No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

The Evolution of Compliance

How New Technologies are Impacting the Profession

by Mark Peter Taylor
December 3, 2019
in Compliance, Featured
woman's hand touching beam of light on digital blue screen

Are you grappling with the practical implications of new technologies? What does it all mean from a regulatory and organizational perspective, and what does the future look like for compliance pros? ICA’s Mark Taylor weighs in.

Do you remember the sound of the dial-up modem? An alien ting-a-ling sound interrupted by peculiar beeping noises and a droning burr?

The Early Days

If you wish to hear the old low-speed connection, type “dial-up internet” on a search engine and be transported back to the early 1990s. I find the sound strangely evocative: It reminds me of a time when the internet was new, fresh and exciting, notwithstanding that the access speeds were slow; a typical web page would take 15 to 30 seconds to download and often longer.

On the work front, things were also changing; I remember a colleague from our legal team introducing me to the idea of a separate, independent compliance team: “They will do a bit of regulatory reporting, the nonfinancial stuff and some monitoring.” Those were the days when report preparation was largely a manual exercise involving hard-copy submissions. Monitoring was often done in person or by listening to telephone recordings. We had yet to see some of the enormous fines and penalties for improper conduct. Those came later.

Back to the Future

So, we are now fast approaching the year 2020, with superfast and ultrafast connection speeds ranging from between 24 and 100 megabits per second. If you consider that a megabit (Mb) represents a million bits, you begin to understand the enormity of the changes that have taken place. In the early 1990s, access speeds were around 56,000 bits per second.

So, what do these changes mean on a practical level to compliance and risk practitioners? Well, the exponential growth in data processing capability is a game-changer. All firms are grappling with demands from regulators for rapid reporting against a backdrop of ever-increasing volumes of data. We are moving to real-time reporting and advanced analytics with regulators prepared to levy substantial fines for firms that fail to identify reporting errors or notify them promptly.

The Regulatory Response

Regulators are starting to require more in-depth, timely and transparent reporting. Three examples are set out below:

  1. Markets in Financial Instruments Regulation (MiFID II) has increased the number of data fields for transaction reporting. Although a great deal of cost has been incurred by the sector in MiFID implementation, reporting errors have occurred and attracted some significant fines. Earlier this year, UBS and Goldman Sachs were fined £27.6 million and £34.3 million respectively for reporting failings.
  2. Common Reporting Standards (CRS) – Although CRS was broadly based on FATCA reporting requirements, CRS is wider in scope, includes more jurisdictions and has no minimum reporting thresholds. In the U.K., the CRS reporting requirement applies to all financial institutions with a reporting obligation to HMRC and “reportable accounts” (i.e., account holders with an equity or debt interest in a trust). FIs are required to report a great deal of information for each trust – including the settlor, trustees, beneficiaries and individuals who have “control” over the trust.
  3. General Data Protection Regulation (GDPR) requires certain types of personal data breach to be reported without delay, but no later than 72 hours of the organization becoming aware. As we all know, the penalties for data-related breaches increased substantially on May 25, 2018, when GDPR was introduced. However, it is not only the size of the potential penalties that is sobering, it is the knowledge that the regulators can carry out online checks on their own initiative or in response to complaints. In the Google case (which resulted in a record fine of €50 million), the regulators made online checks to test compliance of Google’s processing operations with the GDPR.

The overall regulatory response adds up. In short, increased volumes and velocity of data must be matched by good levels of transparency; regulators can only protect markets and consumers by requiring more in-depth and timely reporting and pushing for consumers to have increased control over their data. For some organizations, this will be a significant cultural change with their transactions, processes and stakeholder engagement under a more intense spotlight.

The Challenge for Organizations

A key challenge is the level of regulatory reporting. There is a steady cascade of different regulations requiring different and often similar or overlapping information. To comply with the reporting requirements, organizations need to look at their data through different regulatory lenses. In an ideal world, we would have a uniform reporting requirement across the globe; however, this is not feasible given the varying ways individual countries implement regulations.

Given the increased volumes and velocity of data and the demand from regulators for enhanced reporting, many organizations are responding by introducing real-time applications, such as analytics, artificial intelligence and robotics.

The Implications for Compliance Functions

Given the broad backdrop from a technology, regulatory and organizational perspective, what are the implications for the compliance function? Well, the growth in data processing capability is propelling change; an increasing number of companies are implementing a range of new automated solutions for high-volume/rule-based compliance related tasks, such as surveillance, testing and reporting.

As a compliance professional, how do you respond to the new environment? The first step is to recognize that poor data quality is becoming the single biggest driver of compliance inefficiency. If you are working within a patchwork of unconnected processes and systems, it will be difficult (if not impossible) to produce meaningful and timely information for regulatory and risk management reporting purposes.

ICA recently hosted a series of roundtable events that gave some senior compliance professionals an opportunity to discuss the future and the impact of technology. It was felt that introducing digital elements to an existing framework in isolation for data management purposes was not the answer. Several participants had seen the downside of regulatory projects being managed in silos. It was agreed that a collaborative style of working was required, with key stakeholders working toward collective outcomes that reduce risk and improve efficiency.

If we are to adopt new ways of working and feel comfortable working in multidisciplinary teams, we need to look at our own technical and business-related skills. We will no longer spend as much time on routine and administrative tasks, but look at the outputs from automation. Perhaps job adverts in the future will be along the following lines:


Risk and Compliance Director

Sets the risk and oversight strategy for bots that perform a range of automated tasks, including product updates, policy communications and financial coaching services.


At the beginning of this article, I touched on the early 1990s. In many ways, the desired outcome for compliance teams has not changed: They need a robust framework for breach detection, monitoring and reporting. The key change is the introduction of automated solutions on digital platforms, which will enable considerable amounts of data to be processed at speed.

As compliance functions evolve and begin to use analytics, they will uncover new patterns and insights not previously achievable. Our focus will turn to higher order/more complex tasks. The key questions: Do we have the right mix of skills for the future? Do we have the most effective communication strategies? Do we have the skills to solve complex problems through logic? Do we have investigation skills?

Continuous development has never been so important. Before you decide on any training, you need to decide what competencies are a priority. As a colleague said to me recently, “the secret is to decide what muscles to flex and how.”


Tags: GDPRMarkets in Financial Instruments Directive (MiFID II)
Previous Post

The Curious Case of Bias in Risk Assessments

Next Post

DiCianni’s Idea: How It All Got Started

Mark Peter Taylor

Mark Peter Taylor

Mark Peter Taylor is a Compliance Consultant at International Compliance Association. Mark is an accomplished compliance professional with extensive experience of developing training solutions within the financial services sector. Having led and supported compliance teams across different jurisdictions, he now prepares and presents training programs to boards, senior management teams and governance forums. His aim is to provide thought-provoking programmes which contain an international perspective. Before working for ICA, Mark held various senior management positions with HSBC, Standard Bank and Lloyds Banking Group. He understands the challenges faced when managing regulatory risks and is keen to help you develop practical solutions in response to risk and remediation priorities.

Related Posts

gdpr

UK Resurrects Data Protection Reforms, EU Court Rules on GDPR in Civil Cases

by Jonathan Armstrong and André Bywater
March 15, 2023

Recent courtroom and legislative action in Europe will likely have ripple effects around the world for companies subject to regulations...

eu flag

Preparing Your Company for the Latest GDPR Data Transfer Developments & Upcoming Deadlines

by Kevin L. Coy
November 30, 2022

An EU court decision and legislative moves in the U.S. and UK make compliance with privacy regulations increasingly difficult. Arnall...

minidata_b

Honey, I Shrunk the Data: How to Keep Customer Info on a Need-to-Know Basis

by Parker Poe
November 30, 2022

It may be tempting to hoard the data you have gathered on your customers, but an increasing number of regulations...

uk ico data access

UK’s Data Protection Regulator Signals Crackdown on Access Request Violations

by Jonathan Armstrong and André Bywater
October 5, 2022

Data privacy laws in the EU and UK established the right of individuals to find out what personal information organizations...

Next Post
closeup of magnifying glass on gray background

DiCianni’s Idea: How It All Got Started

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT