The Cost of Compliance 2018 report shows the only things constant are change, uncertainty and pressure.
In Lewis Carroll’s “Through the Looking-Glass,” the Red Queen describes her realm to Alice as a place where “it takes all the running you can do to keep in the same place.”
Compliance professionals might feel the same.
According to the ninth annual Cost of Compliance 2018 report from Thomson Reuters, many respondents are anticipating more budget and even an increase in team size . Even so, they are still reporting a need to be creative and utilize outsourcing to keep up with regulatory change and uncertainty, which they identify as their biggest challenge.
Positive signs: Stable resources
For the Cost of Compliance 2018 report, Thomson Reuters sought responses from risk and compliance practitioners across the globe. Over 800 responses were received from Asia, North America, the EU and UK and the Middle East.
Sixty-one percent of responding firms reported expecting an increase in their total compliance budget for 2018. That’s up from 53 percent in 2017. At the same time, 43 percent of respondents said they expect the size of their team to grow, and 52 expect it to remain the same. That means only 5 percent expected a reduction in size.
Despite an anticipated increase in funds and stable team sizes, risk and compliance professionals still reported a lack of confidence with regard to how they are keeping up with regulatory change and uncertainty. Seventy-four percent of firms said they planned to increase the focus on managing regulatory risk over the next 12 months; that’s a testament to the consistency and breakneck pace of the change buffeting the industry.
Risk and compliance professionals are not without options, however. Two of the most frequently used means of approaching the volume and uncertainty of change are technology and outsourcing.
Technology-wise, 41 percent of respondents said they expect to spend more time assessing FinTech and RegTech solutions in the next 12 months. The potential ease and efficiency of technology are appealing, but must be weighed against the heightened regulatory risks associated with data privacy, IT infrastructure and cyberesilience. In other words, technology is not a holy grail.
Outsourcing is another means many firms use to address compliance risk and uncertainty. Twenty-four percent of firms reported outsourcing all or part of their compliance function. Annual policy reviews and email reviews were two components specifically identified as frequently outsourced. Chiefly, respondents said they outsourced compliance and risk duties due to:
- The need for additional assurance on compliance processes (49 percent)
- A dearth of in-house compliance skills (39 percent)
- Cost (37 percent)
What lies ahead?
So far this year, we have already seen the implementation of Markets in Financial Instruments II (MiFID II) and the General Data Protection Regulation, and markets including Australia, Singapore, Hong Kong and Ireland plan to introduce personal accountability regimes. In other words, the challenges facing risk and compliance professionals are likely to keep up or intensify, rather than wane.
Running as fast as one can to say in the same place, indeed.
The Cost of Compliance 2018 report is available for complimentary download.