With compliance processes driven largely by regulatory requirements, the financial services sector could be forgiven for breathing a sigh of relief under the deregulatory bent of the Trump Administration. But experts and observers in the finserv sector told CCI contributing writer Carrie Pallardy that, in many ways, even the disruption of business-friendly attitudes is still disruption — and disruption can be costly.
The financial services sector has long had to navigate a complex regulatory landscape that touches every aspect of its operations, and firms have invested time and money in their compliance programs. When regulatory change arrives, whether in the form of new rules or fresh interpretations of existing ones, it tends to be expensive.
The SEC and FINRA have major roles in overseeing the financial service sector, and a new administration — particularly one making radical changes to the very nature of the federal government — is a major disruption.
“I think the thing that most organizations struggle with the most is actually keeping up to date with all the changes in their businesses and making sure that, ultimately, they’re complying with all the new laws, rules or regs or how those change,” said Brian Kostek, managing director of the regulatory risk team at global consulting firm Protiviti.
Regulatory change, even change considered business-friendly, comes at a cost. Compliance teams may be asked to pivot organization-wide processes to meet new requirements, and teams may be expected to navigate a period of uncertainty, analysts told CCI, as old rules applied to modern technology and shifting regulatory priorities demand adaptability.
The cost of regulatory change
A simplification of regulations certainly has its appeal, but, in many ways, the industry may crave stability over simplification or rolling back of rules, Kostek said. Even seemingly small changes to rules can result in expensive adaptations.
“The large [financial institutions] have invested the time and the effort and the capital to ensure that they have already built the programs and the processes to comply with all the FINRA rules and regulations and notices at this point. I think my general sense is the market would actually be very happy with years of stability and less regulatory change,” Kostek said.
When a regulatory change arises, a tidal wave of costs comes with it. Companies subject to new rules must pour money, time and management resources into their compliance function and across their entire operation.
And compliance has steadily grown more expensive. Between 2016 and 2023, the amount of bank IT budgets spent on compliance increased more than 40%, according to a Bank Policy Institute report. Compliance staff and the amount of time employees spend on financial regulation compliance has grown over that period, too.
When change comes, compliance teams must assess the impact, coordinate a cross-functional response, invest in new processes, train staff and implement monitoring to ensure ongoing compliance.
During that lengthy process, firms might discover even more areas for investment, said Smarsh’s Tiffany Magri.
“Legacy systems, manual processes and fragmented oversight all become painfully visible,” said Magri, a senior regulatory adviser at the digital communications compliance platform. “In that sense, regulation acts as a mirror — and sometimes, what it reflects is years of underinvestment in digital infrastructure.”
When Deregulation Means More Work: The Compliance Professional’s Paradox
Whipsaw changes can multiply workload for compliance teams
Read moreDetailsRussell Sacks, a financial services regulatory partner with international law firm King & Spalding, noted several regulatory initiatives that have resulted in expensive change in recent years, under both Republican and Democratic administrations.
“Some of these changes include, in no particular order: requirements to clear US Treasury trading through clearing agencies; requirements that changed the standard of care for dealing with retail investors; and requirements that overhauled the rules for investment adviser communications with the public,” he said. “Each of these changes brought about enormous, industry-wide costs in terms of dollars, time and management focus.”
The implementation of centralized clearing of US Treasuries, which aimed to make the treasury market more transparent, is an example of how a regulatory change can result in a multi-year implementation process. A group of industry associations, led by the Securities Industry and Financial Markets Association (SIMFA), wrote to the SEC detailing the challenges of implementing the rule and requesting an extension for implementation. The SEC ultimately did extend compliance dates to Dec. 31, 2026, for cash market transactions and to June 30, 2027, for repo market transactions.
While it is expensive for financial services companies to comply with new rules, deciding not to invest in compliance is hardly a cost-saving measure. Regulatory action can be far more expensive than building out appropriate compliance processes.
