I have spoken before about regulatory compliance and the necessity for IT to look to make systematic improvements to how it supports a variety of compliance and regulatory changes. It seems that in 2014 there are no signs of things getting any easier. Let’s take a look of the state of regulation today.
Here is a sample of publicity in the recent months:
The usual suspects
The biggest single cluster of regulatory news affects the financial services industry. Adversely affected by the global economic downturn, financial services organizations have since been the target of stringent new regulatory controls. Unsurprisingly perhaps, news abounds across a variety of “non-compliance” issues in the industry.
In a case of internal compliance, Credit Suisse were recently reported as investigating two of its own dealers for trading rule transgressions. A broader industry issue especially in the UK has been PPI mis-selling. Recently, the UK Financial Conduct Authority (FCA) probe has prompted 2.5 million PPI cases to be reopened. The impact of PPI regulatory measures was reported as a cause of Lloyds’ Bank profit fall.
Meanwhile, other regulations were contravened in high-profile cases. Deutsche Bank was fined over fiscal reporting, while the Royal Bank of Scotland’s mortgage advice irregularities resulted in a fine of £14.5M ($23.7M). Elsewhere, the LIBOR rigging scandal has hit Lloyds to the tune of £218M ($356M), meanwhile Bank of Scotland’s “double-billing” scandal was cited in the lawcourts as “unconscionable” whilst the FCA continues to investigate them.
In terms of notoriety, however, spare a thought for Citi Group – its part in the financial meltdown has resulted in an astonishing $7Bn penalty, as reported in a press release.
The verdict by industry observers is understandably blunt. Trust in Banks is still “years away”, according to the chairman of the UK Treasury Committee, Andrew Tyrie. Meanwhile in some cases, jittery Fund managers are deserting banking stocks. And there’s no sign of things easing up – regulators are getting more stringent in their measures, while the recent SEPA regulation is being closely followed by an equally exacting new control, FATCA – the Foreign Account Tax Compliance Act, set to go live in 2015.
Not just financial services
Regulatory compliance, and failure thereof, is by no means the exclusive remit of the financial services industry. Electronics giants Philips, Samsung and Infineon were subject to a total of 138m-euro fine over pricing irregularities. Telecoms giant Verizon was fined $7.4M over consumer clarity complaints, while Energy supplier EDF was ordered to pay £3M ($4.9) to support vulnerable customers after failing to manage complaints.
It’s no secret
Data privacy regulations are a hot topic, and most news reported on the topic is bad news for the brands in question. High profile stories surround data privacy breaches have recently hit the headlines at Home Depot, Supervalu and UPS. However the press saved the most column inches for the unfolding Community Health Systems saga, where the data hack is reported to have affected 4.5 million customers.
Emerging from the shadows
What do all these stories have in common? The attribute that links them is that each story has been reported in the last few months. So, a commonplace, recurring theme suggesting a recurring challenge across a variety of industries.
The cost of non-compliance in individual cases might mean specific and often eye-watering fines, while the longer-term operational impact on a variety of industries, not least the financial services sector is untold risk and potentially irreparable brand damage. Coping with this is being taken very seriously – industry publication Banking Technology reports a Bank of England estimate that 70,000 new finance roles will be created in Europe alone to help tackle increasing compliance workload.
But headcount is not the only requirement. Throwing more staff at a problem where the processes and supporting technology is outmoded and inefficient is simply more chefs in a tiny kitchen.
Technology needs to be part of the solution.
And it can be. Micro Focus’ approach to IT regulation sees the challenge as a three-pronged issue – find the root of non-compliance, fix the issue, and then validate the change. We refer to this as Find It, Fix It, Test It. This approach leverages the best in technology to help automate and streamline these critical IT change projects, which all too often have unmovable, aggressive timescales. If you need to accelerate your regulatory efforts, we can help.