Technology and Regulatory Changes

By Peter Newman, Microgen (01/05/2012)

As a professional in the international finance industry, you will not need to be alerted to the fact that regulatory demands have increased over the last few years. Every financial institution is being bombarded with a series of acronyms which in turn translate into a myriad of complex and time consuming activities: FATCA, FBAAR, Sarbanes-Oxley, Basel (impressively now in its 3rd generation), various EU directives, Dodd-Frank, local regulatory bodies’ KYC requirements etc, etc.

The bottom line, however, is that irrespective of what you consider the merits of each new requirement to be, or how much burden it places on you individually or corporately, you still have to comply and meet whatever the edict demands.

As someone who works on the periphery of the financial services industry, neither I nor the company for which I work are directly impacted by this avalanche of regulation. However, many of our customers are, and this gives us a good opportunity to view the impact more objectively.


I would imagine that, for the most part, you instinctively know whether you are dealing with something ‘dodgy’. Years of experience have taught you when something is genuine and when it is not. Being instinctively aware is no longer enough; you have to evidence why something or somebody is compliant with the relevant rules and regulations. It sounds obvious, but is potentially time consuming.

Pace of Change

Regulatory changes are instigated by politicians who usually have a fixed time period in which to make their mark before being subject to another election process. Politicians drive change faster than most businesses and the recent financial crisis has spurred them into a flurry of activity.

This introduces a whole series of complexities and challenges for financial services providers; monitoring new regulations and anticipated changes, adapting business processes to meet new directives, training staff, adjusting IT systems. All of these are time-consuming activities, none of which add any benefit to the bottom line.


It is no longer a simple case of checking a few passports and establishing the source of funds to comply with KYC requirements. Often there are multiple factors and questions involved. These factors and questions are not necessarily straight line items either; they can vary depending on the outcome of the previous answer or a piece of data. This level of complexity increases the potential for error or, at best, increases the level of checking to safeguard against error.

Individually, any of the above may seem onerous enough in their own right. Combined, they place an enormous strain on the business which in real terms translates into time and cost. Pitch this against the background of fierce competition and your clients’ increasingly diminishing appetite for fees, and compliance becomes a daunting prospect.

Enough Doom and Gloom – What is this ‘Golden Bullet’ Technology Solution?

There is good news and bad news. Bad news first – there is no golden bullet solution. As the title of this piece suggests, technology can assist but it is not some universal panacea. I mentioned above that instinct alone is no longer sufficient. That does not mean it is redundant, in fact quite the reverse. It is probably still one of your most valuable checking mechanisms. People’s gut feelings have an uncanny knack of being accurate.

So, onto the good news. IT systems are exceptionally good at performing repetitive tasks in a consistent manner at high speed. Until recently, the missing piece was the ability of IT systems to add a little bit of intelligence to these tasks. This intelligence is now becoming much more readily available, usually under the banner of ‘Workflow’.

What’s New – Technology Has Been Available For Ages? Flexibility is the Answer

Until relatively recently, most IT systems have been heavily reliant on IT staff. Where changes to core systems were required, IT teams had to be educated in the requirements, they had to schedule any development work, and the delivery of the solution occurred at an agreed date some point in the future. Obviously, this all costs money and takes time. Cost is often an issue, after all, who would not be reluctant to spend money on something that does not directly contribute to their profit margins. Also, with the pace of change, time is not a luxury available to many financial service providers these days.

The key is to build flexible systems that can be adapted without the need for heavy IT involvement and developments to the core system. Furthermore, when that flexibility is available to business users, they will be more inclined to look to technology to assist with compliance.

Increasingly, more IT systems vendors have adopted this approach and have built in flexibility in their solutions. In its simplest form, this can be something like the ability to add custom fields to the database without re-programming. More complex solutions have in-built workflow, which can be configured by business users to mirror their internal business processes.

Workflow As An Aid To Compliance

Workflow can be defined as: “The sequence of industrial, administrative, or other processes through which a piece of work passes from initiation to completion.”

In the context of technology assisting with compliance this means that management can mandate processes (eg, KYC) with all the various steps and sign offs, create a workflow within their system, and then all administration staff are compelled to follow that exact process by the system in order to get a new client (or re-check an existing client) onto the system. And behind this is the full stored audit capability to check after the event that all has been done correctly.

Workflow products have been available for many years and still are. For large businesses which operate multiple core software systems, these can be an effective method of layering complex business processes across these various systems. The downside is that these workflow products usually require IT skills to integrate with the core platforms which in turn gives rise to the issues described in the previous section.

More IT vendors are now providing ‘packaged’ solutions which have workflow built into the core application. Sometimes this workflow is very simple and is perhaps more of a checklist than a true workflow capability. Other systems have richer functionality which can launch specific functions to capture data input, run processes, produce reports or fire off emails. Further sophistication includes variable processing dependent on in-built checks against stored data, or approvals being required or not, based on the value of a transaction being greater than $x or £y.

As previously stated, the key is for business users to take control of the configuration of the workflow and to be able to easily and quickly change it. Some system vendors claim to have workflow in their product but what they have actually done is hard code their interpretation of what your business processes should look like. This leaves you with little flexibility to determine your own business processes or change and adapt your business process as your business develops.

Evidencing What You Have Done

One of the first items mentioned in this article is that of audit. If you are managing some or all of your compliance requirements manually, then a natural by-product will inevitably be a record, or evidence, of what you have done.

If you use technology, but that technology does not provide a clear record, and importantly, the means of retrieving that audit, then you might just as well have done it manually in the first place.


Flexibility is the main ingredient that technology can provide to assist with the compliance burden, closely followed by workflow and audit. Combining these factors with allowing business users to configure and more importantly, adapt and enhance, their systems to meet new and changing requirements both quickly and at low/no cost, is a powerful advantage in today’s increasingly competitive market.