“In 2023, there were 784 SEC enforcement actions totaling $4.9 billion in resulting actions,” Kostek pointed out.
Rules and regulations for a modern world
Change, while expensive, is necessary when dealing with technology-driven processes. Rules that reflect the realities of today’s work models and tools would be ideal for compliance teams that have to figure out how to fit modern modes of business into older regulatory frameworks. Work-from-home is a prime example; when the Covid-19 pandemic hit, remote work quickly became a necessity in finserv and other industries.
“FINRA had to write rules about how and under what circumstances people can work from home. And they had to try to accommodate that because the world changed; they did so imperfectly because rules are hard to write, especially universally applicable rules,” Sacks said. The agency is still evaluating and looking to modernize its rules around remote work. FINRA is also opening dialogue around digital communication. In April, the agency published a regulatory notice, requesting comment on its rules around digital communications channels and recordkeeping.
“FINRA is acknowledging that supervision, recordkeeping, communications and pretty much everything else needs to evolve with the times, and this could make life much easier for firms trying to manage compliance in a remote or hybrid operational setup,” said Eugenia Mykuliak, founder and executive director at prime liquidity provider B2PRIME Group.
Messaging apps like Signal, Telegram and WhatsApp have become common tools for communication in the modern world, but these “off-channel” platforms and recordkeeping requirements have been at the center of SEC regulatory scrutiny and enforcement.
“Starting in 2021, running right through 2024, we had settlement after settlement after settlement, over 100 settlements with firms — mostly larger firms — around the use of what we call off-channel communications,” Sacks said.
That kind of crackdown is of significant concern in the financial services industry, especially considering how ubiquitous those platforms have become in today’s world, though it’s unclear whether the SEC’s new chair will continue this focus.
And then there is the matter of cryptocurrency, an exciting prospect for the financial services industry but one fraught with regulatory pitfalls. Under former Chair Gary Gensler, the SEC launched 125 enforcement actions linked to crypto, according to Cornerstone Research.
Whatever way regulations change to handle the demands of the modern world, one of the most prominent complaints, particularly in the crypto space, is regulation by enforcement. Rather than facing legal action and hefty fines, financial institutions would prefer a process that helps them understand how to comply with SEC and FINRA rules.
“If the industry could get one thing from this change, it would be that there is limited or no regulation by enforcement,” said Mike Piazza, partner at business law firm CM Law and former regional trial counsel for the SEC.
What to expect from the SEC and FINRA
Financial services firms can certainly wish for a lull in regulatory change, but will that be the case? The SEC is now under new leadership. Paul Atkins stepped into the role of chairman in April, bringing with him expectations of a more business-friendly approach.
“I have had this conversation with a couple of general counsels of companies I work with; they’re optimistic if only because they do see that the enforcement agenda is going to be reduced. It’s not going to be as aggressive,” Piazza said.
But that doesn’t mean SEC and FINRA enforcement activities will to evaporate entirely: “I think you’re going to find with Atkins and his commission that they’re going to focus more on absolute, outright fraud as opposed to what I’m going to call ‘foot fouls,’ technical violations,” Piazza said.
The SEC is also taking a markedly different approach to crypto. In February, it dropped an enforcement action against Coinbase, and it has plans for new rulemaking.
“The SEC is going to move quickly under Chair Atkins to work on a ‘crypto’ regulatory framework. That is going to be a very significant market event,” Sacks said.
A new approach to enforcement and new rules leave plenty of work for compliance teams that will need to remain nimble to guide their organizations through this continued uncertainty. As always, the devil is in the details.
“We don’t know [in] three years what the environment will look like. Frankly, we don’t know what the environment will look like in 90 days,” Kostek said. “I think everybody just wants that known stability to be able to continue to operate in the way that that aligns with their goals, their objectives, their strategic vision and where the world is going today.”
Carrie Pallardy is a freelance writer and editor based in Chicago. She has more than a decade of experience writing in industries like healthcare, finance, technology and cybersecurity. 
