A growing awareness of the escalating and ever-changing demands of the regulatory environment, coupled with a potential reduction in the resources available to meet compliance challenges, are the defining concerns of respondents to Thomson Reuters seventh annual Cost of Compliance Survey.
The 2016 global survey shows more compliance professionals are now looking to technology not only as a bigger challenge than ever before, with regulatory actions driving technological change as the remit of compliance broadens to cover cyber risks, but also as RegTech is being assessed to help manage many key aspects of compliance.
Surveyed compliance professionals continue to express regulatory fatigue and overload, with no perceived let-up in the volume of regulatory change. Like last year’s survey results, 69 percent of firms expect regulators to publish even more information in the next year, with 26 percent expecting significantly more. More than one-third of the firms spend at least an entire day each week keeping track of steadily rising regulatory change.
On resource challenges and costs, 83 percent of global systemically important financial institutions (G-SIFIs) expect senior compliance staff to cost more, this year. Meanwhile, the scarcity of skilled compliance personnel is forcing two-thirds of all firms surveyed not only to do more with less, but also to expect senior compliance staff to cost more this year.
“Over the years our survey has become a much-awaited benchmark,” co-author Stacey English, head of Regulatory Intelligence, Thomson Reuters, said. “The candid ‘real world’ feedback we elicit confidentially from participants enables the findings to be a true finger on the pulse of global compliance functions. Comparing resources, challenges and expectations against industry peers provides valuable insight and a sense of comfort for compliance practitioners and senior managers against a backdrop of rising personal liability and an evolving remit.” She analyzes more Cost of Compliance Survey 2016 results in an interview http://reut.rs/1YoYXsj with Thomson Reuters Regulatory Intelligence managing editor Alexander Robson.
Other key takeaways from the survey include:
• Focus on regulatory risk: spurred largely by the greater regulatory demands placed upon the management of conduct risk, three-quarters of all firms surveyed expect the focus on managing regulatory risk to rise further in 2016. For G-SIFIs, the main influence driving their heightened focus is the impact of harsher regulatory penalties imposed upon them.
• Rising personal liability: in keeping with results from 2015, a full 60 percent of all respondents (compared with 59 percent in 2015) expect the personal liability of compliance officers to increase in 2016, with 16 percent expecting a significant increase; even more (27 percent) of G-SIFIs expect a significant increase in personal liability this year.
• Outsourcing is on the rise: given the resource constraints they are experiencing, a quarter of all firms have elected to outsource at least a portion of their compliance functionality. Reasons cited for this are a lack of in-house compliance skills and the need for additional assurance on compliance processes.
• Coordination between internal control functions remains fairly low: with only half (50 percent) of all compliance functions spending more than one hour each week with internal audit, firms may be missing opportunities to leverage increasingly and persistently scarce resources.
“The chaos that resulted from the financial crisis did have a silver lining of sorts – it raised the value proposition of the compliance function, especially a highly skilled and suitably resourced one,” said Phil Cotter, managing director, Risk, Thomson Reuters. “The world took note of the vital role compliance professionals can play. Nearly eight years later, however, compliance officers and their boards are finding it increasingly tough to secure appropriate levels of resources, despite escalating regulatory change. Our report suggests that perhaps there is a limit to firms’ ability to continue to expand their risk functions – outsourcing is one option being used, but it is the growing use of tailored technological solutions which will enable compliance functions to do more with less and free-up skilled resources to tackle greater value-added compliance activities.”
For this year’s global survey Thomson Reuters Regulatory Intelligence canvassed from December 2015 to February 2016 compliance practitioners at more than 300 financial services firms including banks, brokers, insurers and asset managers and most of the largest G-SIFIs, in markets encompassing Africa, the Americas, Asia, Australia, Europe and the Middle East. The survey builds upon annual surveys of similar respondents offering year-on-year trends and developments intended to help regulated financial services firms with planning, resourcing and direction, and to allow them to benchmark their own practices and experiences to gauge whether their resources, strategy and expectations are aligned with those in the wider global industry.
To illustrate highlights from this year’s Cost of Compliance Survey, following is an infographic prepared by Thomson Reuters Regulatory Intelligence highlighting key results: http://tmsnrt.rs/28Khb6M .
Increased Cost of Compliance
While a skilled, high-quality compliance function is expensive to build it will be one of the best investments for a firm and its senior managers. Many firms have employed more compliance staff but there is a growing need for more adequately skilled compliance officers. The results show a consistency of expectation that the costs of skilled compliance staff will continue to rise, but the growing issue is in the availability of high-quality skills and experience. Over two-thirds of firms are expecting skilled staff to cost more. Twenty-two percent of the larger G-SIFI firms expect the cost of senior compliance professionals to be significantly more. The major reason cited for the expected increase in the cost of senior compliance professionals for the full population was the demand for skilled staff and knowledge. More than two-thirds of firms (69 percent) are expecting an increase in their compliance budget this year with 15 percent expecting significantly more. G-SIFIs are expecting a similar increase in compliance team budgets with seventeen percent expecting a significantly higher budget.
Complex Regulatory Change
The speed and sheer breadth of regulatory change remains an ever-present challenge for firms. According to the survey, 69 percent of respondents expect an increase in the volume of information published by regulators and exchanges. The last few years have seen a gentle decline in the expected level of increase in regulatory information to be published by regulators and exchanges (2012: 84 percent; 2013: 81 percent; 2014: 75 percent; 2015: 70 percent and 2016: 69 percent). While the baseline remains high with expected increases, any decline, even if it is only in the rate of increase in the volume of regulatory information published, is to be welcomed.
Broadening Compliance Remit
As well as the growing focus on culture and conduct risk that needs to be considered when assessing regulatory change, the remit of compliance functions is expanding. One particular area that increasingly is affecting the compliance arena is technology, IT risk and the issues regarding cyber crime and resilience. For firms, cyber risks are multi-faceted and must not simply be left to the IT function. Compliance functions need to be engaged in the consideration of risks to the business (and by association the potential effect on their customers) from an attack on the wider financial services infrastructure, as well as the implications of a direct attack on the firms themselves.
Thomson Reuters senior regulatory intelligence expert and co-author Susannah Hammond, added: “Respondents cited a wide range of regulatory challenges arising from regulations continuing to change including the fiduciary rules in the U.S., the Fourth Anti-Money Laundering Directive and Markets in Financial Instruments Directive 2 and associated regulation in Europe as well as the global Basel III requirements.”