No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Compliance Program Evolution: The Need for a Compliance Management System

How a Technological Solution Can Validate the Importance of the Compliance Function

by Kevin Byrne
April 19, 2019
in Compliance, Featured
concept of human evolution against starry background

Compliance has yet to adopt a proper management system to substantiate the critical role they play. SEI’s Kevin Byrne discusses how, rather than continuing to raise compliance issues as they occur, CCOs should graduate to consistent, ongoing management-level reporting.

Compliance programs today are at an interesting crossroads. In 2004, the SEC adopted rule 206(4)-7, requiring all registered investment companies and investment advisers to adopt and implement written policies and procedures reasonably designed to prevent violation of the federal securities laws. Firms learned they had to review those policies and procedures annually for their adequacy and the effectiveness of their implementation and to designate a chief compliance officer (CCO) to administer the policies and procedures. Thus, the compliance program as we know it today was born.

Firms hired CCOs and tasked them with creating programs to protect investors and comply with federal securities laws. CCOs built their programs with the tools of the time – principally Microsoft Office – and while there is more experience to draw from, they largely continue to manage their programs the same way today. Policies and procedures are maintained in MS Word. Risk assessments are maintained in Excel. Communications are stored in Outlook. Documentation is maintained on shared drives or in SharePoint.

While other areas of the business have adapted to more advanced and/or integrated technology solutions, compliance has barely evolved. The trading function went from manual tickets, phone calls and paper blotters to order management systems (OMS) that capture all trading activity and allow for a consolidated view of all activity. The front office historically relied on each sales person separately maintaining their own prospect information, preventing a consolidated view into the organization’s efforts. Customer relationship management (CRM) systems were developed to consolidate information across the front office, providing management with the reporting they need. Imagine today trying to assess a firm’s sales pipeline without a management tool such as a CRM or attempting to reconcile multiple paper blotters on a daily basis.

Adopting a Compliance Management System

In order for the C-suite to effectively oversee the compliance function and the activities of the CCO and not just meet for quarterly updates or when an issue arises, the industry must develop a new technology platform to manage the activities of the compliance program. Similar to an OMS or a CRM, compliance needs a compliance management system (CMS). This platform will integrate the various parts of the program – policies and procedures, risk assessments, testing, attestations, vendor due diligence, etc. – and include robust dashboards and reporting so management can at any point in time assess the health of their compliance program and their CCO’s performance. Without the appropriate management oversight, the risk of noncompliance could cause irreparable damage to the firm’s reputation and brand, not to mention possibly incur significant financial penalties from regulators.  

In addition to overseeing the CCO, the C-suite should be demanding a CMS for two additional reasons:

  1. A CMS will make the compliance program more effective. A centralized system of all requirements, deadlines and activities with improved reporting will help compliance better connect the dots and spot areas of weakness.
  2. The C-suite needs to mitigate the key person risk of the CCO leaving or being incapacitated. Without a holistic management system, the documentation and evidence of the compliance program could be widely distributed with no shared or centralized knowledge of where everything resides. Clearly, transitions are more difficult when there is no central repository of all the elements of the compliance program.

It’s Time for a Compliance Revolution

In recent years, governance, risk and compliance (GRC) systems have been developed to help address this gap in management’s compliance oversight. By and large, however, those systems were born out of the internal audit functions at large corporations. While better than the MS Office versions of old, adapting those systems to investment adviser/investment company compliance has been a challenge. Compliance needs a system that is built from the ground up to address the intricacies of a compliance program, one that has connective tissue linking the various components of the program together.   

It is time for the compliance program to evolve beyond its beginnings 15 years ago. The days of shared drives and manually creating reporting should be gone forever. Just because it isn’t a front-office, revenue-generating function doesn’t mean that compliance shouldn’t have the kind of management reporting system that has evolved in other departments across the organization. Management should be demanding such a system to allow them to appropriately oversee the CCO, and the CCO should be demanding such a system to make their compliance program more effective and efficient. It is time for a revolution.


Tags: Reputation Risk
Previous Post

How to Reposition Compliance as a Revenue Generator

Next Post

A Compliance Playbook for “Operation Varsity Blues”

Kevin Byrne

Kevin Byrne

Kevin Byrne is Managing Director of Global Regulatory Risk and Compliance within SEI’s Investment Manager Services division. In this role, Kevin is primarily responsible for strategy and new business development for global regulatory and compliance solutions and services. Prior to joining SEI, Kevin served as Chief Compliance Officer for Hirtle Callaghan & Company, a $20 billion+ SEC registered investment advisor. In this role, Kevin had responsibility for all aspects of the firm’s compliance program. In addition, Kevin was responsible for operational due diligence on all subadvisors, hedge funds and private equity funds Hirtle invested in, which included over 70 investment managers. He also served as an officer on Hirtle Callaghan’s Registered Investment Company. Earlier in his career and prior to joining Hirtle Callaghan, Kevin was a consultant for Navigant Consulting’s Regulatory Advisory Group.

Related Posts

red flag warnings

Fostering Risk Transparency in the Organization

by Jim DeLoach
November 9, 2022

Serious risks to your company’s financial and reputational health probably aren’t going to walk up and introduce themselves. Protiviti’s Jim...

parametric insurance esg

Exploring Parametric Insurance as an ESG Authentication Tool

by Nir Kossovsky and Denise Williamee
November 9, 2022

Parametric insurance, which has long been popular in disaster recovery, is gaining steam as a proxy for proving the effectiveness...

trade secrets

Inside Job: How Businesses Can Protect Valuable Trade Secrets

by María Amelia Calaf
October 5, 2022

A relatively new law (the Defend Trade Secrets Act) aims to give businesses a legal framework to fight against theft...

greenwashing

Consumers and Federal Regulators Continue Fight Against Greenwashing

by Staff and Wire Reports
October 5, 2022

The SEC is expected to publish its final rules regarding ESG disclosures later this year, and in the meantime, both...

Next Post
illustration of two businessmen exchanging a bribe

A Compliance Playbook for “Operation Varsity Blues”

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT