How to Demonstrate a Commitment to Compliance
Regulatory authorities for the financial industry will be focused on companies’ risk management and compliance programs this year and for the foreseeable future. That’s reason enough to make risk management and compliance a priority.
By: Guy Talarico
We’re only a few weeks into the year, and some of us have already broken resolutions we intended to keep. For compliance officers, there’s still time to assess and resolve to address shortcomings in their compliance programs. Financial firms must make compliance and risk management a top priority this year, particularly since U.S. financial industry regulators will be doing the same.
Among other things, the Financial Industry Regulatory Authority (FINRA), announced in its 2017 Priorities Letter that it will be assessing registrants’ supervisory, risk and compliance controls. This follows FINRA’s 2016 focus on assessing the extent to which firms maintain “cultures of compliance.”
Similarly, the Securities and Exchange Commission (SEC) is including compliance management as one of its top priorities this year, including mitigating marketwide risk. In this regard, the SEC will be evaluating companies’ enterprise risk management policies and procedures (P&Ps) to ensure they cover all business units, subsidiaries and interconnected infrastructures.
Some focus areas are new this year, such as planned examinations of digital investment advice platforms. Others carried over from last year, including a focus on fee calculations and disclosures; trading compliance; and the protection of investors’ savings in retirement accounts.
Naturally, different types of firms should focus on the areas of risk germane to their business. For instance, investment advisers should review and mitigate risk related to improper trading and portfolio management practices, among other areas. Investment companies and funds should scrutinize the processing and pricing of portfolio securities and fund shares. Broker-dealers should review and implement controls to prevent noncompliant sales and trading practices.
Notwithstanding the differences, a commonality across all regulated firms is the mandate to manage compliance. This includes implementing P&Ps that are reasonably designed to prevent violations and reviewing them on at least an annual basis. Firms can create and automate their compliance calendar, for instance, to make it easier to prioritize and schedule tasks – such as monthly, quarterly and annual reviews – and to generate activity reports on an ad hoc, daily, monthly or yearly basis.
With regulators announcing record-high enforcement activity last year, compliance has become more prominent in the courtroom and in the boardroom. Now is as good a time as any to kick off or strengthen a self-assessment program. Conducting rigorous reviews throughout the year demonstrates a firm’s resolve to maintain a compliant and audit-ready business.