Toiling amidst all the debate and political posturing that has surrounded Dodd-Frank and other new financial regulations are the people inside the banks who actually have to make sure their institutions are following all the rules.
The sheer volume is staggering - analysts estimate there are more than 250 specific new rules for banks to follow - not to mention the accompanying testing, auditing and systems updating to ensure compliance with the rules. The burden on the executives responsible for compliance is disruptive, and not in the good way that tech pros usually mean when they use the word. For many banks, following the new rules will necessitate an enterprisewide compliance testing infrastructure that spots compliance shortfalls or exceptions, and tracks and tests the updates that are executed to fix those exceptions - spelling a boom for the core banking vendors and specialists that automate compliance testing.
"Having a systematic way to test for compliance is critical," says Julie Conroy McNelley, a research director for Aite. She estimates there are 253 incremental regulations that will be added as a result of Dodd-Frank. "A lot of big banks have a platform in place to help with this. But with small banks, you have one or two people to handle compliance, and oftentimes the compliance and audits come with a huge paper trail."
Chris McClean, a senior analyst at Forrester Research, says reporting is getting more complicated because the number of auditors and regulators is increasing. "It's not just one person with 200 new rules - it's a larger group of organizations looking into what you are doing," he says.
With all the mergers, acquisitions and takeovers of distressed banks the past few years there are more stress points where a policy or procedure may be out of compliance, making manual testing more difficult, McClean says. There is simply more to test and fix than before, making existing methods of testing obsolete. "There may be claims management or other platforms that may not be working right together right away."
Smelling a chance to lure new clients and expand relationships, technology companies are all over this trend, with companies such as SAP and Oracle touting compliance engines that include testing and tracking updates.
The larger core banking companies, such as Fiserv, FIS and Jack Henry, have substantial compliance and testing solutions. "That's the silver lining for all of this regulation. It creates a lot of opportunity for folks," McNelley says.
Some specifically target rules testing and workflows. Continuity Control in New Haven, Conn., offers Web-enabled compliance testing and has been accumulating technology for the coming battle to capture testing share.
The firm recently acquired Compliance Services Group and Kirschler Peterson & Associates, additions that will extend its reach in the Midwest and South. Continuity Control also recently acquired My Compliance Info, leading to the creation of RegWatch, a workflow platform to feed regulatory updates and analysis directly into Continuity Control's process management system, as well as an onboarding process that includes an initial risk assessment and recommendations.
The new rules and huge paper trail mean compliance can't be handled by one or two people in a single office, as has been the case for small banks in the past.
The new testing responsibility falls to a much larger group of people, namely, those who run departments within the bank and their immediate reports. By automating testing, the reporting of glitches and shortfalls can be distributed to a larger group of people, lightening the load of the executives in charge of compliance and audits
Be the first to comment on this post using the section below.