What a year.
2020 delivered what can only be described as a once-in-a-lifetime occurrence, one that has impacted all sectors and in many ways changed the way we do business and interact with one another.
Compliance, for instance, was severely tested by the COVID-19 pandemic.
Regulatory uncertainty, an increased need to react swiftly to rapidly changing regulatory conditions, the rise of remote work, the incorporation of new technologies to handle risks and regulatory obligations, and a greater threat of cyber attacks during these chaotic times have forced compliance departments to adopt new strategies and methodologies and adapt to the times.
Considering these changes, what will be the main driving factors in the compliance world in 2021?
Will our sector be primarily driven by how we continue to handle the COVID-19 pandemic or will there be new challenges, trends and issues to keep in mind as we move forward?
Here’s AGRC’s list of what to expect for compliance in the New Year.
GRC Solutions Grow in Importance
More and more companies have embraced holistic solutions and tools to handle their governance, risk management and cyber security. The days of using Excel and other manual tools to manage a company’s risk, management and data protection have come and gone.
According to Symmetry Corp, GRC tools are “designed to integrate compliance into everyday business processes like user provisioning, role management, emergency access management, and periodic risk assessment,” and also “[streamline] routine audit and compliance processes while reducing the risk of fraud or malicious activity in Enterprise Resource Planning (ERP) systems.”
Given this growing importance, companies offering GRC tools have to become even more competitive and provide their clients with cutting edge services and products.
According to Ethix360’s CCO, Stephanie Farmer, customers now seek “excellent service, convenience, user-friendly solutions, and continuous improvement to those solutions and not getting nickle-and-dimed.”
Embracing Remote Audits
In-house audits might be a thing of the past in a post-COVID-19 world.
Companies have made it a priority to keep their employees safe, limiting their physical contact with third parties and canceling any unnecessary business travel.
Considering these limitations, many firms, spearheaded by the many tech advances in this field, have transitioned to remote audits to fully comply with their regulatory obligations. These remote audits end up being more flexible, practical and efficient and save the companies involved both time and money.
However, companies must keep in mind that, considering the emergence of remote work and the unstable markets, stakeholders might want an extra reassurance from management that the company’s financial statements are legit and that numbers haven’t been fudged.
Likewise, investors will ultimately like to see more detailed risk management data and plans set forth to deal with these uncertain times.
Fine Tuning Work from Home Policies
2020 was the year work from home became a mainstay.
This change caught many companies by surprise, pushing them to put together plans, policies and rules governing work from home in a sometimes haphazard manner.
With employees now primarily working away from the office, compliance departments had to adapt to this shift, setting up contingency plans and ways to better comply with their industry’s regulations.
With this move to work from home, several issues came to the fore, including the threat of cyber attacks, the need to more closely protect data, and employees engaging in illegal activities such as insider trading and fraud, among others.
For instance, Oliver Bradford, who serves as EMEA Sales Director for Shield, a company developing compliance tech for the financial services sector, explains, “Home working adds new temptations for rule-breaking when employees are outside the physical surveillance of financial firms, so powerful automated surveillance systems (which understand nuances of language, sentiment and behaviour) are essential, and will continue to be so even when strict social distancing restrictions begin to be lifted and remote working becomes an integrated part of the financial industry landscape moving forwards.”
With this in mind, 2021 will present a unique opportunity for companies to fine tune their work from home policies and be 100 percent prepared in the case of yet another wave.
Furthermore, Compliance Officers will need to be a more imaginative when it comes to training, communicating with and managing employees in terms of the firm’s regulatory obligations.
Cloud Technology Takes Over
As working from home becomes more prevalent, more and more companies will transition to cloud technology to facilitate work between employees who might be hundreds of miles away.
With offices shrinking in size, there is no longer a need for onsite software to manage employees’ work. Plus, cloud computing offers much easier access to all employees, is less costly and does not require the same levels of maintenance that onsite software and hardware requires.
Of course, with this surge in cloud technology, companies must have plans in place to deal with a greater threat of cyber attacks, comply with data protection regulations and ascertain that their employees working remotely are abiding by the company’s policies and not engaging in illicit activities. This might entail, for example, revamping its cloud security technology.
Electronic Signatures & Identification Become More Prevalent
As a result of remote work, companies have had to embrace electronic signatures and identification to get their work done.
With business moving online and in-person meetings and transactions becoming less prevalent, the need for these types of technologies and services has become crucial to the future of the financial services sector.
Today, thanks to eIDAS, Know Your Client (KYC) and AML procedures can occur almost entirely online, allowing companies to streamline the process and spend more time getting to know their clients rather than pushing papers.
For instance, in an op-ed for Finance Magnates, Matthew Unger, the CEO of iComply Investor Services Inc., writes: “In order to maintain KYC for corporate accounts – traditional firms in the USA can spend as much as $30,000 USD per client account per year. In contrast, fintechs and major technology platforms such as Salesforce, Bloomberg LEI, and Apple’s App Store use digital KYC services to perform the same business functions for less than 5% of the cost per client, per year.”
In 2021, we can expect this technology’s features to improve, adding value to the process via the incorporation of artificial intelligence, expanded mobile capabilities, and the use of verified identities, among a host of others.
Economic Sanctions as Foreign Policy
Economic sanctions, as defined by the Council on Foreign Relations, are “the withdrawal of customary trade and financial relations for foreign- and security-policy purposes.”
These can “be comprehensive, prohibiting commercial activity with regard to an entire country, like the long-standing U.S. embargo of Cuba, or they may be targeted, blocking transactions by and with particular businesses, groups, or individuals.”
We can expect economic sanctions to continue to be used as foreign policy as we enter 2021.
For instance, the EU’s set of sanctions on Russia stemming from this country’s destabilization efforts in the Ukraine have been extended well into next year, hindering Russia’s access to European capital markets and preventing Russian financial institutions from receiving brokering and financial assistance in the region.
Likewise, amidst the Brexit mess, the UK will need to reconfigure its policies on dishing out economic sanctions now that they are no longer a part of the EU.
According to Stephenson Harwood LLP’s Rovine Chandrasekera and Charlotte Murphy, while the UK and EU are expected to “remain aligned on sanctions policies going forward, the UK will have the choice, should it so wish, to follow the US’s lead rather than the EU’s,” or “act independently, or ahead of, the US/EU.”
This policy shift and “potential divergence will make sanctions compliance even more challenging for businesses, particularly those which must comply with the sanctions of more than one jurisdiction.”
Are there any other trends you can think of that maybe we have left out?
Submit them as a comment and let’s start a conversation!
If you have any questions or comments, do not hesitate to reach us at info@agrc.org. We’d be happy to help.