Using technology has become a very integral part of today’s business services, especially in the financial industry. Due to the changes in both state and federal securities regulations over the last few years, the need for financial firms to have compliance technology has nearly become a necessity.
Compliance technology comes in many different shapes and sizes and is offered by a plethora of vendors. So much so, that a lot of financial firms do not know where to start when considering the use of technology to help with their compliance efforts. Coupled with that, is finding the right solution that will not “break the bank”. The good news is that using compliance technology has become fairly economical and it significantly enhances a firm’s ability to detect and address compliance issues more effectively, which in turn, helps with mitigating and/or eliminating the costs associated with regulatory violations.
In this month’s Risk Management Update (“RMU”), we discuss several important compliance areas that can be efficiently managed by using technology, along with the overall benefits. We also provide a list of suggested vendors and a brief description of the technology they offer.
Staying Up to Date with Changes in Securities Regulations
In the last decade, the financial industry has experienced a large number of changes in both state and federal regulations, and it doesn’t appear that this trend will lessen any time soon. Monitoring and tracking changes in applicable regulations is a time-consuming endeavor for a Chief Compliance Officer (“CCO”). A lot of CCOs try to stay informed by signing up to receive emails from a variety of sources, such as law firms and compliance periodicals, and visiting regulatory websites. While these practices help, it requires a CCO to spend a lot of time reviewing and sorting through information to determine what changes are relevant to their firm.
A compliance management system provides a simple way to receive real-time news updates from regulators in one location, which usually can be tailored to allow a CCO the ability to review only the information applicable to their firm’s business. This means less time spent by the CCO researching, so more time can be devoted to educating senior managers and employees and implementing appropriate policies, procedures, and internal controls in a timely manner.
The foundation of a firm’s compliance program is its policies and procedures, which cover state and federal securities laws applicable to the firm and its business practices and outline many compliance tasks and regulatory filings that are required to be performed throughout each year.
By utilizing technology, a CCO can implement required duties into an electronic calendar, which can track the required completion/filing dates, send automatic reminder emails, and house applicable documentation. This not only allows the CCO to stay ahead of deadlines to ensure timely completion, but also provides electronic storage of applicable required books and records. In addition, most technology includes an audit trail to show details of the timing and performance of each task, which is beneficial to have during an exam in order to show proof of completion.
For risk management purposes, a CCO is required to perform at least annual reviews and testing of the firm’s policies, procedures, and controls to confirm their efficacy. The reviews and testing need to cover a lot of areas, including but not limited to portfolio management and trading, privacy, custody, cybersecurity, business continuity, fee calculation and billing process, retention of required books and records, employee personal trading and other conflict of interest areas, marketing and advertising, and appropriate registration of the firm and its advisory personnel.
Performing an annual review is an incredibly involved process and without compliance technology, it takes a CCO many hours of work to complete. When using a good compliance management system, a CCO is able to: (i) design and automate the type and frequency of tests and reviews to be performed, (ii) schedule each test and review in advance, (iii) assign and electronically notify appropriate personnel to assist with completion, (iv) obtain electronic certifications and affirmations from department managers confirming adequacy of processes, and (v) maintain all documentation evidencing the testing and results, along with any updates made to the firm’s compliance program.
Training employees on important compliance areas is a necessity, but not always easy to do. Having a required annual compliance meeting is a good way to ensure attendance, but not always the most efficient or effective way to train. Also, taking all employees away from their duties at the same time may not be so beneficial for the firm.
When using compliance technology, training modules can be set up for completion by employees throughout the year. The modules can be customized by topic and employee level, and set up as required reading, testing, and/or certifications. The CCO has the ability to distribute the training through the system at set or variable times, and to some or all employees. This not only gives employees more flexibility on when to complete the training, but also provides the CCO with a better way to track whether any employee appears to need additional training in certain areas. In addition, the system provides the ability for electronic delivery of the firm’s Compliance Manual and other policies and procedures and require completion of acknowledgement by employees.
Employee Personal Trading Compliance
Both state and federal regulations require financial firms to implement policies and procedures that address various conflict of interest areas, the least of which being employee personal trading. Without technology, CCOs spend a lot of time reminding employees of reporting requirements, following up with employees on the reporting deadlines, reviewing employee transactions and holdings reports, and ensuring secure maintenance of reports.
Compliance technology allows firms to automate employee Code of Ethics compliance. Systems can be configured to receive employee personal trading information through secure electronic feeds from their brokerage firms, which facilitates the reporting process for employees and allows the system to perform reviews of trading to ensure compliance with the firm’s Code of Ethics requirements.
Books & Records Retention
Maintaining required books and records can be a challenge. CCOs need to perform periodic testing to help ensure that all such documents are being kept, which takes time, especially if the records are housed in different firm departments. With compliance technology, firms can centralize the retention into one location, which provides for secure access and allows the CCO to more easily perform testing to ensure all records are being maintained.
List of Compliance Technology Vendors
BasisCode Compliance – delivers a centralized compliance management platform, which includes compliance calendar customization, testing, certifications and attestations, gifts and entertainment monitoring, risk assessments, form builder tool, personal trading, whistleblower, and document library management. (678) 819-1991 – www.basiscode.com
MyComplianceOffice – provides a software system for compliance requirements and employee trading activity management, as well as task management and workflow, compliance calendar building, attestation management, disclosure management, gifts and entertainment monitoring, case and document management, risk management and more. (866) 951-2279 – www.mycomplianceoffice.com
Schwab Compliance Technologies - offers employee trade surveillance technology and a system to manage the flow and administration of compliance and other projects and tasks across an organization with one powerful tool. It centralizes information, making it easier for firms to maintain records, stay on top of tasks, track issues, and streamlines reporting to efficiently address regulatory inquiries.
(877) 589-4276 – https://workplacefinancialservices.schwab.com/employee-monitoring
Complysci - The ComplySci platform is a web-based compliance monitoring solution that tracks employee activities against firm policies and regulations. It also provides a calendaring and task management solution that provides full transparency into compliance responsibilities, deadlines, results, and follow-up actions. (212) 327-1533 – https://www.complysci.com/
The implementation of compliance technology is a step that every financial firm should be considering. There are a variety of offerings and pricing models available. Core Compliance is familiar with the technology offered by the vendors listed in this RMU and can provide recommendations and assistance with implementation and ongoing administration of your compliance program utilizing technology.
Author: Tina Mitchell, Managing Director, Consultation Services; Core Compliance & Legal Services (“Core Compliance”). Editor: Janice Powell, Sr. Compliance Consultant, Core Compliance. Core Compliance works extensively with investment advisers, broker-dealers, investment companies, hedge funds, private equity firms and banks on regulatory compliance issues.
This article is for information purposes and does not contain or convey legal or tax advice. The information herein should not be relied upon in regard to any particular facts or circumstances without first consulting with a lawyer and/or tax professional.
 According to the SEC’s Division of Enforcement 2020 Annual Report (https://www.sec.gov/files/enforcement-annual-report-2020.pdf) the median amount of money ordered to be paid for disgorgement and penalties in their 2020 fiscal year, was over $530,000.
 This list is not all inclusive, but rather some of the more widely known vendors that have a full suite of offerings.