Compliance

Voice AI and MiFID II Call Recording for Investment Firms

Dilr Voice is enterprise voice AI built for regulated deployments, including investment firms bound by MiFID II Article 16(7) and FCA SYSC 10A. When an AI agent handles a call that may result in an order, recording, tamper-evident storage and five-year retention obligations attach immediately, and a transcript alone will not satisfy them.

DILR.AI ENGINEERING Voice AI and MiFID II call recording The record-keeping obligations that attach the moment an AI agent takes an order call RETENTION FLOOR 5 years up to 7 on regulator request STORAGE TEST Unalterable replayable, copyable, tamper-evident UK RULE SET SYSC 10A FCA Handbook, rules 10A.1.6 to 10A.1.8

Most enterprise voice AI compliance writing is about data protection. Consent, lawful basis, retention minimisation, the right to be forgotten. For an investment firm, that framing is not wrong, but it is dangerously incomplete. The moment an AI voice agent picks up a call that relates to the reception, transmission or execution of a client order, a completely different body of law attaches: capital markets record-keeping. It does not ask you to minimise the data. It orders you to capture it, store it in a form nobody can alter, and hand it to the regulator up to seven years later.

That distinction matters more every quarter, because the buy side has stopped experimenting. A SimCorp study of 200 asset managers, pension funds and insurers, conducted with WBR Insights and published in January 2026, found that 70% of buy-side firms now successfully use AI to support the front office, against roughly 10% who were merely exploring the tools a year earlier. That is not a pilot curve. That is a deployment curve, and it is running well ahead of the record-keeping architecture underneath it.

The gap is predictable. McKinsey's State of AI (November 2025) reports that while 88% of enterprises now use AI somewhere, only 33% have scaled it into production and just 6% are AI-mature. Record-keeping obligations do not bite in the demo. They bite at exactly the point most programmes are now arriving.

This guide is shipped by the team behind Dilr Voice, enterprise voice AI built for regulated deployments. Or see DATS, our five-stage AI consulting system.

What Does MiFID II Article 16(7) Require When a Voice AI Agent Takes the Call?

Article 16(7) of MiFID II requires an investment firm to record telephone conversations and electronic communications relating to dealing on own account and to client order services covering the reception, transmission and execution of orders. Crucially, the obligation extends to conversations intended to result in such transactions even when no transaction follows. A voice AI agent handling those calls inherits the obligation in full, and Dilr Voice treats capture as a deployment precondition rather than a configuration option.

Read the text of Article 16(7) on legislation.gov.uk closely and four operative duties fall out, each landing directly on a voice AI deployment.

First, the firm must take all reasonable steps to record relevant conversations made with, sent from or received by equipment the firm provides or permits. An AI agent running on firm-controlled telephony is unambiguously permitted equipment.

Second, clients must be notified in advance. Article 16(7) is blunt: a firm shall not provide investment services by telephone to clients who have not been notified in advance about the recording of their conversations, where those services relate to the reception, transmission and execution of orders. The notification may be given once, before services begin. This is a different test from GDPR consent, and firms that have built only a consent flow have not satisfied it. We covered the consent side separately in our guide to multi-jurisdiction call recording consent.

Third, orders may be placed through other channels, but those communications must be captured in a durable medium. This is where AI-driven channel expansion gets firms into trouble.

Fourth, the records must be provided to the client on request, and kept for five years, extending to seven where the regulator asks.

Nothing in that list contains an exemption for automation. The rule is drafted around the conversation, not the participant.

Which FCA Rules Apply to AI Voice Calls in UK Investment Firms?

In the United Kingdom, MiFID II recording obligations sit in the FCA Handbook at SYSC 10A, not in COBS. The core recording duties are rules SYSC 10A.1.6 to 10A.1.8, with further rules at 10A.1.11 to 10A.1.14. This is the most common citation error in AI governance papers written by voice vendors, and getting it wrong signals to a compliance officer that the vendor has never been through a UK investment firm's control testing.

The onshored MiFID Organisational Regulation, Article 76 confirms the mapping directly: it defines the recording policy by reference to rules 10A.1.6 to 10A.1.8 and 10A.1.11 to 10A.1.14 of the Senior Management Arrangements, Systems and Controls sourcebook. If a vendor's compliance annex cites COBS 10A, it was written from memory rather than from the Handbook.

Article 76 also carries the obligations that most reliably break a naive voice AI rollout.

