The First Line of Defense: Compliance Tracking
January 10, 2011
It was a mutual fund complex whose trading tactic, unintentionally, triggered the Flash Crash, according to federal regulators. These same regulators-the Securities and Exchange Commission and the Commodity Futures Trading Commission-are now going about scores of rule-making procedures, to implement the edicts of the Dodd-Frank Wall Street Reform Act and its call for transparency in operations.
And, oh, yeah, there are rules already in place telling mutual fund companies to convert their risk-return summaries into a format that works interactively online. And one for delivering summary prospecti electronically, if you want to avoid costs of printing and delivering paper.
How's a mutual fund company supposed to show that it is on top of its game-and systematically adhering to all regulations that govern its operations?
One approach is to use a "governance, risk and compliance" platform. These suites of software give executives and managers a "centralized cockpit of information" on the rules they must comply with and how well their organizations are performing in meeting them, as Denise Valentine, senior analyst with Boston-based Aite Group, puts it.
These "GRC" platforms give management and operations teams the ability to track any and all projects in progress across the organization to meet a requirement in any jurisdiction. Typically, libraries of content are constantly updated on laws and regulations that must be complied with, by nation or locality. And the work of different teams can be reviewed with on-screen dashboards.
"It's an impressive tool, if you get audited by the SEC," Valentine said. "If you have something like this, very structured, very specific, very procedural [to show the SEC], it's self-protection."
And the costs, generally, are low, on the order of a couple hundred of thousands of dollars, for tracking the platform, she said.
Which may explain, in part, why it's not that big a market, to date. Aite Group estimates spending worldwide on GRC platforms in the financial services field was $81.0 million in 2010. The research firm expects that to grow 18.6% a year. That will double the spend, to $160.2 million, by 2014.
A big player is Thomson Reuters, whose Enterprise GRC platform, is used, for instance, by the Financial Industry Regulatory Authority to house its rule book. The regulator of broker-dealers uses content features of the system; Thomson Reuters clients get access to the rules, in its library of rule books.
In February, Wolters Kluwer Financial Services is launching a new platform, that it says is "infused" with deep content, regulatory expertise and links to a broad array of related policy, procedure and alert services.
This unit of the $4.5 billion Netherlands-based supplier of information and tools Wolters Kluwer will launch a product it says provides three lines of defense to make sure users identify risks to their companies and manage their compliance with regulations.
The platform, ARC Logics for Financial Services, is designed to help investment firms measure, monitor and manage compliance and risks. Those three "Ms" encapsulate the thrust of the plaform's three lines of defense. ARC stands for "audit, risk, compliance."
The ARC Logics business unit was created a year ago, in February 2010, within Wolters Kluwer's financial and compliance services division.
While Wolters Kluwers' installed base is not nearly as large as that of Thomson Reuters, the company "certainly is a prominent player in this market," Valentine said.
ARC Logics' platform will allow firms to manage risk and control content libraries that can be centralized and utilized throughout the organization, according to Steve Taylor, manager of regulatory content solutions, Wolters Kluwer Financial Services.
The platform comes pre-loaded with a Compliance Risk Management framework for broker-dealers, investment advisors or hedge funds, that can be configured to the needs and expectations of an individual firm.
"The challenge is making sure everything is there, that there are no gaps" in the libraries of rules and requirements, Taylor said.
For instance, mutual fund companies will find the requirements of the Investment Company Act of 1940, not just the Investment Advisers Act of 1940, are baked into the framework for investment advisors, as well as SEC rules. That framework can then be tailored to their needs, precisely, according to Paul Murdock, director of consulting and professional services for Wolters Kluwer Professional Services.
The tailoring, for instance, makes clear distinctions between fund companies such as BlackRock and PIMCO, which are focused on fixed-income products and aimed at institutions, and Vanguard and Fidelity, which are retail-oriented and more equities-focused, he said.
The "sweet spot" likely will be firms with $1 billion or more in assets under management, that don't have the internal resources to create such a system. But, Taylor notes, if the firm already has a robust set of risk management frameworks in place, then these can be uploaded into the platform.