The rapidly changing use of technology has been described as an inflection point for financial services and it is one which compliance officers need to prepare for in terms of not only the future shape of their firms, but also changing regulatory expectations. To thrive in the new fintech age, firms (and regulators) would be well advised to undertake an IT skills audit that highlights and begins to remediate any gaps. Thomson Reuters Regulatory Intelligence examines the role of the compliance officer in liaising with regulators and managing risk amid the rise if fintech.
Thomson Reuters Regulatory Intelligence conducted its eighth annual cost of compliance survey in Q1 2017. The record rate of nearly 900 responses was received from practitioners worldwide, including Asia, Australasia, Canada, Europe, Middle East, United Kingdom and the United States, representing firms across all sectors and sizes of the financial services industry including asset management, insurance, banking and investment.
[For more from the report’s authors on the results of the survey, view “Cost of Compliance 2017: Are Budgets Reaching Their Peak?” and “Cost of Compliance 2017, Part 2: Typical Week of a Compliance Officer.”]
Compliance officers have always been the front line when liaising with all relevant regulators. While regulators are often choosing to speak to a far wider range of senior managers and individuals in a regulated firm, it is the compliance officer who is the central figure in building and maintaining all regulatory relationships. In a world of regulatory uncertainty, culture and conduct risk, personal liability and a “judgment-based” approach to supervision, firms, now more than ever, need in-house compliance skills and experience to ensure strong working relationships with regulators, supervisors and policymakers.
Given the levels of regulatory uncertainty and the potential for widespread regulatory change, this year’s results were surprising in that 41 percent of respondents expect the time spent liaising and communicating with regulators and exchanges to be the same as today in the coming year. The G-SIFI response was very much in line with the wider population, with 39 percent expecting the time spent liaising with regulators to be the same as today. Thirty-nine percent of G-SIFIs also expect to spend more time liaising and communicating with regulators and exchanges, of which 13 percent expect significantly more.
The top three reasons given by those expecting to spend more time liaising and communicating with regulators and exchanges are:
- Need to understand changing regulatory expectations
- Increased information requests from regulators
- More onerous regulatory and reporting requirements
Respondents were asked for more detail on the reasons behind their expectations regarding the time to be spent liaising and communicating with regulators and exchanges in the coming year. The proposed deregulation program announced by the Trump presidency is cited at both ends of the spectrum – as a reason for both less communication with regulators and more.
It may be that once deregulation is complete, there will indeed be a reduction in the amount of time U.S. firms spend liaising and communicating with regulators and exchanges, but in the short term, there is likely to be an increased need for firms to engage with policymakers over any proposed changes. Given the likely swathe of change which will need consideration by and response to from U.S. firms, it is perhaps surprising that half (49 percent) of North American respondents expected to spend the same amount of time liaising with regulators in the coming year. Many firms would be well advised to engage in a lobbying program, as discussed in the Regulatory Change and Uncertainty section, to seek to ensure that the future rule book will not be unduly onerous even in its deregulated state.
Other reasons given for increased liaison and communication with regulators and exchanges revolved around license and business changes.
Managing Regulatory Risk
The capacity and capability of firms to manage regulatory risk remains critical in the year ahead. The expanded remit of compliance functions makes their role as vital as ever in helping senior managers understand and manage the wide-ranging regulatory risks they face, from cyber resilience through to embedding a culture of compliance. This is reflected in the 70 percent of respondents who expect the regulatory focus on managing regulatory risk to increase in the coming year (including 20 percent who expect a significant increase).
The main reasons given for the expected increase are continued regulatory change and the regulatory focus on culture and conduct risk, which is echoed by the fact that 69 percent of respondents overall are expecting more compliance involvement in the implementation of a demonstrably compliant culture and tone from the top in the coming year. A view consistently expressed across every region.
The expectations of an increased focus on regulatory risk have risen year-on-year in every cost of compliance survey, but it is notable that for the first time, the level of expected increase has reduced. It is clear that regulatory focus is already high and staying high but may have reached a peak, reflected in the fact that there has been a 50 percent decrease in compliance officers expecting a significant increase in focus on regulatory risk from 42 percent in 2011 to 20 percent in 2017.
Respondents were asked for the reasons to support their expectations and it is evident these are predominantly driven by political factors.
For the minority of firms expecting a decrease in the focus on regulatory risk this was:
- Overwhelmingly due to changes in the U.S. administration and an expectation that President Trump would roll back or reduce the regulatory burden on firms
- Because of other reasons cited including an increased focus on commercial profit and the end of historic conduct issues
Factors driving the expected increase in focus on regulatory risk include:
- The impact of Brexit
- Company growth; increased regulated activities being undertaken or in wider jurisdictions
- Increased board appetite for compliance involvement and awareness
- Increased regulatory scrutiny
- Regulatory changes by the new U.S. administration
- Increased focus by stakeholders due to the risks they are facing
- The investment into automation of compliance
While the total percentage of G-SIFI firms that expect the regulatory focus on managing regulatory risk to increase has largely remained the same as last year’s results (73 percent in 2017; 72 percent in 2016), the percentage of G-SIFIs that expect a slight increase over the next 12 months has risen by 22 percent, to 58 percent (36 percent in 2016). The percentage of G-SIFIs that expect managing regulatory risk to significantly increase has fallen by almost the same difference, to 15 percent.
Regionally, almost a quarter of firms in Asia (24 percent) still expect a significant increase in focus on managing regulatory risk over the next 12 months, compared to 14 percent of firms in the U.S. and Canada.