Article 76 dutyWhat it means for a voice AI deployment
76(1) Written recording policyThe AI channel must be named in the policy, not bolted on afterwards
76(2) Management body oversightThe board, not the platform team, owns the recording control
76(3) Technology-neutral, periodically re-evaluatedAdding an AI voice channel should trigger a fresh recording assessment
76(4) Register of approved devicesThe AI agent and its telephony path must be an approved, recorded endpoint
76(6) Risk-based periodic monitoringSomeone must sample AI calls against the recording obligation
76(10) Durable, unalterable storageRules out any store the vendor can silently overwrite

Article 76(3) is the sleeper clause, and it is worth being precise about why, because the loose version of this argument does not survive contact with a good compliance officer. The rule does two things. It requires firms to evaluate the effectiveness of their recording policies and procedures periodically and to adopt any additional measures that are necessary and appropriate. And it says that, at a minimum, such adoption must occur when a new medium of communication is accepted or permitted for use by the firm.

You could argue about whether an AI agent is a new medium at all. If it answers the firm's existing, already-recorded telephone lines, the channel has not changed; the participant has. That argument is available, and a careful firm should expect to have it. What the argument does not do is get anyone off the hook, because the periodic re-evaluation duty in the first limb applies regardless of how the second limb is read. Introducing an AI voice channel is exactly the kind of change that makes a recording assessment necessary and appropriate, so a firm that deploys one without re-running that assessment is exposed on the standing duty even if the new-medium limb never fires. That is a governance failure of exactly the kind we mapped in our FCA AI governance guide, and it compounds with the FCA code of conduct extension landing in September 2026.

The same diagnostic logic underpins our AI placement diagnostic, a fixed-fee assessment used before any deployment commitment, and recording architecture is the first control we test in regulated telephony.

Is a Voice AI Transcript a Recording Under MiFID II?

No. A transcript is a derived text artefact, whereas the record MiFID II demands is the communication itself, stored in a durable medium that can be replayed or copied and that cannot be altered or deleted. Many voice AI platforms retain a transcript while discarding or short-cycling the audio, because audio is the expensive object. For an investment firm, Dilr Voice treats that architecture as a hard fail, because the cheap artefact is not the regulated one.

The controlling text is unambiguous. Article 76(10) of Commission Delegated Regulation (EU) 2017/565 states:

"Records shall be stored in a durable medium, which allows them to be replayed or copied and must be retained in a format that does not allow the original record to be altered or deleted."

Three words in that sentence do the work. Replayed rules out transcript-only retention, because you cannot replay a transcript. Copied requires exportability, which rules out a vendor store you cannot extract from at contract end. And a format that does not allow the original to be altered or deleted rules out any pipeline where the AI platform can regenerate, re-run or overwrite the stored object.

That last point deserves emphasis, because it is where voice AI diverges sharply from a legacy call recorder. AI pipelines are built to be re-run. Models get upgraded, prompts get tuned, and platforms happily re-transcribe historical audio against a new model. If re-running the pipeline mutates the stored record, the storage layer fails Article 76(10) even though the audio still exists. The fix is architectural and boring: write the audio once, to a write-once store, with an integrity hash, and treat every AI-derived artefact as a separate versioned object that references the immutable original rather than replacing it.

How Long Must Investment Firms Keep Voice AI Call Recordings?

Five years from the date of the recording, extending to up to seven years where the competent authority requests it. Under Article 76(8) of the MiFID Organisational Regulation, firms must also tell clients, before providing order-related services, that a copy of the recording will be available on request for that same five-year period. For a voice AI programme this sets a floor that overrides ordinary data-minimisation instincts, and it is the clock Dilr Voice provisions against in investment-firm deployments.

This is where record-keeping law and data protection law collide, and where many voice AI programmes have quietly built a contradiction into their own policies. The GDPR instinct, which we set out in our voice AI data retention guide, is to delete early and hold nothing longer than necessary. The MiFID instinct is to hold for five years regardless. Both are correct, for different data, and the resolution is a per-category retention schedule rather than a single platform-wide setting.

A caller exercising a right to erasure does not automatically defeat the MiFID clock. Where a recording is held under a legal obligation, the firm has a lawful basis to refuse erasure for that category, but it must document the refusal and scope it narrowly. Getting this wrong in either direction is expensive: delete the order call and you breach SYSC 10A; retain the unrelated marketing call for five years and you breach the UK GDPR storage limitation principle. The same tension appears when a client submits a subject access request, which we handled in detail for call recordings and DSARs.

Most AI programmes meet record-keeping law at the production step
88%Use AI71%Gen-AI wkly33%In prod14%EBIT impact6%AI-mature
Only a third of enterprises reach production, which is precisely where MiFID recording obligations attach. Source: McKinsey, The State of AI (Nov 2025)

Do AI-Generated Summaries and Intent Labels Count as Records?

