — third-party meaning the bank customer is a party to the litigation, but the bank is not. 

Responding to third-party document subpoenas for financial records is a compliance perfect storm. There are high volumes of requests, short deadlines, PII-filled documents, multiple jurisdictions, combinations of regulations that will apply depending on the jurisdiction, severe penalties and high potential for bad press if things go wrong. 

Avoiding costs and reducing risk

The current bank-response process of sending paper or CDs via USPS Restricted Service (designed for confidential legal documents), or in some cases attaching responses to an email, is time consuming, not secure, expensive and inadequate in addressing non-compliance risk. USPS Restricted Service is $5 per letter. For the average top-tier bank, issuing 10,000 responses per month, that’s $600,000 in postal fees annually. Add to that the costs and risks associated with gathering documents, stuffing envelopes, tracking responses, delays and lost letters, and you can understand why improving the subpoena response process is a high priority. 

So, how are top bank compliance and legal teams addressing this perfect storm? They are looking inward at existing capabilities. 

Banks already employ ultra-secure Software as a Service (SaaS) document collaboration and distribution solutions, like Intralinks, for highly regulated use cases such as customer onboarding, M&A due diligence, wealth management, anti-money laundering and others. These use cases require document aggregation and dissemination, intuitive web interfaces, granular permission management, document encryption and access reporting, all of which are identical to the requirements for subpoena response. This makes it a simple matter of configuration to add the subpoena response process to the regulated use cases already supported by a bank’s SaaS collaboration solution. 

The dark cloud of subpoena non-compliance looms heavy with its potential for criminal and civil penalties, data loss, data privacy violations and bad press. But banks utilizing existing SaaS collaboration solutions for subpoena response are seeing the light by moving from a manual, time-consuming, risk-prone process to a bank-proven, streamlined, encrypted method that is fully auditable. For banks that need to respond to hundreds of third-party document subpoena requests daily, mitigating ROI (risk of incarceration) is a good thing.
 



Dominic Brown

Dominic Brown

Field CTO at Intralinks

Dominic Brown is a Field CTO at Intralinks in Waltham, MA. Dominic employs his 15 years of compliance and IT experience, along with Intralinks’ unique technology, to help organizations address challenges with sharing, distributing, and collecting highly confidential data. Dominic helps organizations understand and change internal procedures to deploy technology solutions that dramatically reduce the risk and expense associated with secure data exchanges. He has spent his career working with the Fortune 1,000 and North America’s largest government agencies.