This article was written by Tom Fox, renowned author, blogger, columnist, and speaker, also known as the Compliance Evangelist. It was originally published on FCPA Compliance & Ethics Report supporting a special 5-part podcast series originally aired on Compliance Podcast Network. Tom sat down with Phil Fry, VP of Go-to-Market Strategy at Verint, to talk about how Verint is changing the future of financial compliance by challenging accepted wisdom through capture, control, sustainability, and oversight.
Sustainability in this compliance context does not mean going green, an ESG initiative or something else along those lines. Rather this is managing constant change and moving your compliance organization; its resources, technology, practices, procedures, data, skills etc. to a place where they run effectively and efficiently, without undue drama, all the while as compliance risks are minimized.
Here Fry related “I’m well aware that many compliance officers will be listening to this and thinking “Yeah! That’ll never happen…” and in some respects they may be right. I don’t think there is currently a perfect, all-encompassing way of dealing with all of the many facets of managing compliance and the underlying technology, that will never suffer occasional blips, or be caught out by an unusual set of circumstances or unexpected regulatory or business change. But it’s worth thinking about how it is possible to move away from an environment in which compliance teams are constantly “fire-fighting” or struggling to keep pace with the workload.”
If there is one thing that is constant across the regulatory, business and compliance landscape, it is change. This means sustainability from the compliance perspective is not about transforming one thing, at any one time. I asked Fry to consider technology. He admitted, “I spend my time looking at the technologies employed in compliance and imagining how things might look if we can be bold about future possibilities and exploit the best that is on offer. Partly to set the backdrop for our march forward, but also to make sure that we can plot an attainable route from where we are to where we want to be.”
Indeed it by such an introspection that you can consider the way forward. This is not a Back to the Future view but it is a company’s data where its real value is; are not going to disappear overnight, even if new ones are in place and operating smoothly. So for Fry, when he is thinking about sustainability, it is about “how we make that transition – from current to future state – in a way that is as smooth and un-disruptive as possible.”
A key is facilitating the retention and migration of data in a way that does not compromise its usability or usefulness but allows a corporation to move forward more expeditiously. Fry believes “one of the biggest barriers to embracing new, better ways of working has been the desire, the need, to preserve access and use of data gathered over long periods and stored in existing solutions’ databases. So I’m a huge proponent of adopting open standards and ensuring that the new capabilities we create are equipped with a rich library of open APIs and tools that will allow them to inter-work with external systems and to use and exploit data that has been gathered and stored in legacy systems.”
Compliance teams should look for this approach because it is difficult to know the next business environment that becomes high risk due to regime change. Moreover, in many areas of compliance, in both financial regulation and others such as export control and trade sanction, regulations are changing literally on a daily basis. Being able to move data and process steps around, using open interfaces, can help you insulate your business against some of that uncertainty and more importantly regulatory or reputational risk.
Financial services is a fast-moving, dynamic and ever-volatile world. The only thing we can guarantee about the future is that everything will change. So, achieving sustainability also hinges on the capability to cope with those changes and developments, without them causing undue disruption. Moreover, disruption can be caused by simple, workaday things like the constant flow of additions and amends that happen to staffing rosters. This is about more than issuing new user IDs or cancelling obsolete ones because it affects your recording and interaction capture, the configuration and application of communication and trading policies, and how they’re monitored and policed. Managing these changes, and too often the fallout of them being missed and NOT applied when needed, creates a significant burden – and an area of compliance risk.
The same goes for verifying the operation of the infrastructure, which will always be a complex blend of technologies and solutions. Fry related that it “has multiple points of potential failure – recording platforms, databases, physical devices such as Dealerboards and computers, etc. Physically walking-the floor to check the operation of these components is not only time-consuming, it’s fraught with risk. These are areas where some of the latest automation solutions have a lot to offer. Variability is the enemy of compliance, and automation excels at carrying out high-volume, repetitive tasks with absolute accuracy and consistency.”
Fry concluded by discussing the importance of culture. While the Justice Department has made clear its views on the importance of culture in the Evaluation of Corporate Compliance Programs, 2019 Guidance, Fry considered it from the in-house compliance perspective. He said, “Plenty of experts and commentators have commented that digital transformation is as much, if not more, about transforming the organization’s culture as it is about the technology you introduce. And this is an important facet for financial services businesses too. Understandably they are likely to err on the side of caution, because they fear that too large a step away from the status quo, may increase their risk of being caught out. Throwing more resources at the problem has been a common response to the increasing regulatory burden, but it’s not sustainable (that word again) in the long term.” He ended by stating “we need to work at getting all stakeholders – not just the compliance team – on-side to the notion of taking a series of radical-looking steps forward.”
Stay tuned for the next blog where we take a deep dive the into how to maintain oversight – bringing together a variety of data and analysis from across an organization.