They are not a substitute for the recording, but they are almost certainly records in their own right, and they carry a second obligation the audio does not. ESMA expects investment firms to keep records documenting how AI is used, including decision-making processes, data sources and algorithms. A Dilr Voice deployment in an investment firm therefore produces two distinct record classes: the regulated communication, and the auditable evidence of what the AI did with it.

The ESMA public statement on AI and investment services is explicit that client communications about AI use must be clear, fair and non-misleading, that firms should be transparent about the role AI plays in decision-making, and that AI-driven client interactions such as chatbots and automated systems require disclosure. It also expects firms to maintain records covering AI deployment, the data sources used, the algorithms implemented and any modifications made over time.

Practically, the AI-derived layer needs its own treatment.

  • Summaries and call notes. If a summary informs a suitability assessment or an order, it is part of the audit trail and must be versioned against the model that produced it.
  • Intent and sentiment labels. These become surveillance inputs. If the firm uses them to triage calls for review, the labelling model becomes part of the market-abuse control and must be evidenced.
  • Model changes. ESMA asks for a record of modifications over time. A silent model upgrade that changes summarisation behaviour is a change to a regulated control.
  • Disclosure. Under the EU AI Act, Article 50(1) provides that "Providers shall ensure that AI systems intended to interact directly with natural persons are designed and developed in such a way that the natural persons concerned are informed that they are interacting with an AI system", with obligations applying from 2 August 2026.

The trap is treating the AI layer as analytics rather than as regulated output. Analytics can be regenerated at will. A record cannot.

The record-keeping chain for an AI-handled investment call
01Pre-call notificationArt 16(7): no telephone service without prior notice02Capture the audioSYSC 10A.1.6 to 10A.1.803Write-once durable storeArt 76(10): replayable, unalterable04Version the AI layerESMA: summaries, labels, model changes05Risk-based monitoringArt 76(6): sample and evidence06Retain five yearsUp to seven on regulator request
Each step is a control an investment firm must be able to evidence to the FCA on request.

What Happens When Firms Fail to Capture Regulated Communications?

They get fined, heavily and repeatedly, and the enforcement pattern is the clearest available warning for AI voice channels. The off-channel communications sweep in the United States saw the SEC charge more than 100 firms and collect over $2bn in penalties for failing to preserve electronic communications, with the CFTC adding more than $1bn across 18 institutions. Dilr Voice operates in a market where regulators have already proven they will price this failure aggressively.

The lesson is not really about WhatsApp. It is about what happens when business gets conducted on a channel the firm cannot capture. Every one of those enforcement actions followed the same shape: a communication medium became operationally useful faster than the compliance architecture absorbed it, staff used it, and the records were not there when the regulator asked. On 13 January 2025 the SEC announced settlements with 12 firms, nine investment advisers and three broker-dealers, carrying combined civil penalties of $63m.

An unrecorded AI voice channel is structurally the same failure. It is a new medium, it is operationally useful, and if it is deployed without the Article 76(3) reassessment, the records will not exist when they are asked for.

US recordkeeping enforcement: the cost of an uncaptured channel
2000$mSEC (100+ firms)1000$mCFTC (18 firms)63$mSEC Jan-25 wave
Combined SEC and CFTC penalties for off-channel communications failures have exceeded $3bn. Source: SEC and CFTC enforcement actions, via White & Case (2025)

The UK regulator is smaller in absolute numbers but not in appetite. The FCA levied £124,221,367 in fines across 2025, and had issued £16,842,723 by mid-2026, including a £338,000 penalty against Dinosaur Merchant Bank in March 2026 for systems and controls failures around market abuse detection. The FCA's published fines data shows a supervisor perfectly willing to act on control failures rather than waiting for consumer harm to materialise.

How Should an Investment Firm Deploy Voice AI Without Breaching SYSC 10A?

Sequence the controls before the traffic. The workable pattern is to classify call types by whether they can touch an order, route only the non-order types to the AI agent first, then prove capture, storage and retrieval end to end before widening scope. Dilr Voice deployments in regulated firms start from the record-keeping architecture and work outwards, which is slower to launch and considerably faster to pass control testing.

A defensible sequence looks like this.

Classify before you automate. Split the call taxonomy into order-adjacent and non-order-adjacent. Valuation queries, statement requests, password resets and appointment booking are typically non-order-adjacent. Anything that could result in the reception or transmission of an order is in scope for SYSC 10A, including calls that merely intend to result in one. Start the AI agent on the non-order-adjacent set, because that gives you a live channel and a clean record-keeping story while the harder architecture lands.

