- Almost 90% of financial services firms have reported increased compliance expenditure over the past five years, with 1-in-10 saying costs have doubled
- Nearly half of compliance professionals (45%) believe technology is a key driver behind the increased costs
- Regulatory reporting and trade surveillance are the biggest investment areas in the UK
- Communications surveillance and trade surveillance are the top investment priorities in the US, particularly for banks
- Nearly 50% of firms are investing in AI for compliance, with large firms leading the way
Almost half of firms (44%) are planning to invest more in RegTech solutions in the next 12 months to cope with the growing pressure on the compliance function in this fast moving and increasingly complicated regulatory and operational landscape. A further 41% expect to invest the same amount as the previous 12 months.
This investment is driving up the overall cost of compliance with almost all (90%) of financial services firms reporting increased compliance costs over the past five years. One in ten said costs have doubled.
This was discovered by compliance technology and data analytics firm SteelEye, in its first-ever Annual Compliance Health Check Report. SteelEye surveyed 170 senior financial services compliance and risk professionals in the UK and US on issues including the challenges they face, investment priorities and technology adoption in order to get a picture of the financial services compliance landscape today.
Regulatory change and data fragmentation continue to be a challenge
Nearly half (44%) of compliance professionals struggle with challenges related to data management, including overlaying communications and trades to manage market abuse risk; using Management Information (MI) efficiently to demonstrate risk; and consolidating and normalising of structured and unstructured data. A fifth of (20%) of firms say keeping up with regulatory change is their biggest challenge in meeting regulatory obligations.
Opinions were split on dealing with regulators. While 42% said regulators are now more challenging to deal with, 48% said they now find it easier to deal with the regulator. This could in part be due to technology making compliance processes more streamlined and straightforward. Small firms1 find it more challenging at 58%.
When asked if they think firms are well equipped to handle more stringent regulatory rules over the next five years, encouragingly, most respondents (75%) believe financial services firms are in a good position.
Compliance teams burdened with fragmented and manual processes
Administrative and repetitive tasks dominate compliance professionals’ work, pointing to the need for greater automation and digitalisation within the sector. In fact, half (50%) of respondents said at least half of compliance staff within their firm do administrative or repetitive tasks.
The survey demonstrated a clear trend towards centralised compliance management, with most (56%) respondents working within one team that oversees compliance for all branches and regions in which the company operates. Meanwhile, just 12% said they deploy a decentralised model where compliance is managed directly within individual jurisdictions. This is understandably more common for large organisations at 18%. In contrast, 88% of small firms’ compliance management is fully centralised. Centralisation of the compliance function can enable businesses to be more strategic and allow for richer learning across multiple jurisdictions. However, this hinges on a strong data foundation for the business as a whole.
Regulation, surveillance and data management top of the priority list
When asked about their top two investment priorities for the year ahead, regulatory reporting ranked first overall. However, when breaking this down by region it becomes clear that regulatory reporting is a leading investment area in the UK, where communication surveillance is the top priority in the US, particularly among banks. This is unsurprising given the fact that US regulators are clamping down hard on communications rules. Last year’s headline-grabbing $200 million fine for J.P. Morgan by the Securities and Exchange Commission (SEC) demonstrated the importance of adequate monitoring of employee communications.
Firms are reaping the rewards of machine learning in compliance
31% of firms said they have fully implemented a degree of AI or machine learning in their compliance processes. A further quarter (25%) are investing in the technology but are still in the implementation stage. The subsections of larger firms1 and US-based respondents are even further along in that journey, with 75% and 95% respectively having partly or fully implemented AI and machine learning in compliance. And those that have implemented AI are reaping the benefits.
100% of those who have fully implemented AI for compliance claim they have seen a marked improvement in the quality of their Management Information.
However, many firms are yet to take advantage of the potential of AI. Almost half (44%) said they have not started looking at AI’s possibilities for compliance. One cause of slow adoption might be the need for a strong data foundation which is necessary for successful AI deployments.
Matt Smith, CEO of SteelEye, said: “Our first Compliance Health Check Report demonstrates the breadth and complexity of challenges facing today’s compliance professionals. Keeping abreast with regulatory change, improving data quality and managing risks and controls within the business are just some of the headaches facing compliance teams.”
“The good news is that firms are clearly beginning to recognise the role technology can play in solving complex compliance challenges. In fact, 85% expect to invest the same amount or more in RegTech in the next 12-months.”
“Technology and data are key to establishing future-proofed compliance processes and procedures. It is great to see that a large proportion of firms view the enhancement of data quality as a top priority and that most firms are actively investing in technology. By prioritising how to bring together disparate datasets and make better use of data firms can more easily address regulatory change and other compliance challenges that will emerge down the line.”
“We are hopeful that these investments will enable compliance teams to improve the efficiency of their compliance programs – thereby reducing their reliance on administrative and repetitive tasks. Doing so can enable the compliance function to pivot from reactive investigations and firefighting to a more proactive model for compliance management and risk detection.”