CIOApplications
static-image
  • Home
  • Applications
      • Auction Software
      • Audit Management
      • Bioinformatics
      • Business Continuity
      • Business Intelligence
      • Chatbot
      • Club Management
      • Collaboration
      • CPQ
      • Custom Software Development
      • CRM
      • Data Platform
      • Digital Experience
      • e-Discovery
      • E-Signature
      • Employee Engagement
      • EAM
      • Enterprise Communications
      • Enterprise Mobility
      • Enterprise Reporting Software
      • Enterprise Search
      • Forestry
      • GIS
      • GRC
      • Human Resource
      • Indoor Positioning
      • Innovation Management
      • InsurTech
      • Intellectual Property
      • IT Infrastructure
      • IT Operations Management
      • IT Service Management
      • License Management
      • Low Code Platform
      • Maintenance Management
      • Managed IT Services
      • MarTech
      • Master Data Management
      • Order Management
      • Parking Management
      • Personalization
      • Portal Software
      • Procurement Tech
      • Publishing Software
      • Quality Management System
      • Remote Monitoring
      • Remote Support
      • RFID
      • Sales Tech
      • Software Asset Management
      • Software Testing
      • Task Management
      • Unified Communications
      • Visitor Management
      • Voice Recognition
      • Web Design and Development
      • Workflow
      • Workplace Management
  • Verticals
      • Automotive
      • Banking
      • BioTechnology
      • Casino
      • Construction
      • CPG
      • Contact Center
      • Education
      • Energy
      • Field Service
      • Fintech
      • Food and Beverages
      • Government
      • Healthcare
      • Legal
      • Life Sciences
      • Logistics
      • Manufacturing
      • Media and Entertainment
      • Retail
      • Travel and Hospitality
      • Utilities
  • Technologies
      • 3D Scanning
      • Agile
      • API
      • Artificial Intelligence
      • Augmented Reality
      • Blockchain
      • CAD/CAM
      • Cloud
      • Container Management
      • Cyber Security
      • Data Analytics
      • Data Center
      • DevOps
      • Drone
      • Graphics
      • Hyper Converged Infrastructure
      • Image Recognition
      • IoT
      • Lidar
      • Machine Learning
      • Machine Vision and Imaging
      • Nano Tech
      • Networking
      • Predictive Analytics
      • PropTech
      • RF and Microwave
      • Robotic Process Automation
      • Robotics
      • Security
      • Simulation
      • Smart Labelling
      • Space Tech
      • Telematics
      • Virtual Assistant
  • Company Eco System
      • Adobe
      • Amazon
      • Avaya
      • ESRI
      • Google
      • IBM
      • Infor
      • Microsoft
      • Mitel Partners
      • National Instruments
      • NetSuite
      • Oracle
      • Progress
      • Qlik Partner
      • Riverbed
      • Salesforce
      • SAP
      • ServiceNow
      • SiteCore
      • Splunk Partner
      • VMware
  • News
  • conferences
  • Newsletter
  • Whitepaper
  • About us
  • Specials

  • Menu
      • Amazon
      • Artificial Intelligence
      • Auction Software
      • Blockchain
      • CAD/CAM
      • Club Management
      • CPQ
      • Digital Experience
      • E-Signature
      • Education
      • Energy
      • Enterprise Mobility
      • Food and Beverages
      • GRC
      • Healthcare
      • Image Recognition
      • Indoor Positioning
      • Infor
      • Intellectual Property
      • IoT
      • Legal
      • Lidar
      • Logistics
      • NetSuite
      • Personalization
      • Predictive Analytics
      • Quality Management System
      • Remote Monitoring
      • Retail
      • RF and Microwave
      • Riverbed
      • Simulation
      • Task Management
      • Utilities
      • VMware
      • Workflow
  • VMware
  • Amazon
  • Artificial Intelligence
  • Auction Software
  • Blockchain
  • CAD/CAM
  • Club Management
  • CPQ
Specials
  • Specials

  • Amazon
  • Artificial Intelligence
  • Auction Software
  • Blockchain
  • CAD/CAM
  • Club Management
  • CPQ
  • Digital Experience
  • E-Signature
  • Education
  • Energy
  • Enterprise Mobility
  • Food and Beverages
  • GRC
  • Healthcare
  • Image Recognition
  • Indoor Positioning
  • Infor
  • Intellectual Property
  • IoT
  • Legal
  • Lidar
  • Logistics
  • NetSuite
  • Personalization
  • Predictive Analytics
  • Quality Management System
  • Remote Monitoring
  • Retail
  • RF and Microwave
  • Riverbed
  • Simulation
  • Task Management
  • Utilities
  • VMware
  • Workflow
×
#

CIO Applications Weekly Brief

Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from CIO Applications

Subscribe

loading
  • Home
  • GRC
Editor's Pick (1 - 4 of 8)
left
Balancing Compliance and Operational Efficiency

