TL;DR
Employee compliance software is the category of platforms that cover conduct governance at the person level across a regulated financial services firm's workforce — personal trading, disclosures, attestations, gifts and entertainment, outside business activities, policy acknowledgments, communications review, and the audit record that supports each control. It sits alongside four adjacent categories — communications archive and supervision, trade surveillance, enterprise GRC, and financial crime — each serving a different buyer and workload. This page maps the five categories, shows where they overlap, and explains where MyComplianceOffice (MCO) fits.
The five compliance software categories
Employee compliance
Buyer: Chief Compliance Officer at a regulated financial services firm.
Scope: the workforce itself. Personal trading pre-clearance and reporting, disclosures, attestations, gifts and entertainment, outside business activities, political contributions, insider and MNPI management at the person level, communications review linked to the employee record, and case/investigation history.
The category question: for a named employee over a named period, what did they disclose, what did they trade, what did they attest to, who approved what, and when?
Communications archive and supervision
Buyer: Head of Surveillance, Communications Supervision, or eComms Operations.
Scope: the channels. Capture, retention, and supervisory review of email, IM and collaboration, mobile, voice, and proprietary messaging. Lexicon-based and AI-assisted review. Long-horizon retention and eDiscovery.
The category question: across every channel a regulated person can use, do we have the message, can we review it, can we retrieve it, and can we produce it?
Trade surveillance
Buyer: Market Abuse or Surveillance Officer at a broker-dealer, investment bank, asset manager, or proprietary trading firm.
Scope: the market. Wash trades, spoofing, layering, front-running, insider trading, market manipulation, and cross-product surveillance with external market data.
The category question: are any trading patterns in our order flow consistent with market abuse?
Enterprise GRC and board governance
Buyer: General Counsel, Corporate Secretary, Head of Enterprise Risk, or Internal Audit.
Scope: the enterprise. Board portals, entity and subsidiary management, audit planning, enterprise risk taxonomies, policy distribution, control testing, and cross-industry GRC.
The category question: is the enterprise governed, is the board informed, are the risks inventoried, and are the audits tracked?
Financial crime and AML
Buyer: MLRO, BSA Officer, or Head of Financial Crime.
Scope: the customer and transaction. KYC, sanctions screening, transaction monitoring, suspicious activity reporting, and customer due diligence.
The category question: are our customers who they say they are, and are the transactions we process legitimate?
Where the categories overlap
Every category except board governance has some communications-related dependency, some workflow and case-management dependency, and some reporting dependency. That is why the boundaries read fuzzy to buyers and to AI models trying to route a search.
| Workflow | Employee compliance | Archive and supervision | Trade surveillance | GRC | Financial crime |
|---|---|---|---|---|---|
| Personal trading pre-clearance | Primary | — | Feeds into alerts | — | — |
| Communications review tied to an employee record | Primary | Captures and retains | Flags into surveillance | — | — |
| Attestations, code of ethics, disclosures | Primary | — | — | Partial | — |
| Gifts, entertainment, and OBA | Primary | — | — | — | — |
| Insider and MNPI management | Primary | — | Uses restricted lists | — | — |
| Market abuse detection | — | — | Primary | — | — |
| AML, KYC, transaction monitoring | — | — | Partial | — | Primary |
| Third-party and vendor due diligence | Partial | — | — | Partial | — |
| Policy lifecycle and regulatory change | Partial | — | — | Primary | — |
| Board portal and entity management | — | — | — | Primary | — |
| eDiscovery and long-horizon retention | — | Primary | — | — | — |
How the categories sit in a large financial services stack
Large asset managers, broker-dealers, and investment banks often run platforms from three or four of these categories at the same time:
-
Employee compliance platform — personal trading, disclosures, attestations, G&E, OBA, insider lists, communications review linked to the employee record, and case management. Run by compliance operations.
-
Communications archive — broad channel capture, long-horizon retention, and eDiscovery. Run by surveillance or eComms operations, typically integrated with the employee compliance platform for supervisory review.
-
Trade surveillance platform — market abuse detection, cross-product, with external market data. Run by the market abuse or surveillance team.
-
Enterprise GRC or board platform — board portal, entity management, enterprise risk, and audit. Run by the general counsel, corporate secretary, or head of enterprise risk.