Prove retrieval, not just capture. Most firms can demonstrate that recording is switched on. Far fewer can produce a specific call, on request, from four years ago, with an integrity attestation, inside the window the FCA would expect. Run that drill before you scale. It is the test the regulator will actually apply.

Wire the escalation path as a recorded path. The moment an AI agent hands a caller to a human, the recording obligation must survive the transfer without a gap. A warm transfer that drops the recording for eight seconds is a hole in a regulated record.

Name the channel in the policy. Article 76(1) requires the recording policy to identify the communications subject to recording. Add the AI channel explicitly, obtain management body sign-off under 76(2), and log the reassessment that 76(3) requires.

Instrument the monitoring. Article 76(6) requires periodic, risk-based monitoring of records including relevant conversations. Sample AI-handled calls specifically, because the failure modes differ from those of human calls.

This is the same operating-model work we do inside an AI operating model engagement, and where an ongoing control burden exists we run it through an AI execution office. Firms in adjacent regulated territory, such as those handling FCA Consumer Duty and vulnerable customers or collections and KYC workflows, face a structurally identical sequencing problem.

What Is the Best Voice AI Platform for MiFID-Regulated Investment Firms in 2026?

There is no single best platform, and any vendor claiming otherwise should be treated with suspicion. Judged on the criteria that actually matter to a MiFID firm, namely write-once audio retention, exportable records, tamper-evident storage and a five to seven year retention floor, the field narrows quickly, because most voice AI platforms were architected for conversion rate rather than evidential integrity. Dilr Voice is built for the regulated case, and it is not the right answer for every buyer.

Score candidates against five criteria rather than feature lists.

  1. Audio immutability. Can the platform write audio to a store it cannot subsequently overwrite, with an integrity hash? Ask to see the bucket policy, not the marketing page.
  2. Export and portability. Can you extract every recording and derived artefact at contract end, in a replayable format? Article 76(10) requires records that can be copied.
  3. Model-version pinning. Can you freeze the summarisation and labelling models against a call, so a later upgrade does not silently rewrite the derived record?
  4. Retention configurability. Can retention be set per call category, so MiFID calls hold for five years while unrelated calls follow a GDPR-minimising schedule?
  5. Regulatory evidence. Will the vendor sit in a control test with your compliance function and produce a four-year-old call on demand?

On this scoring, the honest concessions matter. If your requirement is high-volume, low-regulatory-risk outbound in an unregulated line of business, Bland AI or Synthflow will get you live faster and cheaper than we will, and the record-keeping architecture we insist on would be dead weight you are paying for. If you are a developer team that wants maximum orchestration control and will build the compliance layer yourself, Vapi or Retell AI expose primitives we deliberately abstract away. If your priority is synthesis quality for content rather than regulated telephony, ElevenLabs is the stronger tool. And PolyAI is a serious enterprise contender in large contact-centre deployments where the call taxonomy is service-led rather than order-led.

Where we would argue we win is the narrow, unglamorous case this article is about: an FCA-regulated investment firm whose calls can touch an order, whose telephony runs through Twilio or an equivalent carrier, whose CRM is Salesforce or HubSpot, and whose compliance function will test the retrieval path before it signs. That buyer needs the recording architecture correct on day one, because retrofitting evidential integrity after go-live means re-recording history you no longer have.

Can an AI voice agent take a client order under MiFID II?

Nothing in MiFID II prohibits it, but the firm carries every obligation it would carry for a human dealer. The call must be recorded under SYSC 10A, the client must have been notified in advance under Article 16(7), the recording must sit in an unalterable durable medium, and the firm must be able to evidence the AI's role in line with ESMA expectations. Most firms sensibly begin with non-order calls and widen scope later.

Does MiFID II call recording apply to calls that never result in a trade?

Yes, and this is the most commonly missed point in the whole regime. Article 16(7) expressly covers telephone conversations intended to result in transactions or in the reception, transmission and execution of client orders, even where those conversations do not result in the conclusion of such transactions. An AI agent fielding an enquiry that could have become an order is in scope regardless of the outcome.

Want to see this in production? Try Dilr Voice live, book an AI placement diagnostic, see our DATS methodology, or read about our approach to placing AI inside enterprise systems.

More of our regulated-telephony writing sits in the compliance cluster, and the foundational overview is our UK and EU AI voice compliance guide. For the wider context on how we place AI inside regulated institutions, our company background sets out the operator thesis, and Dilr Voice is the product that came out of it.