Balancing Compliance and Operational Efficiency
Andy Newsom, CIO, CSL Behring

Build a Cyber Security Ecosystem to Reduce Risk in the Public Sector

Build a Cyber Security Ecosystem to Reduce Risk in the Public Sector
Jonathan Behnke, CIO, City of San Diego

Digital Innovation Energizes Global Compliance Management

Digital Innovation Energizes Global Compliance Management
Daniel Hughes, CIO, Elementis Global LLC

Leveraging Compliance to Your Advantage

Leveraging Compliance to Your Advantage
Mark Bloom, Global CIO, Aegon [NYSE: AEG]

Data Analytics: Driving Actionable Business Improvement

Data Analytics: Driving Actionable Business Improvement
Rich Richardson, VP & CIO, Spirit AeroSystems

Innovative Digital Support to Leverage the Banking Sector

Innovative Digital Support to Leverage the Banking Sector
Wanderley Baccala, CIO, Banco Original

Compliance Technology - The Holy Grail

Compliance Technology - The Holy Grail
Bob Walsh, Deputy Chief Compliance Officer & Chief Financial Crime Officer, AXA Group

A Day in the Future - Tomorrow's Tasks and Reality of a GRC Officer

A Day in the Future - Tomorrow's Tasks and Reality of a GRC Officer
Patrick Henz, Head of Governance and Compliance, Primetals Technologies

right

Thank you for Subscribing to CIO Applications Weekly Brief

Another Spin to Regulatory Compliance. The Hidden Potential of Structured Documentation

By Anastasia Dokuchaeva, Head of Partnerships, Clausematch

Tweet
content-image

Anastasia Dokuchaeva, Head of Partnerships, Clausematch

By 2020 there will be 90,000,000 paragraphs of rules published by global regulators. MiFID II is now in force, GDPR is only a few months away, BREXIT is looming large on the horizon and that is just to name a few. This makes it an unprecedented time for compliance in the heavily regulated financial services industry. Or perhaps this is the “new normal” as it is rightly regarded.

Regulations have a profound impact on the industry and its participants. Everything from policies, procedures, products and internal risk controls are affected within enterprises, yet there remains a great disconnect between them. Developments in this area include initiatives such as the recently completed TechSprint. This time the fourth annual collaboration focused on model-driven, machine executed, regulatory reporting. The proof of concept involved taking a small subset of reporting rules from FCA and PRA handbooks and proving that it can successfully structure them and make them machine-readable and executable, pulling required information directly from a firm.

While such initiatives are exciting and much needed, there is still a lot of work to be done and many more regulators to get involved. In the meantime, financial services firms struggle with manual “gap-prone” projects in response to an increasingly complex, constantly changing regulatory environment. The compliance requirements are getting stricter, the reporting is ever more demanding and places a much greater emphasis on overall transparency and accountability.

Firms are trapped in a daily feedback loop of gathering regulatory changes, interpretation and assessment of the impact it has on business.

A small firm operating locally would be watching updates from only a handful of relevant authorities. But a global bank with branches worldwide would be aiming to comply with 500 plus regulators, as an example. Industry-leading vendors and aggregators like Thomson Reuters (TRRI) and RegDelta by JWG can help gather a respectable percentage of that list, albeit unlikely all. Coverage will vary, but typically be somewhere up to 375-400. While someone like TRRI will likely provide stronger coverage of various authorities across multiple jurisdictions, the latest innovators leverage technology to offer deeper analytics at the article-by-article level.

Regardless of the technology, a large portion is still done manually either internally or by outsourcing to other service firms with the right technology and subject matter expertise. In this day and age, a typical manual process looks surprisingly basic, profoundly risky and tedious. It’s a labour intensive process that will kick off with dedicated personnel who will be assigned respective regulators to watch. Each day, usually twice (once in the morning and again in the afternoon), they will go to the regulators’ websites and pick up all documentation new from the previous time they visited. The documents are then manually pushed through and joined with other vendors’ data.

They agonize over if they have captured all the information relevant to them or whether they have missed something that will haunt them later. Unfortunately, this question usually goes unanswered forever. Missed or not, the initial analysis will be completed to identify the watchlist. The complexity does not end there. Then begins the discovery process of what these regulations mean in layman terms.

Processes vary between companies, but once a new directive, regulation, guidance or recommendation passes the initial assessment and makes it into firms internal watchlist, the work really begins. The piece of text has to go through impact assessment to understand what areas of business, products or services it has an impact on. With the advice from internal and external lawyers and consultants, it is then interpreted in terms of what they think the regulator wants and what it actually means to them. Dozens of highly qualified lawyers conduct impact assessments, which could take anywhere between 6 to 10 weeks. The whole endeavour is a logistical and human resources nightmare, and not to mention incredibly costly.

