The coming year will see significant regulatory change. What can compliance professionals do to stay on top of it?
Robson made his comment during the Feb. 27 “Compliance trends and priorities in 2018” webinar. He was referring to a host of daunting challenges that altogether are requiring compliance professionals to display “chameleon-like adaptability” as they help their organizations meet and overcome new and complex regulatory obstacles.
Those obstacles include:
- Markets in Financial Instruments Directive (MiFID) II: This EU law is meant to standardize regulation for investment across the EU. The European Securities and Markets Authority claims it will “improve the functioning of financial markets, making them more efficient, resilient and transparent.”
- Brexit: No one disputes Brexit will impact trade between the EU and the UK, and no one disputes more direction and answers from the respective governments would be helpful. However, those two things seem to be in short supply.
- Financial crime: Financial crime isn’t new. The types of financial crime and the way it’s being committed in places like the dark web are, and their rapid mutation makes it difficult for everyone – law enforcement authorities and private organizations alike – to keep pace. Risk Specialist Nicola Passariello noted an estimated US$2 trillion is laundered each year.
- General Data Protection Regulation (GDPR): Approved in April 2016 after four years of preparation, GDPR may be “the most important change in data privacy regulation in 20 years.”
Cumulatively, these challenges make for a difficult business environment. In response to a poll run during the webinar, 51.2 percent of respondents cited “continued regulatory change” as their “greatest compliance challenge in 2018.” A distant second was “resource constraints” at 36.8 percent.
There is no single approach that will help an organization sail over its regulatory and compliance challenges. That being said, Senior Regulatory Intelligence Expert Susannah Hammond identified several points that may help:
- Polish up a comprehensive set of skills: Hammond advised organizations take “a long hard look at whether they have the right sets of skills and the right mix of skills to not only look at current business, but – with all that regulatory change we can see coming – future business as well.”
- Take data protection seriously: The “potentially enormous fines” that could accompany a GDPR violation (fines could be the greater of 20 million euros or 4 percent of global annual turnover) should prompt organizations to be proactive and cautious. One major point: whether adequate consent to data-gathering has been collected from an individual. “The huge difference is the quality and durability of the consent to having data gathered,” Hammond said, specifically highlighting the apparent expectation that consent be “refreshed” every two years. “If you are a financial services firm of any size, that is a huge undertaking in and of itself.”
- Deploy FinTech and RegTech intelligently: Hammond cautioned against seeing RegTech and FinTech products as cure-alls. “Compliance needs to think about how RegTech could and should be deployed. Which one best fits their problem?” she said. “In addition, you need to be very, very sure that you are putting a RegTech or FinTech solution on very solid footing.”
The State of Regulatory Reform 2018: A Special Report is also available for complimentary download.