Managing the convergence of compliance and technology

Managing the convergence of compliance and technology
A common thread across technology-driven breaches is the failure of firms to establish and enforce policies and procedures.
OCT 12, 2015
Citigroup recently agreed to pay a $15 million penalty for failing to enforce compliance breaches that technology could have prevented. As evidenced by such high-profile cases, even some of the leading financial firms overlook the role that technology can play in avoiding costly compliance failures. "Today's high-speed markets require that broker-dealers and investment advisers manage the convergence of technology and compliance," Andrew Ceresney, director of the Securities and Exchange Commission's Division of Enforcement, said in an Aug. 19 news release. According to the SEC, Citigroup failed to enforce policies and procedures to prevent securities transactions that involved the misuse of material, nonpublic information. Moreover, Citigroup's policies and procedures to avoid the improprieties were not reasonably designed or implemented. Like the SEC, the Financial Industry Regulatory Authority Inc. is scrutinizing more closely areas of risk that technology — like a double-edged sword — can both cause and combat. For instance, in September, Finra issued an alert to warn investors of so-called "pump and dump" stock promotions sent through instant messaging applications. With businesses increasingly reliant on technology, regulators are weighing the preventive measures companies employ to protect the most sensitive, technology-dependent functions of the enterprise, such as trading, communications, document management and cybersecurity. A common thread across technology-driven breaches is the failure of firms to establish and enforce policies and procedures that are reasonably designed and implemented, and to conduct periodic risk assessments. Compliance breaches stem from organizations' inability or failure to identify and mitigate risks that are not actively controlled. Widely endemic manual compliance management methods, such as the use of spreadsheets to track assessments and compliance manual reviews, make it impossible to easily cross-reference and collaborate on supervisory tasks across divisional lines. Making matters worse, the growing demand for compliance talent has led to acute industrywide staff turnover risk. This is particularly true for companies that rely on manual methods to manage compliance and are ill-prepared to face the dangers of key-man risk. When compliance officers depart, they take significant institutional knowledge with them. The company is thus unable to piece together its compliance exposure, particularly in the event of a breach. Here are some questions that firms need to ask … and answer: •What is the history of the firm's compliance issues? •What measures were taken? •Where is the evidence? •What steps should be taken next? A number of single-function compliance management systems have emerged, such as email archival, trading surveillance and anti-money laundering solutions, to detect and prevent these and other types of malfeasance. But the vast majority of compliance solutions lack the ability to centralize data and deliver visibility across areas of risk exposure. The integration of tools that deliver an enterprise-wide view of compliance activities helps firms manage tasks such as staff certifications and risk assessments more easily and effectively. A dynamic dashboard and secure online portal can deliver broad visibility, with centralized document and task management. Automated reminders can be routed and time-stamped as an audit trail of which actions are taken when and by whom. In addition, turnover risk is mitigated to the extent that a firm leverages technology to capture and replicate a departing individual's expertise. Given today's fast-paced interconnected markets, financial firms should seize every opportunity to manage the convergence of compliance and technology. By leveraging comprehensive solutions, companies can link controls to the sources of risk and document their proactive efforts to stay ahead of perpetrators. A technology-enhanced approach to managing compliance benefits clients by safeguarding their information and assets. But it also demonstrates to regulators that firms are committed to running a business that is audit-ready and operationally responsible. Carlos Guillen is president and chief executive of BasisCode Compliance.

Latest News

Candidly adds AI agents for Trump Accounts, workplace benefits
Candidly adds AI agents for Trump Accounts, workplace benefits

CEO Laurel Taylor says the fintech's composable AI stack helps workers optimize dollars across Trump Accounts, 529s, 401(k)s, and other employee benefits.

BMO adds three advisors in Dallas amid Y'all Street wealth boom
BMO adds three advisors in Dallas amid Y'all Street wealth boom

The bank has swiped three private banking veterans from BNY as the city climbs the ranks of America's fastest-growing wealth hubs.

UBS moves toward full-service US bank as plans to extend wealth business
UBS moves toward full-service US bank as plans to extend wealth business

Employee accounts, crypto trials and job cuts frame a pivotal year for the Swiss lender.

$5B broker-dealer NBC Securities has a new name after almost 30 years
$5B broker-dealer NBC Securities has a new name after almost 30 years

New name draws on founder's family history as consolidation reshapes the broker-dealer landscape.

Cerity Partners enters new market with Cordant Wealth Partners merger
Cerity Partners enters new market with Cordant Wealth Partners merger

Deal brings tech-focused planning expertise, expanded Pacific Northwest presence to national RIA platform.

SPONSORED Who builds the income when the pension disappears?

Dan Biagini of American Equity says the steady decline of pensions, longer lifespans and a reset in interest rates are rewriting how advisors build retirement income

SPONSORED Why direct indexing stopped being optional

Direct indexing is on pace to outgrow ETFs and mutual funds. Northern Trust's Ken Lassner explains why the advisors who get it wish they had started sooner.