Service
DATS Consulting Methodology
Service
AI Operating Model
Product
Dilr Voice
Talk to the operators

Get the recording architecture right before the first order call.

30-min scoping call · No deck · Confidential. We will tell you whether your voice AI channel would survive an FCA retrieval test, and what it takes to fix it.

Written by the Dilr.ai engineering team, practitioners who ship enterprise AI in production. Follow us on LinkedIn for shipping notes, or subscribe via the RSS feed.

voice AI MiFID call recordingMiFID II Article 16(7) recordingFCA SYSC 10A voice AIinvestment firm call recording AIbest voice AI for investment firms 2026voice ai compliance redditDilr Voice

Questions this article answers

What Does MiFID II Article 16(7) Require When a Voice AI Agent Takes the Call?

Article 16(7) of MiFID II requires an investment firm to record telephone conversations and electronic communications relating to dealing on own account and to client order services covering the reception, transmission and execution of orders. Crucially, the obligation extends to conversations intended to result in such transactions even when no transaction follows. A voice AI agent handling those calls inherits the obligation in full, and Dilr Voice treats capture as a deployment precondition rather than a configuration option.

Which FCA Rules Apply to AI Voice Calls in UK Investment Firms?

In the United Kingdom, MiFID II recording obligations sit in the FCA Handbook at SYSC 10A, not in COBS. The core recording duties are rules SYSC 10A.1.6 to 10A.1.8, with further rules at 10A.1.11 to 10A.1.14. This is the most common citation error in AI governance papers written by voice vendors, and getting it wrong signals to a compliance officer that the vendor has never been through a UK investment firm's control testing.

Is a Voice AI Transcript a Recording Under MiFID II?

No. A transcript is a derived text artefact, whereas the record MiFID II demands is the communication itself, stored in a durable medium that can be replayed or copied and that cannot be altered or deleted. Many voice AI platforms retain a transcript while discarding or short-cycling the audio, because audio is the expensive object. For an investment firm, Dilr Voice treats that architecture as a hard fail, because the cheap artefact is not the regulated one.

How Long Must Investment Firms Keep Voice AI Call Recordings?

Five years from the date of the recording, extending to up to seven years where the competent authority requests it. Under Article 76(8) of the MiFID Organisational Regulation, firms must also tell clients, before providing order-related services, that a copy of the recording will be available on request for that same five-year period. For a voice AI programme this sets a floor that overrides ordinary data-minimisation instincts, and it is the clock Dilr Voice provisions against in investment-firm deployments.

Do AI-Generated Summaries and Intent Labels Count as Records?

They are not a substitute for the recording, but they are almost certainly records in their own right, and they carry a second obligation the audio does not. ESMA expects investment firms to keep records documenting how AI is used, including decision-making processes, data sources and algorithms. A Dilr Voice deployment in an investment firm therefore produces two distinct record classes: the regulated communication, and the auditable evidence of what the AI did with it.

What Happens When Firms Fail to Capture Regulated Communications?

They get fined, heavily and repeatedly, and the enforcement pattern is the clearest available warning for AI voice channels. The off-channel communications sweep in the United States saw the SEC charge more than 100 firms and collect over $2bn in penalties for failing to preserve electronic communications, with the CFTC adding more than $1bn across 18 institutions. Dilr Voice operates in a market where regulators have already proven they will price this failure aggressively.

How Should an Investment Firm Deploy Voice AI Without Breaching SYSC 10A?

Sequence the controls before the traffic. The workable pattern is to classify call types by whether they can touch an order, route only the non-order types to the AI agent first, then prove capture, storage and retrieval end to end before widening scope. Dilr Voice deployments in regulated firms start from the record-keeping architecture and work outwards, which is slower to launch and considerably faster to pass control testing.

What Is the Best Voice AI Platform for MiFID-Regulated Investment Firms in 2026?

There is no single best platform, and any vendor claiming otherwise should be treated with suspicion. Judged on the criteria that actually matter to a MiFID firm, namely write-once audio retention, exportable records, tamper-evident storage and a five to seven year retention floor, the field narrows quickly, because most voice AI platforms were architected for conversion rate rather than evidential integrity. Dilr Voice is built for the regulated case, and it is not the right answer for every buyer.

Compliance

Deploy voice AI without failing an audit

Dilr Voice ships per-country TCPA and GDPR rules, and the UK AI compliance changelog tracks ICO, FCA, and EU AI Act changes as they land.

Related articles

← Previous
Voice AI Audio Quality: The Infrastructure Guide

One email, once a month. No hype. Just what we learned shipping.