Has the compliance industry finally reached a pivot point after years of ever-increasing budgets? Our global annual survey highlights a willingness to consider more creative solutions to risk challenges.
As the voice of risk and compliance practitioners worldwide, the eighth annual Cost of Compliance survey provides a revealing insight into a potential change of approach towards the use and level of resources within the industry.
Instead of throwing ever more money at multiple compliance issues, responses from nearly 900 compliance professionals worldwide suggest that more of them are looking for improved efficiencies through the deployment of technology and automation.
This drive to halt the post-financial crisis surge in compliance costs comes despite few signs of a slowing in the rate, pace, complexity, and volume of regulatory change and uncertainty.
Key findings from the report show:
- Over half (53 percent) of firms expect the total compliance budget to be slightly or significantly more over the next 12 months — a reduction in the rate of increase in 2016 when 69 percent reported an increase in the coming year.
- 60 percent of firms expect the cost of senior compliance staff to increase either slightly or significantly, down from 67 percent in 2016.
- A third of all firms (33 percent) are expecting more compliance involvement in fintech and regtech solutions in the coming year.
- A reduction in the number of firms spending more than a whole day per week tracking and analyzing regulatory change — from more than a third (35 percent) in 2016 to 26 percent in 2017.
“It is no longer sufficient to simply throw more and more resources at risk and compliance — firms are now seeking targeted risk management outcomes by utilizing technology and specific value-add compliance skills.”
The report is a valuable and trusted resource, with last year’s edition being read by more than 8,500 firms and global systemically important financial institutions (G-SIFIs), regulators, local government, law firms, and consultancies.
A future of regulatory uncertainty
Regulatory uncertainty and change triggered by political developments, most notably the Trump administration and Brexit, were seen as some of the greatest compliance challenges practitioners expected to face in 2017.
Despite this, there was a small decline in the expected rate of increase, with 62 percent of respondents expecting regulators to publish more information in the next year (69 percent in 2016), and 22 percent expecting significantly more (26 percent in 2016).
Tracking regulatory change
There has been a reduction in the number of firms spending more than a whole day a week tracking and analyzing regulatory change from more than a third (35 percent) in 2016 to 26 percent in 2017.
This is set against a background of no let up in the volume of regulatory information which firms need to track and may be due to efficiencies, the use of technology or resource constraints.
In parallel there has been an annual decline in the percentage of compliance teams who spend more than 10 hours a week amending policies and procedures to reflect the latest regulatory rules (3 percent in 2017, 4 percent in 2016, 7 percent in 2015, and 11 percent in 2014).
Focus on regulatory risks
The continued focus on regulatory risk is unremitting, with 70 percent of firms expecting the focus on managing regulatory risk to increase over the coming year (73 percent in 2016).
Twenty percent expect the focus to be significantly more (22 percent in 2016). The top two reasons given are continued regulatory change and the ongoing focus on culture and conduct risk.
Personal liability for compliance officers has become a persistent worry bead.
That said, there seems to be a leveling off in terms of the rate of increase of concern, with almost half (48 percent) of respondents reporting that the personal liability of compliance professionals would remain the same in the coming year, up from 40 percent in 2016.
The other half (48 percent) still expect the personal liability of compliance officers to increase in 2017, 11 percent significantly.
Outsourcing continues to be a well-trodden path for firms with 28 percent choosing to outsource some or all of their compliance functionality (25 percent in 2016).
Consistent with the prior year, the top two reasons given were the lack of in-house compliance skills and the need for additional assurance on compliance processes.
Increasing impact of technology
A third of all firms overall (33 percent) and almost half of G-SIFIs (48 percent) are expecting more compliance involvement in the assessment of fintech and regtech solutions in the coming year.
This is in addition to the 48 percent of all firms expecting to spend more time in 2017 assessing cyber resilience in their firm.
Coordination between control functions
Over the eight years of the survey, there was little change in the reported interaction and alignment between control functions.
Firms appear to be continuing to miss opportunities to leverage scarce resources, with only half (50 percent) of compliance functions spending more than an hour a week with internal audit.
The compliance teams of G-SIFIs are seen to be doing more, with 19 percent spending more than eight hours a week consulting with the other control functions on compliance issues compared to 11 percent for all other firms.