The Department of Labor’s Fiduciary Rule will bring heighten focus to conflicts of interest for both Broker-Dealers and Investment Advisers. Any sound compliance program must adequately address all the prevalent conflicts of interest. To do that here are three keys:
1) For data intensive and routine tasks, automate compliance as completely as possible.
2) For areas that don’t lend themselves to automation, use seasoned pros with risk tools.
For new problems, collaborate with your community to find solutions.
Understand what you are up against
The SEC has developed robust, quantitative, data analytic tools like NEAT to select the best prospects for examinations. The tools can process massive amounts of market data and apply complex algorithms to identify potential examination targets. These tools look at public information from Form PE and Form ADV to public trade data.
The result of this endeavor has been record enforcement actions. Exams are more focused and take place over a shorter time. Examiners expect compliance to be able to quickly to report on the data they request. See here for our blog on SEC exam prep.
In addition to record enforcement, 2015 saw an alarming CCO liability trend. Following the Blackrock Advisors case, which involved a CCO and an employee outside affiliation, and the SFX Financial case which involved a CCO and check writing controls, we’ve heard conflicting messages from the regulators as to the extent to which they will pursue cases against CCOs.See here for more info on CCO Liability.
While the SEC has not mandated that you have an automated personal trading system, they have given guidance that compliance needs to compare employee trades against firm activity. Given the data requirements involved, the only way to do that proficiently is to automate compliance. See here for more reasons to automate your program.
Understand the importance of the data layer
In an age of aggressive regulatory scrutiny, data integrity is a must. Recent innovations in processing power, data storage, and software have accelerated data-aggregation, while improving accuracy. Now, compliance technologies can extract higher value, more actionable data faster and in real time, thus mirroring the lightning speed of financial transactions. Data normalization is the removal of redundancies, deletions and anomalies to make information more organized, compact and searchable for reporting accuracy and forensic testing.
For data normalization, in the example of personal trading, a vendor takes direct broker feeds, which mitigate data contamination, and matches that broker data to a robust market driven security master. This helps better monitor trading by finding any issuer linkages by rolling up all securities to a single parent company. So, if the firm is trading corporate debt and an employee is trading options in the same company, both types of securities need to link back to the parent — something only an automated system can consistently do. Further, the security master can enrich the broker based data by adding information such as daily price history, trading volume, and industry codes which may be necessary for advanced trading rules and forensic testing.
How to Select the Best Vendor
Beginning the vendor selection process by reaching out to your most trusted compliance group is a great way to get started. There are many compliance groups available for you to join. Some are simply an email distribution list while others may be part of social networking site, like LinkedIn. Reach out and the setup a few phone calls to get a list of the vendors in the space and some background. Even in our online age, word of mouth is still paramount.
After that, setup a spreadsheet — put the vendors across the top. Next, list down the features you must have and the features that are nice to have. Reach out to the vendors, explain your requirements and start filling your vendor matrix. Then, setup demos that include all stakeholders.
Don’t worry, if you are unsure of the questions to ask organizations like AITEC provide standard DDQs for your guidance. See their site for more detail.
Finally, be sure to get and check references from your vendor.
Implementation: Everyone was Manual Once
Keep ease of implementation in mind when selecting your vendor. You vendor should have a routine project plan that involves not just goals and milestones, but helps identify the resources that you need to allocate for the project. Given the inter-relatedness of compliance, it is likely that you’ll need help from other departments, even if you are choosing a SaaS solution. For example, personal trade monitoring may require you to feed in trades from your order management system. An employee risk system may require a feed from you HR system to get a full list of employees with all the correct department and title information.
Practically speaking, remember everyone who is automated was manual once. Automating is a positive step, which everyone recognizes. Give yourself a quarter to automate a new system — the 90 days of work will pay off in the long run.
Looking Ahead
There are three sources of change that impact compliance automation: technology, industry, and regulatory.
Technology has been transformed by mobile, cloud, and big data. Mobile means your employees are always online, plugged into data rich and responsive applications. The cloud means there is more capability to integrate systems and no need to physically house the applications on-site. Big data means you can have access to the robust data and metadata sets you need to perform the forensic testing the SEC expects.
Outsourcing non-core functions to third parties is an industry trend, and while you can’t outsource the compliance responsibility you can outsource functions to vendors and consultants.
The regulatory to environment continues to get stronger. CCOs have recently been tasked with new areas such as social media and cybersecurity compliance. More regulations, examiners, and enforcement actions should be expected in the future.
Actionable Advice
A well prepared CCO can use compliance automation to collect all their reportable information in one central location. This level of organization will pay off daily, as an automated system enables delegation, an accurate audit trail, and timely reporting. In addition to eliminating human error and time spent on rote tasks, having a system with a robust data layer provides the necessary foundation to conduct the type of forensic testing and data analysis the SEC is expecting.
As technology, industry, and regulation continues to evolve, remember to use your compliance community to get the conversation started about vendor selection. Then use your vendor to help with a project plan to automate. Given the continually expanding scope of compliance duties and liabilities, an automated system is a life-saver for compliance officers looking to protect themselves and their firm.
