Five Ways to Reduce the Cost of Compliance
By Cindy Cook DeRuyter | Published March 29, 2018
- Internal Controls for Better Compliance
- Workflow For Compliance
- Improve Corporate Governance With BPM
As any compliance officer knows, complying with whatever rules and regulations govern their industry and business is not optional. For investment advisers, broker-dealers and other organizations operating in the financial services space, complying with the myriad of SEC, FINRA and state regulations can be overwhelming if the firm doesn’t have the right tools in place. Multinational firms must also comply with laws in the other jurisdictions where they operate or transact business.
Of course, compliance also comes with a cost; many firms struggle to strike the right balance. Company leaders know they need to fund the compliance initiative, but they don’t want to do so at the expense of sales and AUM. The good news is that the two are not mutually exclusive. The key is to find ways to cut compliance expenses without cutting compliance oversight and protection.
Here are five ways to reduce the cost of compliance in your firm, so you can allocate resources appropriately:
1. Invest in the Compliance Department
At first read, this one may sound counter-intuitive. After all, how does allocating funds to compliance do anything to reduce your cost? The reality is that the cost of non-compliance can be staggering. According to a Ponemon Institute study, the cost of non-compliance is, on average, 2.65 times the cost of compliance.
First, firms that don’t pay enough attention to compliance rules and regulations face regulatory risk. In 2017, the SEC brought 754 enforcement actions resulting in a combined $3,789,000 in monetary penalties and disgorgement. FINRA also levied fines and restitution of $66.8 million against firms and individuals in 2017, expelled 21 firms from the industry, and suspended another 29 firms.
Firms with ineffective compliance programs also face legal and financial risk as well as the reputational risk that can make it difficult to retain existing clients and employees, let alone attract new ones. Cut your compliance costs in the long run by allocating budget dollars to your compliance program now.
2. Adopt a Forward-Looking Approach
When implementing new policies, procedures, or systems for your organization, one of the best things you can do is look ahead to where you see your firm in five or ten years and assess whether your current controls would suffice in that environment.
You need to implement compliance policies and procedures designed to prevent, detect and correct potential issues based on where your firm is today, of course. It can be tempting to want to stop there – especially if your firm is still relatively small. However, doing so can be short-sighted. Here’s why: The compliance controls that are effective today for your 10-person firm may not be scalable. If they’re not, you could wind up having to overhaul your program at a significant cost later.
Think of this tip as analogous to the old advice “dress for the job you want, not the job you have.” Dress your compliance program for the firm your leaders want to manage, not just for the firm you have today.
3. Address Cyber Security Risks
Cyber security is a growing threat in every industry, but cyber-attacks can be particularly damaging for financial services firms. The regulators are increasing cyber security and data privacy initiatives as instances of data breaches continue to rise. As a result, a firm without adequate data protection measures in place could face regulatory sanctions in addition to financial losses and a loss of investor and client confidence.
Firms should approach cyber security initiatives from a standpoint of being prepared “when” an attack comes, not “if” an attack comes, and must recognize that data protection is not merely an IT function or responsibility. The compliance department’s role will vary from organization to organization, but compliance can play a key role in ensuring the firm’s policies and procedures are designed to prevent and detect vulnerabilities, respond promptly to incidents when they occur, and provide for regulatory reporting when required. Compliance may also be involved in helping assess third-party service providers’ cyber security programs and conducting periodic threat assessments. If not directly involved, compliance procedures should at least provide for oversight and testing of controls.
Being proactive about data privacy and cyber security can reduce the need for the costly client- and regulatory notifications after the fact, ultimately cutting the firm’s cost of compliance.
4. Continuously Monitor Changing Risks
Effective compliance programs are about more than identifying problems and taking corrective action. While that’s important, it’s arguably more important to continuously monitor and look ahead to potential compliance pitfalls. A proactive approach to compliance means your CCO and staff are watching pending regulations and staying abreast of industry changes so they’re able to react nimbly to implement new processes when needed.
When you identify and implement needed changes in procedures in response to a changing risk landscape, be sure to also update your compliance controls to address those changes. It’s a lot cheaper to implement changes before they’re needed than to have to go back and fix violations and address issues after the fact.
In today’s digital world, it’s easier than ever to stay on top of what the regulators are doing. Subscribing to regulators’ and industry thought leaders’ resources and attending industry conferences can actually save your firm money by reducing costly do-overs or unwinding hastily-applied patches later.
5. Implement Process Automation
Finally, one of the most effective ways to reduce your compliance expense is to implement technology solutions that can automate processes and workflows. While technology comes with its own expense, the potential benefits generally far outweigh the costs.
Some compliance officers and other firm leaders shy away from implementing automation technologies out of a mistaken belief that compliance personnel can be just as effective in managing risks and processing tasks manually. In reality, manual processes are error-prone and labor-intensive. What’s more, they aren’t scalable; a firm that relies on manual processing for attestations, certifications or other compliance tasks will likely have a hard time handling a significant rise in the number of supervised employees without adding and training new compliance staff.
Introducing automation can help ensure tasks are handled on time and can flag unexpected responses for review, helping reduce the risk of a potential violation being missed in the shuffle. Because items are routed electronically according to a pre-defined path, it’s also easier to eliminate potential bottlenecks. All of this can add up to significant cost savings for the compliance department – and the firm.
Reducing Compliance Costs Comes Down to Changing Compliance Spending
If your firm is like most, you don't have an unlimited budget for compliance. At the same time, you're likely under pressure to keep expenses as low as possible without sacrificing your clients' safety - or your firm's reputation. Investing in the compliance department by implementing systems, processes, and tools strategically designed to meet both today's and tomorrow's risks can help you keep compliance spending in check.
To learn more about how Integrify's solutions can help you manage compliance costs, call (888) 536-9629 today.
Cindy Cook DeRuyter
Cindy Cook DeRuyter is an attorney in private practice and a freelance writer in St. Paul, MN. Prior to taking her practice full-time in 2015, Cindy spent more than 19 years in Investment Adviser and Broker-Dealer compliance and operations roles for firms including RSM Wealth Management, Nuveen Investments, US Bancorp Asset Management and Thrivent Financial.