More On Legal & Compliancefrom The Advisor's Professional Library
- Risk-Based Oversight of Investment Advisors Even if the SEC had a larger budget and more resources, it is doubtful that the Commission would have the resources to regularly examine all RIAs. Therefore, the SEC is likely to continue relying on risk-based oversight to fulfill its mission of protecting investors.
- RIAs and Customer Identification Just as RIAs owe a duty to diligently protect their clients privacy and guard against theft, firms also play a vital role in customer identification. Although RIAs are not subject to an anti-money laundering rule, securities regulators expect advisors to address these issues in their policies and procedures.
With the recent news about JPMorgan Chase and its $6.2 billion loss in derivatives trading, there are renewed calls for increased government oversight and tightened regulations on today’s financial services firms.
It’s not my intent to take a position in this blog on whether or when government intervention is necessary, but rather to simply state the fact that we’re living in an era when more stringent regulatory requirements are a reality. Moreove the likelihood that these requirements will become permanent—and will expand over time—is increasing.
Why the increase? In a word, transparency. Regulators, financial services professionals, investors and taxpayers all want a clearer picture of the financial transactions that drive markets and shape the world we live in. To achieve this transparency, there’s a need to gather and report on increasingly mountainous volumes of data—a process that leads to a simple equation:
The more you regulate, the more labor that is required. If automated systems are not in place, that means manual labor, which leads to an expenditure of time, energy and capital that is not scalable or ultimately sustainable.
What’s a regulator to do? Or what about the investment firm or entity that’s being audited?
Compliance Tip 1: Ask Smart Questions; Set Clear Goals
First, participants in the regulatory process need to cultivate a realistic perspective on what can and can’t be done. It’s not possible or desirable to regulate everything under the sun.
Rather, it’s important to pose questions that help you establish a clear direction for the audit. First, what are you trying to do? Or, to give the question a different slant, what are you trying to prevent, and who are you trying to protect? Are you seeking to shield investors from the possibility of another Bernie Madoff? Trying to save large financial institutions from themselves, such as when they disregard their own internal risk models and put their organization and stockholders in danger?
Whatever you’re seeking to achieve, you need to ask how you will achieve it, and determine what it will cost. Will it be onerous, and spike your overhead by 20% or 30%? Or will it be in an acceptable range, deliver a positive ROI, and lower your overall cost of doing business? (You can also ask what is the cost of not staying compliant, and whether that potential outcome is tolerable.)
Here again, we need to return to the data part of the equation—and this time, take a quick look at the role of new technologies in meeting the regulatory challenge.
Compliance Tip 2: Transparency, Automation, Scalability
For regulators and audited firms, the most fundamental need is to have quality data to work with. Whether you’re looking at transaction-level data, confirming custodial reporting, monitoring a firm’s activity or doing anything else—your efforts will only be successful if the data you have is timely and accurate.
Generally speaking, this type of quality data isavailable at specific points in the transaction chain, but accessing it and working with it is still a manual process. You can’t gather it easily, and when you are able to gather it, you can’t easily and cost-effectively replicate the process on a mass scale. Instead, for a regulator to operate effectively, and for a firm to be able to supply regulators with quality data, it’s necessary to gather and process data differently than before. It’s essential to automate—to invest in new technology that enables the regulator and regulated to:
- Scale to exponentially greater volumes of data
- Access the data more quickly than ever before
- Know that the data is relevant on a macro- and granular scale
- Use the data for analytics, testing, whatever is necessary to achieve complete transparency
Compliance Tip 3: Increase Frequency, Depth of Testing.
Suppose you test an RIA firm once every three years and you look at 10% of its data. Wouldn’t it be more effective to test every year and look at 100% of their data? With automated data gathering capabilities you can more readily make this leap.
Using account aggregation technology makes life easier for both sides—to the regulatory agencies that gather and analyze the data, and to the RIA firms that assemble and report it. It’s a win-win that ultimately does not require a lot of effort from either side. With the right technology, it’s a process that just works.