Reducing Code of Conduct and Regulatory Compliance Violation Risks
Published May 12 2021 02:00 PM 5,264 Views

Over the past year, the shift to remote and hybrid work has meant our customers have navigated a digital transformation in the span of a few weeks or even days. This new work environment can be disorienting for employees while they navigate a blended environment of work and home and challenging for employers to support participation in a positive company culture across a distributed workforce. Maintaining a positive company culture while reducing risk has become both more critical, and more challenging to ensure a positive, safe culture where engaged employees can thrive.


With the rapid transformation to remote and hybrid work environments, the number of communications sent over digital communication platforms has grown exponentially. In fact, our recent Work Trend Index showed that between February 2020 and February 2021, the average Microsoft Teams user sent 45 percent more chats per week and 42 percent more chats per person after hours, with chats per week still on the rise.


While organizations seek out emerging technology to empower employees to do their best work in this environment, they also need to manage risk in communications to protect company assets and flag sharing of concerning content such as adult imagery or threatening language. Communication Compliance helps organizations detect these types of code of conduct violations as well as regulatory compliance requirements within company communications, with as little disruption possible to the business. 


Today, we are excited to announce new capabilities that further enrich the solution’s integration with Microsoft Teams, intelligence, visibility, and reporting capabilities, while continuing our commitment to end-user privacy. For all the new features highlighted below, we have built strong safeguards and controls into the solution by default, such as pseudonymization, rules-based access control, admin explicit opt-in of users, and audit trails. 


Deeper Microsoft Teams integration 

As Microsoft Teams continues to elevate as a collaboration and teamwork platform, organizations need to respond to communicate risks effectively and quickly. To meet this need, we have made several Microsoft Teams investments to further integrate Communication Compliance capabilities. In this release, Communication Compliance will now provide policy investigators with additional Teams conversation context so that they can better assess whether a communication presents a potential violation. With this feature, policy reviewers will no longer have to search for additional context elsewhere and instead will see the messages before and after the one that matched the policy condition. Additionally, Communication Compliance can help organizations detect regulatory compliance and code of conduct violations in Adaptive Card content generated through apps in Teams. 


Globalization and expanded visibility 

To expand the ability to detect policy violations in communications beyond English, Communication Compliance now enables customers to detect potential compliance issues in French, Spanish, German, Portuguese, Italian, Japanese, and Chinese. And by leveraging Microsoft Translate, message content in a policy violation will be automatically translated to the policy reviewer’s preferred language when the message is in another language. 


Additionally, we are introducing the ability for customers to detect compliance violations in images by extracting printed or handwritten text using Azure’s Computer Vision Optical Character Recognition (OCR). With OCR, text extracted from images or PDF will then be evaluated against the customer’s policy conditions (such as keywords matches for threatening language), further reducing an organization’s policy violation risk.


[Selection of optical character recognition to extract printed or handwritten text from images][Selection of optical character recognition to extract printed or handwritten text from images]

New communication risk detection templates and enhanced intelligence 

Many of our customers have compliance requirements to ensure there is no sharing of information that could lead to a conflict of interest between different departments or groups of employees. For example, in the financial services industry, various regulations require organizations to build information safeguards so that there is no sharing of findings, output, or research across sales and trading departments. To detect potential conflicts of interest, we introduced a new template in Communication Compliance that customers can leverage to identify compliance issues in communications between two groups of users within their organization that could potentially lead to a conflict of interest.


[Policy setup for conflicts of interest template][Policy setup for conflicts of interest template]

And in 2020, conversations around diversity, equity, and inclusion took center stage. We at Microsoft denounce injustice, racism, and discrimination. To detect and triage explicit discriminatory messages, we have enhanced our existing offensive language template to enable customers to detect potentially discriminating comments, supporting our customers in building more inclusive workplaces.


Advanced reporting and storage capabilities 

We have enhanced the solution’s reporting capabilities with the introduction of the Sensitive information type flagging report, which provides customers with a breakdown of how many hits each sensitive information type receives by location.


With remote and hybrid work came an increased volume of digital messages, which has put customers at risk of exhausting their policy mailbox quota. To address this challenge, Communication Compliance shows and alerts customers when their storage consumption is reaching capacity. And from there, customers can now pause a policy from further evaluations of communications or clone the policy to continue detecting the policy scenario with renewed capacity.


Tune in to our podcast: Uncovering Hidden Risks 

We have partnered with some of the top experts and thought leaders in the insider risk space who have a deep understanding of the challenges organizations face and the people, processes, and technology being used to address insider risks. Tune in to our podcast series Uncovering Hidden Risks, where we deep dive on topics like signal indicators, machine learning, and sentiment analysis.




Get Started 

These new features in Communication Compliance have already rolled out or will start rolling out to customer’s tenants in the coming weeks. Communication Compliance is part of a broader set of Insider Risk Management solutions that help organizations mitigate insider risks and policy violations in Microsoft 365 E5. The solution is also generally available across government clouds, supported in GCC, GCC-High, and DoD tenants.


You can sign up for a trial of Microsoft 365 E5 or navigate to the Microsoft 365 Compliance Center to get started today. 

Learn more about what’s new with Communication Compliance and how to get started and configure policies in your tenant in this supporting documentation. We look forward to hearing your feedback.


Thank you, 

@liz Willets, Product Marketing Manager, Microsoft 365 Security and Compliance Marketing 

@Christophe Fiessinger, Principal Program Manager, Microsoft 365 Security and Compliance Engineering 

Version history
Last update:
‎Sep 12 2022 11:00 AM
Updated by: