Things were different 15 years ago when I started my career in regulatory compliance. I had fewer grey hairs and compliance questions typically ranked at the bottom of RFPs. How times have changed. Compliance is now typically among the first three questions clients ask about when performing their due diligence. And for a good reason: Getting compliance wrong imposes massive risk on businesses and our industry at large: A staggering €26 billion in fines has been imposed for non-compliance with AntiMoney Laundering (AML), Know Your Customer (KYC) and sanctions regulations in the last decade. In Europe, 2018 has been a record year for AML and sanctions fines in Europe with a total of €900 million levied – 3 times more than fines levied in 2017. A fine mess.
The important question is: how are you positioning your compliance program for the future? In addition to the challenges in today’s compliance market, such as increased regulatory pressure, cost focus and thin margins, scarcity of qualified compliance resources, and high turnover in compliance teams, traditional compliance programs have a low degree of automation and scalability, rely on too many manual procedures, are prone to human error, and feature incomplete record keeping and reporting capabilities. It’s time to turn to the next generation of compliance programs.
Take a current example for AML-KYC: On 25 November, the Luxembourg financial regulator CSSF released FAQs concerning the requirements for Luxembourg-based investment funds and their managers to appoint a responsible person for AML/CFT. It effectively requires all firms to appoint a member of management responsible for compliance with obligations in the fight against money laundering and terrorist financing. This begs the question: where will all these compliance resources come from, and how will directors take comfort that they can discharge their new AML/CTF responsibilities? It is fair to say that there are not enough qualified MLROs in Europe, let alone in Luxembourg, to meet this demand. It won’t be possible to run a state-of-the-art compliance program without the aid of technology.
At the centre of this evolution is the transition from in-house compliance models to cloud-based technology solutions offered by specialist service providers acting as an extension of your daily operations and relieving you of compliance resource challenges. In other areas of our lives we have come to accept new ways of accessing services based on outsourced models. Rather than owning a car we rely on car-sharing models or ride-hailing services. Instead of going to five different shops we take advantage of online retail platforms. But cloud-based compliance technology doesn’t just increase the effectiveness of fund compliance programs, it also creates scalable governance processes – a key prerequisite for the creation of AML/CFT solutions for fund directors and management companies.
All this doesn’t have to cost an arm and a leg. Just as people go to online streaming services to avoid high cable TV bills, the cost of compliance consulting can be drastically reduced by new pricing models. The biggest potential price tag, however, remains the reputational and financial risk of a regulatory breach.
The cost of getting it wrong outweighs the cost of doing it right. That hasn’t changed over the last 15 years.