Expensive shortcuts in the quest for compliance tech
Compliance today is really all about data, and compliance management will inescapably require highly sophisticated software in future, says Nicolas Espinoza at Advisense Reg & Tech. To stay competitive and manage available resources effectively, financial companies will need to bring on a whole new breed of experts: legal technologists.
According to the Cost of Compliance Report 2022, Banks spend up to 10 percent of their top line revenue on compliance related activities, corresponding to approximately 250 billion USD worldwide.
With additional regulatory requirements ahead, a persistent challenge faced by most organizations to present a culture of compliance to investors, and on top of that, compliance screening in relation to procurement of reg- and fintech solutions, the cost of compliance is expected to increase in the next 12 months.
Meanwhile, the gap between compliance outcomes and technology remains persistently wide.
According to Dr Nicolas Espinoza, CEO of FCG Reg & Tech, with 20 years of experience in decision science, risk management, and analytics, common issues are rooted in the procurement process, as well as in the limitation of time and resources.
Typically, a Chief Risk Officer or the CEO will initiate a budget-driven process whereby a project manager is tasked to lead a procurement process in which various vendors are assessed.
However, when the process is initiated without distinct predefined user- or functionality requirements in place, or even without general principles for the assessment, these processes may lead to expensive shortcuts, says Espinoza.
A common strategy is to read sector reports from various analysis firms, and take decisions based on that what seems to work for others, assuming that must also work for you. However, this is a form of collective maladjustment and a very costly gamble.
Nicolas Espinoza
Many organizations are struggling to understand and deal with the impact of regulatory compliance while simultaneously trying to implement IT-systems to mitigate that impact. Modern banks today will ideally have a technical department to manage this, working in parallel with a compliance department tasked with specifying the requirements that processes and systems should satisfy.
The knowledge gap between these two areas can be significant, and what should be the most suitable solutions tend to get lost in translation. Typically, the compliance officer working with a regulatory mindset and the tech-speaking systems architect may fail to arrive at a common understanding of the issues at stake. In the absence of an accurate and workable understanding of a defined specific problem and corresponding solutions, financial companies may resort to a compromising reliance on systems vendors based on claims that their software can meet most or all their needs.
Considering the steady stream of new regulatory requirements, corresponding internal processes and procedures that need to be in place are likely to only become more complex, and as a result necessitate increasingly advanced technical solutions. To stay competitive and manage available resources effectively, financial companies will need to bring on a whole new breed of experts: legal technologists.
Compliance today is really all about data, and we are already beyond a point of no return. As such, compliance management will inescapably require highly sophisticated software that enables automation, data orchestration, data lineage, and advanced analytics. The legal technologist as a function and capability must be able to assess the two most important aspects of compliance systems: the ability to manage compliance effectively, and adequacy in terms of being compliant with data processing and privacy regulations. Both aspects require deep understanding of how legal compliance is applied technologically and vice versa.
Nicolas Espinoza
Some recommendations that can be helpful to avoid costly shortcuts and expensive decisions may sound obvious but remain considerable challenges in many financial companies:
- Understand the core issue and needs, and only thereafter set requirements specifications
- Establish scenarios and in parallel with the procurement process, understand existing processes which very often are not even properly mapped out.
- Design future processes that enable upcoming regulatory obligations. This may include multiple aspects, including workflow automation and machine learning-assisted decision orchestration.
References: Thomson Reuters Cost of Compliance Report 2022