Shield adds Copilot & image text surveillance tools

Shield has added a native connector for Microsoft 365 Copilot and optical character recognition text extraction for image-based content to its communications surveillance platform. The move extends monitoring into two areas that compliance teams in financial services have struggled to supervise.

The new connector captures employee prompts and AI responses generated through Microsoft 365 Copilot and routes them into Shield's existing archive, search, case management, surveillance and export workflows. The image tool extracts text from screenshots, scanned documents and photos so the material can be indexed, searched and reviewed in the same system.

The additions address a growing gap between the spread of new workplace tools and the reach of compliance controls in banks and other regulated firms. Microsoft 365 Copilot has been widely adopted across large companies, including major financial institutions, yet many firms still do not archive or supervise those exchanges as part of their standard recordkeeping processes.

Copilot interactions are processed end to end in under 24 hours, with metadata retained for audit and investigation. The connector is built into Shield's existing platform rather than requiring separate tools or extra process steps for compliance teams.

Regulatory pressure

Recordkeeping rules in the United States, the United Kingdom and the European Union have increasingly focused on the need to capture business communications regardless of the channel used. That has put pressure on firms to monitor not only email and messaging platforms but also newer forms of digital communication embedded in day-to-day workflows.

Under FINRA Rule 4511 and guidance in the regulator's 2026 Oversight Report, firms are expected to retain business-related communications in a way that allows supervision and retrieval. In the UK and in European markets where the Market Abuse Regulation applies, expectations are similar, with authorities signalling that unmonitored communications can expose firms to conduct and recordkeeping risks.

The challenge has widened as staff increasingly share information through images rather than plain text. Screenshots, photographs of printed documents and scanned files are commonplace in internal and external communications, but the text within those images has often remained outside automated surveillance processes.

That has left investigators and compliance officers relying on manual review in many cases. By pulling text from images and placing triggered terms directly below each image, Shield aims to make that content searchable for investigations and e-discovery without separating it from the wider communications record.

Coverage gaps

Industry data cited by Shield points to the strain on compliance teams as communication channels multiply. A benchmarking report from 1LoD found that 67 per cent of banks said applying surveillance across multiple communication channels was already a major challenge, while 22 per cent of firms monitored more than 30 channels, up from 14 per cent two years earlier.

That trend helps explain why vendors serving regulated industries are pushing to extend surveillance beyond traditional formats. AI-generated interactions and image-based exchanges have become harder to treat as edge cases as they move into everyday use across front-office, middle-office and support functions.

The OCR feature was validated through prototype testing with multiple customers. Both additions are natively embedded in the existing platform, allowing firms to apply the same compliance controls they use for other communication channels.

Shield focuses on communications surveillance for financial services, a sector where regulators have issued repeated penalties over failures to preserve and supervise electronic communications. Those enforcement actions have driven spending on archiving and monitoring systems, but the arrival of generative AI assistants has added another layer of complexity for firms trying to keep pace.

A central question for banks has been whether an employee's exchange with an AI assistant forms part of the business record when it informs decisions, drafts client material or shapes internal analysis. Regulators have increasingly indicated that the answer depends less on the technology involved than on the business purpose of the communication.

Image-based communication presents a similar issue. If a screenshot or photograph contains substantive business information, compliance teams may need to treat it no differently from a chat message or email body, even if the content is harder for machines to inspect without text extraction.

One Shield executive framed the additions as a response to that shift in how work is recorded. "Comprehensive surveillance has always meant capturing everything material to business conduct. But what counts as material is changing - AI-assisted conversations and image-based content are now part of daily workflows at every major financial institution," said Tamar Sharir Beiser, Chief Product Officer, Shield.

"Shield's role is to ensure that as communication evolves, the compliance infrastructure around it evolves too, so firms are never in a position where their governance framework is trailing their technology adoption," said Beiser.