1

When It Comes to Compliance, Evidence Is Everything

Why CCOs Need Compliance Evidence

A version of this article originally appeared in Financial Planning.

Compliance is a fraught topic for many financial professionals. Getting it right is of the utmost importance, and there’s often strenuous debate around the best way to build a robust program. There’s lots of talk about Chief Compliance Officer liability and the perils of outsourcing, but you must separate your fear from your actual needs.

When it comes to compliance management and malfeasance, evidence is everything, and technology can prove invaluable.

 

Technology Keeps Everyone Aligned

Regulated firms and those that rely on consultants, third-party administrators, law firms or others to handle compliance can reduce the risk of lapses by leveraging software solutions designed to manage compliance programs better.

Many firms cobble together a combination of manual processes and legacy tools to manage compliance. However, siloed solutions fail to deliver true enterprise visibility, efficiency and processing accuracy.

 

Your Technology Solutions Need Not Be Custom…

Consultants and registrants may not realize there is no need to develop compliance management software and business processing workflows from the ground up.

The question of whether to buy or build compliance management tools follows the path of other functions that once seemed unlikely to be automated, such as portfolio rebalancing. Early software innovators anticipated the role that compliance technology could increasingly play.

 

…But Quality Matters

Perhaps a form of fiduciary rule should apply when it comes to technology. The questionable quality of tools on which a firm or consultant relies can leave a firm exposed in the event of a compliance breach.

Indeed, regulators examine the quality of a firm’s compliance program to determine the scope of culpability if a lapse occurs. And in a growing number of enforcement actions, examiners have required defendants to retain an independent compliance consultant that is “acceptable.”

This suggests that regulators rely on qualitative criteria when assessing a firm’s compliance program. It also indicates that technology-powered tools could serve as valuable evidence of a firm’s effort to maintain a culture of compliance in case of a breach, routine inspection or exam sweep.

 

How to Assess Your Compliance Tech Options

High-profile improprieties such as cyber-security lapses, failures to disclose hidden fees or conflicts of interest, and trading malfeasance have made compliance a priority.

Thus, financial firms and consultants should adopt compliance management software that helps:

  • Proactively identify, mitigate and manage compliance risk.
  • Actively maintain and document policies and procedures tailored to the firm.
  • Provide evidence that the compliance program has been reasonably designed to prevent, detect and address regulatory violations.
  • Maintain fluid communication between employees and supervisory staff.
  • Conduct and document periodic and annual compliance reviews and testing.
  • Mitigate disruption from key persons or turnover risk.
  • Demonstrate that the firm is making a good faith effort to maintain a culture of compliance.

 

Why Proactive Investment in Compliance Pays

Registrants and consultants may be at a competitive disadvantage if they rely on legacy, proprietary or manual methods to manage compliance.

As the debates surrounding CCO liability and compliance outsourcing continue, firms that invest in technology can enjoy a competitive advantage. Consultants may even come to view technology as a source of added revenue, allowing them to recalibrate their fees based on competitively differentiating reporting and service levels.

Regardless of your role in maintaining compliance — whether as the firm’s internal champion, a founder or executive, or an outside consultant — technology is a powerful tool to help you succeed. Technology allows financial firms and consultants to provide evidence of the quality of any compliance program they manage.

 

2029-OAT-10/26/2022