Those in the industry of financial compliance are dealing with an ever-evolving landscape. They are plagued with an ever-expanding universe of risks and responsibilities to continually assess, manage, prioritize, and allocate resources across a wide array of concerns. While this is a necessary part of their job, it’s one that is, unfortunately, an inexact science.
Each year, when January rolls around, Regulatory Intelligence works to highlight the top concerns for a compliance officer in the coming year. The list created is based on discussions and observations with various industry practitioners. It represents risks or areas that are presenting substantial challenges for these professionals, and it’s designed to help various compliance teams with their planning, prioritizing, and reviewing for the coming year.
Keep in mind, the topics found here are not ranked in a specific order, as the client type, business type and the size of a firm all impact the importance of the item to a specific organization.
Additional guidance for some top concerns can be found from the top U.S. securities regulators, the Financial Industry Regulatory Authority, as well as the U.S. Securities and Exchange Commission. This guidance is provided in the annual exam priority letters that are published.
Each of the areas found on the Regulatory Intelligence list is going to be followed very closely and be discussed more in-depth throughout 2019. Additionally, Regulatory Intelligence is known for publishing a progress report later in the year, which reviews the way the concerns actually unfolded.
Later in the year, the Regulatory Intelligence expert team is also going to host three different webinars, which cover various issues in the U.S., Asia, and around the world, providing a discussion regarding what compliance officers have to do on the subject areas in 2019.
1. Political Uncertainty and Regulatory Change
When Donald Trump was elected as president of the United States, the action brought about a widespread anticipation of regulatory rollback. After two years, though, as legal and compliance departments have gotten familiar with certain small, regularity changes, the winds of politics are shifting once more since the House of Representatives was taken over by the Democrats in the November mid-term election of 2018.
This shift in power isn’t projected to have any significant impact from a regulatory or legislative standpoint. In fact, the voice in support of retail and consumer investor protection and political rhetoric regarding “Wall Street” and large banks are going to become much louder.
While the political power shift may hinder the deregulatory agenda that President Trump has, the real regulatory change is going to take time, and it is something that is still in the hands of the various agencies. Large changes occurring at this level usually take place at a very slow rate.
International political events and regulatory events can’t be ignored, either. One example of this is GDPR in the EU, which actually went into effect in 2018 and has an extraterritorial reach. This is also the ideal model for future, potential regulations in the U.S. in the areas of cybersecurity, data privacy and other critical realms.
The political balance of power and partisanship is likely to result in angst, regardless of what side of the aisle someone sits. However, any significant changes are going to take several years.
2. All Things Tech-Related, Including Cyber Security and Data Protection
In the expanding and huge universe that is modern technology, complexities and risks that are related to the profession of compliance are still a top issue.
Areas including data protection, privacy, and any related regulations like GDPR just scratch the surface. Risks such as cybersecurity and the cost of this are ranked high in regard to worries of any compliance department. The result of stories in the news reporting losses due to cyberattacks, or the misuse of consumer data has increased overall public awareness and the overall political focus on things like cybersecurity and data privacy. In the coming year, you can expect much stricter, and/or the development of, new regulations and rules.
The speed at which technology is evolving is also causing some concerns. According to the annual Cost of Compliance survey from Thomson Reuters, the challenges and expenses related to legacy systems are also ranking as a big concern. Regulators today have begun to engage with various industry participants and continue signaling that they aren’t falling behind this ever-growing curve of technology.
Technology in relation to professionals who are considered “non-tech”, including a compliance officer, is still a worry, along with the integration and importance of tech into the actual compliance suite. While compliance officers don’t have to become a technology expert, they do need to make sure that any cyber risks are being addressed within the corporate framework of their firm. The compliance pros need to be aware of the various regulations and rules from all jurisdictions that have any authority over the activities of the firm.
There has also been a continued shift toward various technology solutions in compliance and finance, which have been named “regtech” and “fintech.” With the use of AI, along with other new tech in these sectors growing, it is no longer an option to avoid or ignore the subject.
3. Outside Business Activities and Conflicts of Interest
A conflict of interest is a type of catch-all problem at various financial firms. At the biggest firms, it is pretty common for the firms to actually prohibit almost all outside activities as they often raise or create questions related to a conflict of interest. Mid-size and smaller firms have less restrictive prohibitions, but the issue is still a problem.
In the private equity industry, various conflicts and the disclosure of them is still a problem. Recently, regulators have examined PE firms and have actually made this a top priority.
Regulators issued a warning in 2017 over any outside business activities by advisers and brokers, which included investment opportunities and private investments. While the number of cases has gone down, the majority of the bigger, well-known firms are still seeing any outside business activities as a serious risk.
Any type of inaccurate/incomplete disclosure, the appearance of a possible conflict, or any conflict of interest have to be safeguarded against. Meticulous documentation, monitoring, and disclosure by compliance departments is a must.
