Data storage and retrieval is the critical compliance issue facing IT directors at investment banks, life and pensions firms and insurance companies, according to a survey conducted by compliance consultancy Clearconcepts on behalf of Microsoft.
According to the survey of 80 financial institutions, one in five IT manangers feel information retention and the ability to prove to the Financial Services Authority (FSA) that data is secure and accessible is the most critical compliance issue.
Microsoft says respondents are concerned that the increasing need to retain vast amounts of unstructured data, such as telephone conversations, text messages and e-mails, to ensure compliance, is overloading systems.
Data retrieval is also seen as a major hurdle, with respondents highlighting prolems such as an inability to keep track of files that are sent across different lines of business and applications.
The storage and retrieval of e-mail is also cited as a major concern, particularly in light of recent regulatory legal cases such as Andersen and CSFB where e-mails have been used as evidence.
Furthermore, IT directors at financial institutions believe that strategies for document retention and retrieval are being hindered by conflicting regulatory requirements. For instance the Data Protection Act states that customer data should not be retained unnecessarily, while anti-money laundering laws require firms to store customer data for significant periods of time.
A quarter of respondents said their company had implemented data retrieval systems, while more than one in five firms have deployed a surveillance system such as an anti-money laundering application.
In contrast, IT directors at retail banks cite compliance with operational risk and data security regulations as of greatest concern.
A separate survey of 60 IT managers conducted by UK-based Aspective found the integration of multiple data sources as the main barrier to meeting the reporting regulations outlined in the FSA's Policy Statement 04/9.
Almost half (46%) of those surveyed say they "do not think" or "do not know" whether their current IT systems are capable of meeting the reporting regulations, while 55% say making their systems compliant would be significant difficult or impossible.
The majority of respondents criticise the FSA for setting "unrealistic deadlines" for Policy 04/9 which outlines regulations for the collection and reporting of sales, financial and compliance data. Companies are expected to begin collecting data from 1 April 2005 and submitting that data to the FSA from July 2005.
More than three quarters (78%) of those questioned doubt whether the industry can meet its compliance obligations.