When we survey financial institutions about how many people are involved in these processes, we receive neither clear and consistent answers nor exact figures. Two people from same company asked in the same meeting will quote very different figures. While one might say “7 to 9 people”, it may be immediately contradicted by another person saying “more like 300 to 400, depending on how you count”. In reality, no one knows, for various reasons.

Eventually, all the interpretation, impact assessment and consultations, lead to the formation of projects. Each one will be allocated a task force with ownership and responsibility assigned to the business. In turn, they will be tasked to implement change, eliminate or correct the course. At this stage, compliance becomes its own project, demanding man-hours and oversight like any other critical initiative. It is time-consuming and inefficient, and the numbers tell us that it doesn’t work.

The 50 largest EU and US banks spent 321 billion dollars on fines between 2009 and 2016. These penalties will only become more onerous as regulation increases.

A recent survey found that 90 percent of firms believe they are at either high or medium risk of not being fully compliant with the 2018 MiFID II deadline, as an example. The industry struggles to appropriately implement regulatory changes within the business. And fixing this problem has never been more vital. In the 21st century, banks must move with the times or risk drowning in regulation.

If one looks closer to what the fines are for, it is mainly due to poor conduct. And this means firms are failing at best practices around enterprise risk management (Three Lines of Defence) Fundamentally, it means not having strong and robust corporate governance program.

Governance has been a big theme for the industry in the recent years. Perhaps further encouraged by principles like the ones written in BCBS 239, the last 3-5 years saw the rise in focus on data governance for regulatory reporting. This included many initiatives on data standards including Legal Entity Identifier and the extension of ISO 6166 (ISIN, CFI and FISN) to account for transaction reporting of OTC derivatives under MiFID II, a lot of thought leadership on data connectivity, as well as many new solutions around data lineage and data visualization.

However, less has been done around developing corporate governance framework. Business operating procedures, group policies, systems and controls, contracts and documentation hold significant insight into risks, how businesses operate, how they implement regulatory change and the decisions made along the way, and as such play a huge role in compliance. Yet, how to capture all of this data for evidencing and providing detailed information in a structured way is less understood. A further spin to this would be how to automate this so as to reduce human-intensive processes prone to errors, and to smartly position the business to prepare for the eventual move by regulators towards machine-readable rulebooks.

We are fortunate to witness the change being driven by the innovation occurring within the RegTech space, and a lot of energy being invested in working on the most difficult issues discussed here. Changes in regulations are reflected in massive changes in documentation. We at ClauseMatch are even more fortunate to see it from the inside and take an active role in addressing these challenges. Tasked by a top-tier bank, we are building a RegTech solutions ecosystem to automate the whole regulatory change lifecycle for the global bank, bridging the gap between fast changing regulations and internal policies, procedures, and controls.

Charles Dudley Warner said, ‘Everyone complains about the weather, but no one does anything about it.’ ClauseMatch is excited to be at the forefront of solutions that will take the industry through the changeable weather of shifting regulation.

 
See Also: Top Audit Management Consulting Companies 
tag

Legal

Read Also

Data Analytics: Driving Actionable Business Improvement

Data Analytics: Driving Actionable Business Improvement

Rich Richardson, VP & CIO, Spirit AeroSystems
Innovative Digital Support to Leverage the Banking Sector

Innovative Digital Support to Leverage the Banking Sector

Wanderley Baccala, CIO, Banco Original
Compliance Technology - The Holy Grail

Compliance Technology - The Holy Grail

Bob Walsh, Deputy Chief Compliance Officer & Chief Financial Crime Officer, AXA Group
A Day in the Future - Tomorrow's Tasks and Reality of a GRC Officer

A Day in the Future - Tomorrow's Tasks and Reality of a GRC Officer

Patrick Henz, Head of Governance and Compliance, Primetals Technologies

Weekly Brief

loading
ON THE DECK

GRC 2019

Top Vendors

GRC 2018

Top Vendors

GRC 2017

Top Vendors

Previous Next

Featured Vendors

  • OCTOPUS: Unifying Security Management for A Safer Tomorrow
    OCTOPUS: Unifying Security Management for A Safer Tomorrow
  • ITSourceTEK: Implementing and Automating GRC
    ITSourceTEK: Implementing and Automating GRC
  • Allgress: Navigating GRC Complexity through A Bonafide Integrated GRC Platform
    Allgress: Navigating GRC Complexity through A Bonafide Integrated GRC Platform
  • ViClarity: Solid Foundation for Risk and Compliance Monitoring
    ViClarity: Solid Foundation for Risk and Compliance Monitoring

Copyright © 2019 CIOApplications. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy |  Sitemap  |  Subscribe

follow on linkedin follow on twitter follow on rss
This content is copyright protected close

However, if you would like to share the information in this article, you may use the link below:

https://grc.cioapplications.com/cxoinsights/another-spin-to-regulatory-compliance-the-hidden-potential-of-structured-documentation-nid-2176.html?utm_source=clicktrack&utm_medium=hyperlink&utm_campaign=linkinnews