4. REG BI, Sales Practices, Suitability, and Retail Protection
In the past few years, lawmakers, regulators and even the public have worked to push toward investor protection, especially when it comes to the retail investors. Now, regulators are making the protection of a retail investor a top priority and concern. The fact is, there have (to date) been a number of cases related to commission disclosures, product suitability cases, and mutual fund share class selection, along with the misappropriation and churning cases. The enforcement directors at the CFTC and the SEC are working to continue bringing actions any time investor harm is suspected.
In a response to the fiduciary rule from the Department of Labor, which was debated for quite a while and struck down in court the Reg BI or Regulation Best Interest, and the associated rules were originally proposed in 2018 and it received over 3,000 comments. It’s projected that there are going to be more changes, along with the finalization of the Reg BI during 2019, as Jay Clayton, the SEC Chair has made it a top priority on the agency’s agenda.
All compliance departments need to keep reviewing various sales practices, along with risk disclosures and marketing efforts. A regulator needs to be sure to scrutinize all the controls and supervisory systems over sales practices and recommendations. At the very core of this particular compliance task, is proper training in relation to sales products and practices.
5. High-Risk Products and Market Risk
During 2018, the stock market in the United States experienced up to a 20 percent reduction, which took many by surprise and caused pain along with uncertainty for several investors. Most compliance departments are more than aware that when the bull markets are over, or if market volatility goes up, then complaints from investors may also go up in lockstep. There are many mistakes that are made by financial advisors, along with customers, resulting in savings being lost, and in some cases, customers and financial advisors often make subpar decisions.
During the financial crisis that occurred between 2008 and 2009, there were quite a few cases related to the sales practices, churning, suitability, and even inappropriate risk-taking. While no repeat is likely going to happen, and the market has somewhat recovered in the early part of 2019, the entire outlook for 2019 is still unsure.
All compliance departments need to remain mindful of the overall market conditions, while exercising more caution along with oversight, especially in any retail facing firms where a mistake may become much more prevalent in challenging market conditions.
It’s important that extra care is taken with higher risk or complex products, which include “liquid alternative” funds, along with inverse and leveraged ETFs. Anything that is represented or marketed as a “safe alternative” also needs to be reviewed very carefully.
For an institutional manager, the times of market stress can also expose additional risks that are topped by various liquidity risks. The liquidity will also have a direct correlation to the pricing, especially in credit markets, along with level 2 or 3 assets. These markets and assets that are thinly traded have become extremely problematic, especially during times of market volatility, and they have resulted in the closure or failure of several mutual funds, liquid alternative funds, and hedge funds.
6. AML/KYC and Ultimate Beneficial Ownership
Counter-terrorist financing, CTF, and anti-money laundering, AML, policies are still both top concerns around the globe for financial services. Due to the levels of severity, complexity, and sophistication of the criminal activity, there are some regulators who are taking the enforcement very seriously. This is clearly due to the continual 1MDB scandal. FCPA (Foreign Corrupt Practices Act) violations are still raking in serious fines to various regulators, too.
The global sanctions risk present with Iran, along with other countries is still a serious worry for the senior managers of almost all businesses, especially in various financial institutions. Also, AML is a serious concern internationally. Any lapses in know-your-customer (KYC), AML, sanctions compliance, and beneficial ownership have caused some of the biggest penalties that have been handed down by the regulators.
KYC and AML along with counter-terrorist financing duties are usually outsourced to the custodians for a smaller firm. However, with outsourcing, it does not remove the liability and responsibility. Some regulators have indicated that all firms, no matter the size, aren’t able to take this very lightly. Failures related to the timely and accurate filing of SARs or Suspicious Activity Reports are extremely important to regulators.
7. Market Manipulation and Insider Trading
Something that is always an enforcement priority is insider trading. Today, regulators have enhanced the data they use regarding surveillance and gathering capabilities, making it easier and faster to connect the dots when suspicious trading takes place. Now, regulators are much better equipped than ever, so they can find the violations, and they are not hesitating to bring about new cases.
“Spoofing” is something that is taken seriously by the Commodity Futures Trading Commission and in 2018, this organization had a strong run of successful settlements and convictions regarding these manipulative trading practices.
Each day, regulators are getting better at being able to detect all types of trading abuses. These types of successful regulatory actions can increase the chances of even more success, as this legal precedent is getting stronger with each case.
Modern compliance departments are also working by taking more similar actions to help detect and deter quite a few activities before the regulators do. As a result, prevention in these types of areas, along with the severity of the penalties and infractions, are going to make it a top concern on a persistent basis.
Understanding what is going on is one of the best ways to prepare for what is coming in 2019. Being informed and in "the know" is the best way to ensure that 2019 is a good year for those in the compliance arena, especially for a compliance officer in any firm. While 2019 still faces uncertainty, it's important that all firms adhere to regulations and continue to train staff on these regulations to avoid any fines or other retaliation for non-compliance in the coming years.
If you're looking for a new challenge at a new job, call ICS. We can connect you to the right role where you can bring your expertise. Click below to find our open