On the plane back from a meeting recently, I got to thinking about the complexity of compliance. The sheer number of new and evolving regulations that are coming down the road is simply staggering. Imagine having overall responsibility for understanding each of these new regulations, analysing and determining their impact on the bank and having to implement processes and technologies that will ensure complete compliance with all of them.
On top of this, from my team’s recent interactions and meetings with banks, it’s glaringly obvious that they are viewing each of these regulations in a separate and siloed way. This means a separate programme for FATCA, Dodd-Frank, MiFID II and soon-to-be EMIR, which, in turn, translates into a separate team, budget line, implementation, processes and technology solutions for each regulation. The cost and complexity of managing something like this must be phenomenal.
There has to be a better and easier way to do this!
We’re working with a number of leading banks at the moment to adopt a ‘horizontal approach’ to managing compliance with existing and new regulations. What do I mean by ‘horizontal approach’? Well, for a start, we analysed all the data that needs to be captured, the processes that need to be put in place for both existing and new clients, as well as the ongoing reporting that is a fundamental requirement for each of the regulations. As a result of this, we discovered that a consistent theme exists across all the attributes and elements that need to be captured. And with the appropriate technology, the right data structures and strong compliance and classification capabilities, we reckon that a single solution to solve all of these four regulations is achievable.
So how would this work?
Let’s take it from the top. A bank onboards a new client. As a normal part of customer onboarding, you collect data and documentation from the client to complete the bank’s onboarding and Customer Due Diligence / Know Your Customer (CDD / KYC) process requirements.
Three key pieces of data will determine the course of compliance obligations for the bank - jurisdiction (where the client is located), role (the type of entity it is) and products (the products with which they trade). A sophisticated compliance rules engine will take this information and route the client’s application to the relevant regulatory-specific set of questions that must be answered to gain compliance with the identified regulations.
Looking at data requirements further, each of the regulations – whether it’s FATCA, EMIR, Dodd-Frank or MiFID II – require or will require some sort of entity or client classification / categorisation to be performed. To do this, banks need to be able to rely on the quality of the information held or collected on the client. We advocate that banks implement a central client and counterparty data repository to securely store all client data, accounts and documentation in one location. A solution like this should also be able to track and link client identifiers, which when pulled together, creates a holistic, central view of the client data that can be used, updated and re-used to conduct future classifications for different regulations e.g. if the client changes or upsells to another product – this may require a re-classification with respect to a different regulation.
Once classification has been achieved and assuming that all other onboarding and regulatory compliance obligations have been satisfied, the client can now be successfully onboarded. But it doesn’t and shouldn’t stop there. Banks need to be able to track the client through its lifecycle with the bank and ensure that it remains in full regulatory compliance. This means being able to act on all data refreshes e.g. trading in a new or different product, change of address, change of directorship etc. and regular reviews, which may prompt a new regulatory review and re-classification.
The bottom line is that we need to make compliance far less complex if we are to succeed in complying fully with these new regulations. Researching the commonalities between each of the new regulations will help to understand how a ‘horizontal’ approach to compliance can actually work. Not only should this result in tangible savings in time, money and resources, it will also make it easier and more streamlined to manage a compliance function in an era of constant regulatory change.