Adherence to rules and procedures is something investment banks have long been scrutinized for, with regulatory non-compliance being recognized as a prominent failure. For many investment banks, compliance teams are growing in size and so too are the costs associated both with compliance and non-compliance. However, even with increased funding and commitment, compliance is arguably not being effectively instituted across the enterprise, nor is it acting as the business enabler it should be.
Financial institutions are struggling with the issue at hand: meeting the requirements of new and existing regulations. However, what firms may not recognize is that compliance is a multi-faceted process with many different factors at play and several internal and external stakeholder expectations to meet.
Firstly, new products and services offered by financial institutions must be tested and approved internally before reaching the market. Secondly, operational and financial practices must be reviewed. These include assessing considerations around the target customer base, their tax regimes and country of origin. Marketing materials also need to be approved in this way, such as product literature and roadshow activities. Thirdly, technology and infrastructure challenges need addressing and ‘business as usual’ environments need to be put in place and monitored.
At the same time, timing is everything. Releasing new processes depends greatly on time-to-market; firms’ efforts to be first out the door may result in cutting compliance corners, inadequate testing of end-to-end processes and applications, misinterpretation of regulatory directives or implementation of tactical solutions that may not be viable or fit for purpose in the long run.
Increasingly, economic influences and global business models mean new geographies and markets are pursued by firms every day, and new market breakthroughs often need to happen swiftly. To expand business efficiently and effectively, transparency across all geographies and businesses is imperative to the core compliance departments to avoid transactional errors and minimize operational risk.
All the while the public eye continues to watch closely as the mounting strain placed on compliance departments makes organizing data a top priority in circumventing reputational risk. Long gone are the days when paying a fine sufficed for non-compliance. Press exposure and publicity via social media channels today can tarnish the reputation of even the most well-known financial institutions.
Without proper planning of new offerings, execution and control management, financial institutions run the risk of being operationally inefficient, a situation which in many instances can ultimately lead to reputational damage.
But what is the real issue affecting departmental processes and organizations? The answer to that is fragmentation.
Siloed compliance teams yield inefficient processes that are not appropriately streamlined across the entire department or business line. Roles and responsibilities are not properly defined and communicated between across functions. Lines are often blurred between internal control and risk functions. This lack of centralization raises fundamental questions about who owns what, how delegation works and how mature the levels of defense are. —Sridhar Athreya is principal at SunGard Consulting Services
Without a holistic impact analysis and end-to-end compliance program, financial institutions can face a negative domino effect – with just one discrepancy, a series of errors and issues can follow.
This should be a cause of concern for a firm’s compliance department managers, heads of business, executive committees and, eventually, its board. Local and global regulatory agencies in particular are now increasing their scrutiny of investment banks’ compliance with regulations. ‘Compliance evidencing’ drives the need for accurate audit trails and reports where data can be accessed quickly as and when there is need. Investment banks in particular, should be able to justify compliance practices and control environments, which in turn drives the need for streamlined infrastructure (data, systems and applications) where compliance is documented and carried out in repeatable, on-going processes.
So, how should you go about doing this? While there are no industry-standard options just yet, our experience shows that adopting a structured, technical approach to compliance is perhaps a pragmatic starting point. This takes an evolutionary view of business operating models and regional variations, and puts regulatory assurance testing in the driver’s seat.
But this is not easy. There are shifts that need to happen in the compliance culture and governance practices in investment banks, so that meeting the expectations of regulatory agencies becomes a seamless, repeatable and painless process. Firms should consider a holistic, model-based approach that takes a macro look at the firm’s overall compliance. This model should look at the full range of categories affecting the compliance process, including data quality, process scalability, quality of reporting and governance and controls. By creating an integrated vision of compliance that addresses both existing and on-going requirements, businesses will be empowered to create a next-generation compliance approach that eliminates siloed operations. Alignment and standardization of practices and processes will further enable compliance to be a strategic function for the business and not a drag.
Long gone are the days where a third-party rubberstamp on compliance suffices as a means of assessment. A model-based approach provides the introspection for the firms actually to depend on their own data and systems to recall the information needed and visualize if their results are on target with what’s expected. The end goal is on-going assurance rather than reactive or ad hoc compliance testing.
In sum, don’t let your firm be targeted for inadequate or failed compliance processes. Let your compliance success speak for itself and evolve in the long-run, giving your firm a competitive edge through being highly regarded for compliance transparency and competence.