Skip to content
Thomson Reuters
Regulatory Risk

The peak of regulatory change may be some way off

David Craig

30 Mar 2015

REUTERS/Jorge Dan Lopez

Regulators’ rulebooks update by a jaw-dropping 155 a day. But it may get even busier ahead argues David Craig, President of Financial & Risk at Thomson Reuters.

The amount of regulatory change tracked by Thomson Reuters for financial firms around the world has more than doubled in the last two years. The world’s financial regulators issued an average 155 alerts on every business day in 2014 – a total of 40,603 for the year.

These alerts relate to updates to their rulebooks, but also other announcements, policy papers, speeches and enforcement notices. In 2013, they issued an average of 103 updates every business day. In 2012, the number was 68.


Source: Thomson Reuters

These numbers provide hard evidence of the extraordinary growth of the compliance culture in the financial services industry worldwide. The figures have been compiled by Thomson Reuters Regulatory Intelligence, which monitors more than 950 regulatory rulebooks worldwide published by more than 550 regulatory bodies.

The number of daily regulatory updates is perhaps as close as we can get to an authoritative measure of the extent of financial regulation growth since the crash. We have been compiling these figures since 2008, as the numbers and extent of rulebooks (and rulemaking bodies) have grown.

We also know that the consequences of failing to comply are becoming ever greater. In 2013, the UK regulator issued fines some 18 times greater than its predecessor had in 2008.

Last year our report on the rising costs of non-compliance noted the increased focus among regulators on greater accountability and personal liability for the individuals involved in breaches. We also noted that every global systemically important bank has been fined in recent years. The cost of compliance is not simply the amount handed over in fines, but also the cost of ending a business line, or perhaps curtailing the provision of certain services. And there is also the risk of enduring reputational damage done to the brand.

In the UK, the Confederation of British Industry has been loudly critical of the increase in the regulatory burden on financial services firms. And across the world the representative bodies for financial services firms – the trade associations and professional bodies – have been growing increasingly vocal about the increase in output from the world’s regulatory bodies.

Not all of it is relevant for every firm, clearly. Insurers, banks and asset managers have very different operating models, and are subject to very different rules. Business-to-business financial services needs regulation very different to client-facing operations. But their compliance officers will need to check the relevance of all 155 daily updates all the same.

Our report “The Rising Costs of Non-Compliance” noted:

“Firms have to contend not only with jurisdiction-specific changes but also with multiple levels of changes which are not necessarily aligned when it comes to cross-border business. Regulatory divergence, particularly regarding areas such as the trans-Atlantic trading and settlement of derivatives, has become the norm and will require significant political and regulatory effort to resolve.”

If you are the chief risk officer of an international business, you are clearly presented with a problem. Assuming you don’t get to double your compliance workforce every two years, you are faced with sifting through an increasing amount of often very dense and specific prose to determine (a) whether a new update is relevant to your business (b) whether it requires you to implement any changes to your current operations. And – need I repeat – you need to do this on average 155 times a day.

At Thomson Reuters we have developed a detailed taxonomy in order to categorize each regulatory change, enabling our customers to focus on only the changes which are relevant to their business. We also provide comprehensive up-to-the-minute news coverage to help firms anticipate and accommodate change.

We cannot reduce the output of regulatory policymaking, but we can help firms to streamline their compliance, monitoring, audit and reporting processes and to focus on those specific rules which impact on their businesses.

We started the year hoping that the number of daily regulatory notifications would level out or fall off rather than increase. As scrutiny of the financial markets has continued to grow, and as investigations into market abuse have continued, we may yet be some distance from calling the peak of regulatory change.

Read the original story here.

About David Craig

David Craig is president of the Financial & Risk business of Thomson Reuters, which accounts for US$7B in revenues and operates in 180 countries with 20,000 employees.

Prior to this role, David was president and founder of the Governance, Risk and Compliance (GRC) business, which launched in 2010 to help professionals in highly regulated industries around the world address with the growing raft of regulation, risk and compliance requirements.

David has presented on strategy and business leadership at the Tuck School of Business, at the Aspen Ideas Festival, London Business School MBA class on the GRC growth story. He won the McKinsey Global Award for Research for his work on outsourcing and was a judge for four years on the European Banking Technology Awards. This year David was ranked number 10 in the top 50 global leaders and innovators in financial services technology by Institutional Investor Magazine.


How sanctions screening can mitigate treasury risk The platform to digital transformation in financial trading Why third-party risk shouldn’t mean sleepless nights Risk technology: How to fix common frustrations with risk MiFID II progress summary report: Why there’s still work to do Risk technology: What’s driving new GRC investment? Tackling data overload with intelligent tagging How sanctions-proof is your Source of Wealth due diligence? Highlights from the Thomson Reuters London Risk and Compliance Summit How Bilateral Chat is empowering our industry