Sins of the Silo

Compliance Challenges in Financial Services

The financial services sector faces numerous obstacles – especially the constant change in regulations. Michael Powell, Solutions Consultant at ZL Technologies, shares insights around the four biggest compliance challenges facing the industry today and how data management can play a role in overcoming them.

With a unique set of compliance standards, the financial services industry faces numerous obstacles in an ever-changing regulatory landscape. The largest organizations must constantly assess changes in regulations, changes in technology and changes in processes in order to appropriately approach information governance. Business processes, technology adoption and acquisitions/divestments, by their nature, create silos. Many of the headaches compliance officers and managers face can be traced directly back to these emergent silos. The four biggest compliance challenges facing the financial services sector today all start here.

Disparate Data Sources

Silos are a blessing and a curse; they are usually created by a new process or tool adopted by a part of the firm, meaning there are innovations taking place and time-saving tools available to employees, increasing productivity. Free data sources, like Slack or Dropbox, often pop up across the enterprise and pose liability risk before compliance officers are even aware of their existence. While these programs undeniably provide certain workflow benefits, they also further fracture organizational data control.

The bottom line: regulators don’t care if organizational data is scattered across the enterprise and difficult to access. Regulations apply equally to data across these silos and platforms. If it contains regulated data or communications, it must be managed appropriately. Therefore, it’s vital compliance officers and managers take all these platforms into account when planning their organization’s compliance policies and procedures.

So how do we handle silos if they emerge naturally? One method is to attempt to apply the whole stack of compliance processes to each silo; this is typically an expensive and error-prone endeavor. Another option is to use an archive or repository to govern all your information and simply add new data sources as they emerge. This requires less overhead and fewer changes at a business process level, as you eliminate many redundant steps.

Adherence to New Regulations

New regulations — and updates to existing ones — are of chief concern to compliance officers. Without visibility into all of the firm’s existing data, any change or new regulation carries the risk of being fined for ungoverned sources of data generation.

For example, SEC 17a-4 requires storing certain items on WORM devices to ensure immutability. With many silos, it would be difficult and expensive for a company to ensure global SEC 17a-4 compliance, let alone handle new data sources on the fly. With a single repository, compliance officers can focus on bringing new sources out of the shadows, versus trying to see in the dark.

With billions of dollars spent annually on consulting and regulatory action for this purpose alone, untangling data sources to get ahead of existing — and future — regulations should be one of the biggest priorities for financial institutions. It’s one thing to have your bases covered today, but another to anticipate and adhere to new regulations as they come about. Since compliance with numerous regulations involves coherently managing data across silos, it’s important to find a flexible and cohesive solution.

Syncing Compliance Actions Across Business Units

Compliance concerns are often ignored when a team or unit adopts a new tool or makes substantive changes to existing processes. As a compliance professional, getting a seat at the table for such decisions can be difficult; it is, however, imperative that organizations track silos from creation rather than discover them too late.

As it stands now, compliance is generally a separate entity from other business units. Often, records management departments have the final say on deletion/disposition without a lens into what’s going on in the compliance department. The same goes for myriad departments, most of whom have little means of understanding the compliance implications of their actions.

Information sharing, however, can be built into the organization through a cross-functional team comprised of compliance, IT and managers from each line of business. If compliance has taken action on a particular item, for instance, it may affect the way the records manager carries out disposition on said item. Further, if a team internally wants to start using Slack or some other silo-generating service, this cross-functional team can place such changes on the radar of compliance. Information sharing is critical for staying in compliance and synchronizing activities across the enterprise.

Deal Structuring and Restructuring

With increasing scrutiny on mergers and large financial deals, it is essential that companies have an efficient way of complying with the financial and communications regulations that accompany such a process. Minimizing the emergence of silos and managing their integration into the compliance environment at large is essential for producing relevant information, documenting appropriate behavior and avoiding large fines and bottlenecks. The cross-functional team mentioned earlier would provide the added benefit of streamlining the governance of information and minimizing risk, thus expediting expensive mergers/divestments.

Stay Compliant

For financial services firms, compliance is about more than avoiding fines. Having an effective system in place for monitoring and acting on data can also enable more efficient and less expensive operations over the long haul. Firms can mitigate the risk inherent in silos by providing better information flow across the enterprise and natively integrating such information exchanges into a unified compliance system. The financial services industry faces unique challenges in staying compliant. To keep up with the challenges and an ever-changing regulatory environment, it’s important firms have an action plan in place. With the sheer amount of handlers and data being handled, technology plays an essential part in identifying and minimizing compliance risk.