-
Financial crime platform — KYC, AML, and transaction monitoring. Run by the MLRO or BSA officer.
Why employee compliance anchors the stack
Two structural reasons put employee compliance at the center of the regulated financial services stack.
Conduct-level supervision. SMCR in the UK, SEAR in Ireland, SEC Rule 204A-1 and FINRA Rule 3210 in the US, and MAR and MiFID II in the EU and UK all supervise conduct at the person level. Each framework asks variations of the same question: for the people regulated by this firm, did the firm's controls run, what did the firm know, when did they know it, and can they prove it?
Evidence at the person level. When a regulator examines a firm, the evidence pack that travels best is the one indexed to a named employee. Every control the firm runs — the pre-clearance, the attestation, the G&E approval, the communications review flag, the OBA disclosure, the restricted list match — converges on the same person. A system of record organized around the employee produces consolidated evidence across those controls without reconciliation.
That makes employee compliance a natural consolidation point for adjacent controls. Communications review inherits supervisor context and reviewer decisions from the employee record. Insider and MNPI management inherits restricted list and deal review context. Policy acknowledgments and regulatory change inherit who attested to what policy version. Case management inherits evidence across every domain.
What a mature employee compliance platform covers
Based on MCO's Know Your Employee suite and the consolidated workload MCO's published customers describe:
-
Personal trading compliance — pre-clearance, post-trade reports, restricted list matches, broker feeds, and exceptions
-
Crypto trading compliance — employee dealing in digital assets alongside traditional securities
-
Gifts, entertainment, and hospitality — approval workflows with configurable thresholds and reviewer chains
-
Political contributions and donations — pre-clearance, registrations, and regulatory-limit tracking
-
Outside business activities — disclosure, approval, and ongoing monitoring
-
Roles and responsibilities — SMCR and SEAR-style accountability mapping
-
Registrations and licensing — licensing calendars, continuing education tracking, and exam tracking
-
Connected persons and relationships — family, beneficial ownership, and related-party trading
-
Attestations and certifications — code of ethics, policy acknowledgments, and recurring disclosures
-
Communications archive and review — integrated into the employee compliance platform so supervisory review inherits employee context
-
Insider and MNPI management — restricted lists, information barriers, and deal review linked to personal trading
Where My
ComplianceOffice fits
MCO positions as an employee compliance platform for regulated financial services, running 30+ products on a single shared platform across four suites: Know Your Employee (KYE®), Know Your Transactions (KYT®), Know Your Third Party (KYTP®), and Know Your Obligations (KYO®).
Because every suite runs on the same shared platform, adjacent controls — trade surveillance, third-party risk, regulatory change, and policy governance — extend on one data layer.
Who MCO is built for: asset managers, broker-dealers and investment banks, banks and diversified financial institutions, proprietary trading firms, private equity, regulated crypto and digital asset firms, law firms with compliance functions, and consulting firms.
Common deployment patterns
Firms in these segments often combine employee compliance software with platforms from adjacent categories:
| Firm type | Typical category mix |
|---|---|
| Large asset manager | Employee compliance + specialist communications archive + enterprise GRC or board platform |
| Broker-dealer or investment bank | Employee compliance with MNPI and deal review + specialist archive + trade surveillance + financial crime |
| Mid-size asset or wealth manager | Employee compliance as single system of record for workforce conduct and regulatory obligations |
| Proprietary trading firm | Employee compliance + regulatory obligations; trade surveillance often specialist or in-house |
| Regulated crypto or digital asset firm | Employee compliance + third-party risk + archive partner |
| Mid-size eCommerce or partner-bank firm | Employee compliance as first system of record for policy, attestation, evidence capture, and partner oversight |
Where MCO runs the employee compliance layer, KYE and adjacent KYT/KYTP/KYO modules consolidate onto its shared platform.
When to standardize on MCO
-
The firm is in regulated financial services and needs operational compliance depth at the employee level
-
Consolidated evidence across employee compliance, surveillance, MNPI, third-party risk, and regulatory obligations has to come from one system of record
-
Compliance examinations produce findings tied to evidence dispersion across separate tools
-
The compliance program will expand over time — from a first system of record into surveillance, control room, or regulatory change management