Commentary Aug 03, 2022 at 07:44 AM Share & Print
What You Need to Know
- Getting compliance right by making it more real-time, fluid and dynamic requires compliance functions to be fully embedded in business workflow.
- Implementing a system that runs continuously across every record dramatically helps firms mitigate the risk of noncompliant data practices being discovered before an audit.
Wealth managers understand more needs to be done to meet regulatory standards. Technology that provides a rules-based ecosystem is key to top performance.
Securities and Exchange Commission Chairman Gary Gensler announced in May that the commission would consider requiring broker-dealers to adopt measures that address cybersecurity risks “very similar” to the agency’s proposal issued earlier this year for investment advisors.
Proposals including a requirement to report significant cybersecurity incidents within 48 hours have the industry asking whether it’s prepared to deal with mounting regulations, audits and due diligence — without creating extra work for wealth management teams.
The new requirement is just one of many: We witnessed a fresh round of regulation updates affecting marketing and social media communications that may go into effect later this year.
This comes after Reg BI — the “best interest” advice standard the SEC introduced in 2019 and took effect in 2020 — which has brokers preparing for an exam sweep that evaluates firms’ compliance.
Wealth management wants and needs to modernize compliance supervision — and several RegTech providers support this movement. But getting compliance right by making it more real-time, fluid and dynamic requires compliance functions to be fully embedded in business workflow. The right solution would be able to provide this capability seamlessly.
Don’t take a gamble with random sampling. Government agencies conduct random audits of financial records to determine whether a firm complies with the rules.
Random audits are increasingly common, which means any evidence of nonconformance with regulatory obligations can expose firms to official sanctions and reputational damage.
Many firms review records using a similar random sampling method, leaving firms vulnerable by design. Put differently, if a firm does not randomly sample the same documents or files a regulator randomly selects in an audit, this firm is vulnerable to regulatory consequences.
If firms don’t use smart workflow automation to embed compliance tasks and requirements into standardized, repeatable processes that are also responsive to new inputs, they run the risk of compliance taking place retroactively. By not embedding these safeguards into every aspect of the workflow in real time, firms are more susceptible to risks.
Implementing a system that runs continuously across every record so that it’s not a random sample, but rather a full review of every client in the database, dramatically helps firms mitigate the risk of noncompliant data practices being discovered in exams.
Technology that’s compliant by design and allows firms to nip the problem in the bud while avoiding costly mistakes is the answer.
Working in conjunction with smart workflow automation, augmented intelligence can provide a rules-based ecosystem that allows a firm to embed compliance throughout its system, placing its most critical compliance needs, such as cybersecurity, in the foreground of all its workflows.
Augmented intelligence also knows how to get out of the way — catching the attention of the right employee at the right time, while continuously monitoring the entire network for possible breaches. Much like a lifeguard on a crowded beach, augmented intelligence sees everything while allowing activities to unfold but stays ready to jump in the water to save a life.
The pandemic accelerated cloud adoption in unexpected ways. Firms had to scramble to adjust to a new work environment. Advisors who are part of a scaled network that traditionally required them to work in an office started to and continue to work remotely today.
These advisors need a nimble cybersecurity compliance platform that guards against cloud cyberattacks while providing system and communications protection, as well as access control in the form of multi-factor authentication.
Whitelisting IP addresses also helps compliance teams gain control of who has access to the network. All personally identifiable information in transit should be encrypted while shipped from user input to a data center. When it comes to being compliant by design, the solution lies embedded in the details of a smart workflow informed by augmented intelligence ecosystems.
Do the Right Thing First
The chief compliance officer at a wealth management firm is often the last line of defense. This C-suite executive does not have the capacity to be in every conversation or to evaluate every piece of data captured by the system.
But by identifying, managing and treating risk in the context of a workflow rules capability — and accessible through a role-based app or a dedicated workspace that allows users to view information on a dashboard aligned with their top data priorities — firms can allow technology to maintain a first line of defense.
Once such a system is in place, compliance officers can access the updates they need. Because this information is holistic, provided in real time and doesn’t rely upon human capital to identify an error, it allows the industry to be compliant by design and do the right thing the first time.
Vulnerabilities or gaps are flagged and promptly addressed, well before human detection — enabling wealth managers to stay one step ahead of anticipated regulations and focus on what they do best: build relationships with their clients.