Vivek Dodd, co-founder of Skillcast, discusses how regulatory technology (RegTech) can help businesses avoid fines, breaches, reduce costs and deliver Return on Investment (ROI)
According to Thomson Reuter’s ‘Cost of Compliance’ report, 62% of firms expect their compliance spend to rise over the next year, but many fail to make the best of this investment.
There’s an inherent tendency within many businesses to rely on manual batch solutions to track and store data: most data protection officers admit that Excel is their first port of call when recording their processing activities, despite 82% agreeing that this isn’t the best tool for the job.
This was no more evident than with the recent NHS Track and Trace fiasco, which highlighted the high risk of human error within manual processing programmes very publicly.
Too many firms rely on tired ways of evidencing crucial insight – and in the case of tracking individual and firmwide compliance, they risk underselling their regulatory efforts, and worse still, risk falling below FCA expectations.
The FCA handbook states that a firm must:
- Make an up-to-date record of the continued professional training or development completed by each relevant employee in each 12 month period.
- Retain that record for not less than 3 years after the relevant employee stops carrying on the activity.
- Be in a position to provide any version of the record to the FCA on request.
It’s widely anticipated that the regulator will review business practices after the pandemic. With four in five executives anticipating remote working to continue in the long term, firms will do well to sharpen the pencil now. In warning of severe consequences on market abuse, the FCA stated that in adjusting to remote working, firms must have “refreshed their training and put in place rigorous oversight reflecting the new environment.”
Compliance is now a personal responsibility
Regulation is one of the few certainties of an uncertain market, so it’s little surprise that compliance professionals are bracing themselves for an increased focus on managing regulatory risk.
Senior banking employees run the risk of being charged with misconduct in the event of a regulatory breach without supporting evidence that they took reasonable steps to prevent this. The regime now spans the full financial sector. No matter how challenging firms may find it operating remotely, there’s little wiggle room in ensuring their people comply – regardless of how they and their customers engage.
The FCA has made it clear that the onus is on businesses to monitor and evidence staff compliance. However, simply completing training programmes does not evidence understanding, and as staff roles and responsibilities evolve, so will the information they need to have studied and absorbed. Businesses must ensure that all gifts, external donations and interest and staff attestations to policies and procedures have been declared before they can confidently say that their house is in order.
COVID-19 is not a get out of jail free card
In its annual Business Plan, the FCA stated, “As with all other areas of the plan, the shape and scope of our action is likely to be significantly affected by coronavirus.”
The pandemic has meant that remote-working is now the new normal, bringing an urgency for firms to ensure watertight staff compliance across the board.
UK workers have now become well-versed in operating from their homes. Bedrooms have been reconfigured as office space, broadband has been tested to the limit and opening up your home to colleagues on Zoom has become commonplace.
The FCA hinted that it will do a full review on somewhat rushed processes and procedures instilled as businesses and their customers made the monumental shift online last spring.
And while it pledged to keep firms updated, it is in businesses’ interests to ensure they operate with the strictest processes and procedures, with optimum staff awareness and engagement.
Businesses are well aware of this, and many have done well to invest in new training programmes delivered online. But despite their efforts, an alarming number of firms are falling at a very simple hurdle: keeping adequate records of their compliance journeys.
The birth of RegTech
In the wake of the financial crisis of 2008, financial regulators wanted to ensure the industry would not face the same problems again. New regulations were put in place to improve risk controls, maintain capital and create a more transparent financial sector.
With an increased focus on managing risk and complying with stricter rules, the financial industry needed to find new ways to adapt. On top of this, technology was advancing; meaning much more was possible.
In 2015, the FCA coined the term RegTech, stating that their aim was to “encourage the development of these technologies as they could benefit consumers and the wider industry”.
Now RegTech refers to the agile technologies helping financial services firms, their employees and those they deal with to understand regulations, manage risks and achieve higher levels of compliance.
How an integrated portal can deliver compliance ROI
Digitising compliance records is vital for accurately evidencing regulation. Integrated compliance platforms have revolutionised compliance recording and adherence within both established and growing businesses, giving users the capacity to harvest valuable insights and stem compliance gaps and regulatory hotspots at the earliest opportunity.
- Streamlining processes, reducing repetition, creating consistency and allowing scale
- Consistency in user experience, making tasks easier to understand and complete
- Reducing compliance gaps through automated assignment of task and responsibilities
- Unifying personal data records to simplify compliance with GDPR and DPA 2018
- Creating singular points of integration with key business systems
Turning compliance into a competitive advantage
By ditching those spreadsheets and leveraging the power of RegTech, FS firms will also benefit from unlocking profit-making data hidden in customer interactions.
Understanding customer interactions and turning data into actionable insights underpins customer care, drives more effective sales messaging and improves training as well. As a result, firms’ ability to target, sell and serve customers will improve significantly, providing a unique competitive advantage.
Firms are now starting to incorporate RegTech into their wider business strategies. Rather than merely being measured against their regulatory obligations or viewed as a necessary business cost, compliance teams are now better placed than ever to provide tangible commercial value that benefits other areas of the business.
Other quick wins from using RegTech
Assigning courses at scale becomes easy, and gaps are not missed by aligning course based on pre-defined roles – vital for SMCR.
Visibility of time spent completing courses may raise red flags. For instance taking longer may point to a lack of understanding, whilst too fast may suggest a lack of attention.
By making courses adaptive, you can reduce the time spent by employees on unnecessary or repetitive training.
Multi-device solutions will allow your employees to train on the go. And by adding microlearning to the equation they can use their time even more efficiently.
Registers are essential to the continuity of compliance as employees and expectations evolve, whether from recording gifts and hospitality, to citing charitable and political donations or external business interests. Hierarchies can be created to escalate approvals, spot red flags and even auto-approve based on simple criteria.
Company policies & compliance declarations
Firms need to record employee conformance to policies, procedures and guidelines as well as declarations that underpin their conduct. Not only can you check they are read and agreed with, you can distribute them in local languages.
What have we learnt?
There are tangible benefits in using RegTech to manage compliance. Early adopters of these new technologies will be able to radically transform their compliance, turn it into a competitive advantage and see a high ROI.