In part one of this article series, entitled Alphabet Soup, three key themes were discussed in relation to the global regulatory environment investment managers must navigate: 1) Uncertainty, 2) Accountability and 3) Increased Scrutiny.
As the complexity of meeting compliance continues to grow, investment managers are looking at how best to tackle data management, improve workflow efficiency and ensure good governance, particularly those who operate across multiple jurisdictions.
Headcount not the solution
Many firms are resigned to simply throwing money at the problem. While understandable, this is not sustainable. A more strategic approach, one that leverages technology, can not only streamline compliance processes while maintaining the highest quality, but also lay the groundwork for more flexibility, something required in this ever-changing environment.
As Kevin Byrne, Managing Director of Global Regulatory Risk and Compliance at SEI Investment Manager Services, is keen to point out, constantly adding more headcount to keep pace with the ongoing compliance burden, is not the solution.
“The question is, how do investment managers keep track of all of the regulatory compliance requirements?” posits Byrne.
“We are starting to see early signs of managers using AI tools to be able to track regulation, pick it apart and get the AI to tell them what they need to know and adhere to. As a general rule, I think most investment firms are thinking to themselves, ‘How can I adhere to all of these regulatory requirements in the most cost-effective way?’”
In SEI’s white paper, Evolution in Asset Management, it suggests that outsourcing will play an important role for many firms, and regulatory technology (“regtech”) will aim to streamline and transform cumbersome processes. Functions likely to be affected include anti-fraud and risk management, personal data consent, regulatory reporting, fund reconciliation and more.
Jean White is Managing Director, SEI Investment Manager Services. In her view, in terms of day-to-day responsibilities and tasks, “We can expect to continue to see an increase in the utilisation of regtech to not only track, understand and apply regulatory change, but also to wrap all of the above into a compliance management system which can fundamentally transform your governance.”
In Europe, there is an increase in legislation which is principles-based rather than entirely prescriptive. Much of GDPR, for example, is based around complying with seven overarching principles. While this allows firms the flexibility to undertake internal assessments and determine how they will apply the requirements, it can also be daunting to justify decisions made.
“Reporting requirements tend to be black and white, but there’s a huge amount of grey when it comes to implementing principles-based regulation. The downside of this is it’s unlikely to be something you can fully automate,” says White.
“For the time being, human minds are required to analyse how to apply key principles to an organisation, and justify the same. Although many find this interpretation overwhelming or even intimidating, if you have a robust decision-making process and can clearly document the reason you went in a certain direction, then even if a regulator feels you’ve fallen short, they’re more likely to explain how you should alter your ways than automatically hit you with a hefty punitive fine.”
This is particularly the case in the UK, which tends to focus more on the need for the best outcome than a rules-based approach. As Andrew Bailey, Chief Executive of the FCA, said last year, “an organisation that prioritises being within the rules over doing the right thing will not stand up to scrutiny for long”.
“This means you need to have a reliable compliance management system in place, to ‘show your workings’ and ensure you can look back and explain why you took a particular course of action, how you felt doing so was the right thing”.
“This is something we are very much seeing among our clients, from an outsourcing perspective; systems to help with tracking, reporting, and documenting the human decision-making required. Not only is this necessary to show regulators, but can be leveraged internally for multiple stakeholders as well as reduce key person risk,” explains White.
Applying AI to compliance
To better automate the compliance function, investment firms could look to avail of specific AI tools that use machine learning algorithms, such as Natural Language Processing tools to scan large amounts of text for key words and relevant data points. This is particularly relevant to MiFID II, where AI could be used to convert voice files to text to search for key words.
Similar regtech tools can also be applied to scanning service level agreements and contractual documents to identify any potential risks to the business, adding more efficiency to the compliance department.
Another area of AI application could be to identify any unusual patterns that deviate from the norm in the workplace. In this way, the AI acts as a sentinel to spot potential misconduct within the firm, before anything serious happens, such as a deliberate data breach.
“AI as a tool really has a lot of applicability for pattern recognition in trading, teasing out new insights,” comments Byrne. “Compliance is responsible for email review, which is incredibly difficult to do manually so AI could help CCOs uncover any needles in the haystack.”
Combining AI technology tools with a robust compliance system offers a route for compliance teams to begin to overcome the seemingly endless complexity of global regulation. One that not only improves automation and frees up time to focus on the most salient issues but also reduces cost.
“It can act as a reassurance that the CCO knows everything is captured and stored in the right place, and can be easily accessed. It reduces reputational risk or any potential regulatory fines. It’s no longer simply a cost-saving conversation,” asserts Byrne.
Technology mitigates key man risk
In some respects, however, compliance still gets the short end of the dollar spend at investment firms, where the CEO might prefer to focus on growth avenues and spend money on hiring more front-office staff. But the CCO can very often present a key man risk, if they are the knowledge repository and there isn’t a compliance management system in place.
In Byrne’s view, senior management within investment firms “are focusing more on how to “institutionalise” the compliance function to avoid such a key man risk”.
After all, cutting back on a few dollars to shore up compliance departments could end costing the manager far more financially and reputationally, were there to be a serious breach of compliance.
Applying the right amount of technology can certainly help take away a lot of the pain by eliminating time-consuming, monotonous tasks that need to be performed under the banner of regulatory compliance.
“Using AI to identify pattern anomalies and areas where risk might be higher in a more streamlined way will certainly help compliance teams,” states White. “But we’re not living in a sci-fi film where your compliance responsibilities can be performed by a robot; regulatory implementation within organisations will always require a human element.”
“As a result, the key when it comes to outsourcing is absolutely to take solutions from an innovative provider committed to leveraging from advancing technologies. But also to ensure your provider understands that’s not where the story ends: that having the right people with the required expertise to perform the tasks a machine can’t, will always be equally, if not more, important.”
Read more about how data, privacy, cybersecurity and more play into the larger regulatory compliance picture in Chapter 4 of SEI’s white paper, Evolution in Asset Management. Select preferred format: US/UK