During the webinar Conduct, Compliance and Ethics in Capital Markets, an executive panel with speakers from FINRA, Northern Trust Corporation, MCO and Greenwich Associates discussed how technology and data management are key to an effective conduct risk strategy.
Regulators have come to expect that firms will have the latest compliance technology. Better tools and technology have set a continuing expectation from the regulators that there will be better surveillance. According to Stacy Bolton, Senior Vice President & Chief Risk Officer, Corporate & Institutional Services at Northern Trust Corporation,technology needs to be fit for purpose. Firms can’t just purchase compliance technology off the shelf without making sure that it can meet the unique needs of the organization.
Managing the volume of data points in a large organization is a challenge. Large firms have huge volumes of data that they need to capture and surveil. Multiple systems separately managing data sets continues to pose problems and makes analyzing data in the right context a challenge. Looking at compliance data as it intersects across the organization can provide this context.
What’s changed for large firms around conduct oversight?
MCO CEO Brian Fahey recommends that large firms look at the intersection of compliance data across three key areas: Transactions, employees and third parties. According to Fahey, individual metrics like trading are all good, but the key is the holistic view. Steven Polansky, Senior Director of Member Supervision at FINRA has seen that when it comes to misconduct, there’s usually more than one thing that goes on – there’s more of a mosaic around it. A holistic view can take the analysis of an employee’s trading data, and also factor in items like gifts and entertainment activities and third-party interactions to build a wider view of potential conduct risk. Learn more about taking an integrated approach to conduct risk.
Knowing where risk lies, especially in a large organization, can be challenging. Analyzing integrated data from across the firm helps compliance know where to look. Data harmonization, or the process of bringing data together from different sources, provides more capability to analyze large volumes of data. Fahey explains that historically monitoring capital markets has been done by looking at securities data. And when you’re looking at securities data, you can link everything back to one common id. The broader trend now is to look at company data, but when you’re looking at company data it’s much harder to monitor. Data harmonization is the first step in being able to analyze data from across the company.
The panel also discussed evolving tools including natural language processing and machine learning. How do they impact compliance right now? According to the panel, these tools can help with activities like analysis of regulations and monitoring employee chat and emails. In fact, the UK FCA is working on making elements of their rule book machine readable. But there are limitations. Compliance teams still need to be able to clearly show regulators what they are doing and why.
Data should aid in decision making, but it doesn’t take the place of good judgement. That’s where compliance comes in to help understand the nuances. This is especially important in large firms with a global footprint. Metrics and anomalies should be viewed as predictive and not definitive. An example that Stacy Bolton shared involved calls to a compliance hotline. In one location a reduced number of calls could be an indication of a compliance issue. But in another location having few calls could be more reflective of a cultural norm than it is of potential misconduct. Data models are not meant to be one size fits all. Bolton also noted “don’t let the metrics reinforce bias. Read the room and then read the metrics.”
Fahey suggests that a continual focus on structuring data should be top on the list of next steps for large firms in 2022. In addition, automating manual process frees compliance teams up to look at broader issues.
Watch the complete webinar Conduct, Compliance and Ethics in Capital Markets.
And if you’d like to see first hand how MyComplianceOffice uses centralized data for ease of access, consistency and unparalleled risk control, contact us today for a demo.