If you’re running an advice business, you know that you are required to establish and maintain adequate measures to ensure (“as far as reasonably practicable”) your compliance with financial services laws.
Clearly, the sophistication of the measures, processes and procedures you have in place (which may be paper based or integrated IT systems) will vary according to the size and sophistication of your business, but the only way to comply consistently, effectively and efficiently is to embrace regulatory technology.
If you’re not convinced of the need to invest in technology to better manage your compliance obligations, think about how you can, or could, demonstrate the reasonable steps you’ve taken to comply with the financial services laws.
ASIC could not have been clearer. They have publicly told you that the way they “monitor and regulate is increasingly data-driven”, and they’ve called out those ‘better licensees’ that were embracing technology to significantly improve their compliance framework.
As we’ve previously advised, forget compliance. Embracing Reg-Tech is an investment in the sustainability and relevance of your business.
We’d be happy to recommend an exceptional compliance platform, but there’s no perfect solution. We recommend that you test your options and confirm it’s secure, integrated and interrogable.
We’d also advise you to ask yourself a few questions before you commit to any solution:
1. What problem are you trying to solve?
Technology that automatically monitors websites or scans PDS might not be as useful to you as a solution that provides more effective breach and remediation management.
2. What risk are you trying to manage?
Technology that scans SOA is useful only to the extent that the SOAs are the problem. Monitoring documents rather than conduct may have less utility than you imagine.
3. Does it integrate into existing systems?
Closed systems are often too limited. Look for solutions that can integrate with your planning, training, induction and commission systems.
4. What benefits and insights does it provide?
It should include a CRM and dynamic, and insightful, comparative reporting and benchmarking.
Look for systems that have an application beyond ‘compliance’. Document management, training and an integrated induction process are examples of benefits that should be included.
Make sure it has ISO 27001 Certification. In an era of mandatory data breach reporting, you need your systems to be certified as secure.
5. Is it scalable?
Consider whether the technology can grow with, and adapt to, your business.
6. Is it easy to use?
Apple has a lot to answer for.
They’ve created a consumer expectation that applications should be beautiful and simple to use. A good reg-tech solution will conceal its complexity behind an appealing interface.
7. Is it locally developed?
The Australian regulatory environment is vastly different from other jurisdictions and translations of international systems don’t often work – and certainly not without local expertise.
We recommend that you
- check out openAFSL,
- read our post titled “Solutions, subroutines and protocols” and
- contact firstname.lastname@example.org for information or a demonstration.
 Medcraft, Greg, ASIC Chairman in “The Fourth Industrial Revolution: Impact on financial services and markets”, 20 March 2017