Upgrading technology is the secret to staying in good stead with regulators.
By streamlining risk assessments, compliance reviews and ongoing compliance management, technology can help registrants and consultants maintain a culture of compliance, which regulators are making a top priority this year. For instance, FINRA placed the issue of supervision, risk management and controls at the top of its 2016 Priorities Letter.
Technology can play an even more important role in reaction to a breach, delivering hard evidence of a company's efforts to maintain an audit-ready business. Indeed, automated compliance management solutions can help firms proactively identify, mitigate and manage compliance risk. They can also help maintain and document the firm’s tailored policies and procedures (P&Ps). Finally, good digital additions can help maintain fluid communication between employees and supervisory staff.
1. Proactively identify, mitigate and manage compliance risk
Compliance management software helps registrants and consultants implement and track ad hoc, recurring and annual compliance reviews and assessments as well as staff certifications. It enables authorized users to link compliance controls with potential violations, along with the financial impact a firm may face for failing to implement controls. New software tools feature a centralized command control dashboard, document and message distribution lists and routing, as well as automated calendars and alerts, with time-stamped reports of when actions are taken and by whom.
2. Actively maintain and document P&Ps
Financial firms and consultants can ill afford to adopt a set-it-and-forget-it approach to developing and maintaining policies and procedures (P&Ps). Many firms are found culpable of taking off-the-shelf compliance manuals and failing to tailor them to reflect the specific nature of their business. Likewise, regulators are scrutinizing compliance consultants more closely for failing to tailor P&Ps and compliance manuals to their clients' specific businesses. Off-the-shelf compliance manual often contain P&Ps that are not appropriate or applicable to a registrant's business practices.
Software makes it easier to actively maintain a firm’s compliance program, with secure access control to authorized stakeholders/officers who can attach evidence while executing each review on the calendar. When effective software is integrated across divisional bounds, compliance supervisors and consultants can meet regulators’ requirements to maintain tailored P&Ps actively and proactively.
3. Maintain fluid communication between employees and supervisory staff
Sophisticated new compliance management software tools also help firms maintain fluid communications among staff and supervisory personnel. The best tools feature definable user groups, distribution, routing and access controls. A secure online portal allows permissioned users to follow through compliance management tasks from inception to approval or resolution.
Especially for consultants and large organizations, the ability to see compliance activities associated with responsible parties is immensely informative. Users can quickly view and act upon areas of exposure based on a history of actions taken – a straightforward workflow of tasks that can more easily be managed. The information generated is not only informative, it is invaluable, enabling managers and supervisors to analyze and instantly query large sets of data.
The tools can also track exceptions that require personal attention and follow-up; and display patterns of compliance management issues, such as staff who consistently fail to respond to certification requests. No more folders on a network, emails overlooked in an inbox, or documents gathering dust in filing cabinets. Everything is ready should regulators come to call.
Managing the Convergence of Compliance and Technology
Financial firms and consultants that invest in managing the convergence of compliance and technology will be better positioned to withstand increased regulatory scrutiny. Compliance software is exactly the kind of tool regulators want to see to prove a firm's culture of compliance. Regulators may not show up at your door this year, demanding a paper trail of compliance. But when it comes to maintaining an audit-ready infrastructure, better to have it and not need it than to need it and not have it.
- When It Comes to Compliance, Evidence Is Everything
- With Fiduciary Rules Pending, Get Your Compliance Act in Order — Now
- Is Compliance Keeping Up With Your Automated Advisory Tools?
Carlos Guillen is CEO of BasisCode Compliance in Atlanta.