GDPR, AIFM, MiF II, AML/CFT... As a startup, business, or regulated company in the financial industry, you need to comply with a number of regulations – and you must also make sure that you keep your compliance up to date. The risks in the event of a breach are significant and can extend beyond financial and reputational concerns.
The reality is, the compliance process is not always easy. Whether you have a dedicated manager or not, anyone can miss an update or find that they are unable to adapt to it. Two experts in the field agreed to share their advice with us: Manon Anglade, France Country Manager at Leo RegTech, a software designed to streamline the compliance processes of companies regulated by the two French regulators, AMF and ACPR, and Carlos Gutiérrez, Compliance Officer at the asset management company Metori Capital.
Advice n°1: Surround yourself with people and keep up to date with regulatory news
This is undoubtedly the first step towards compliance: being aware of the latest regulations that have come into force and changes to existing standards. "There have been a lot of new regulations in recent years, especially since the 2008 economic crisis." says Manon Anglade who is currently working on an internal regulatory watch tool to integrate into their software.
To ensure complete regulatory monitoring, she recommends the support of a legal or compliance consulting firm, and to subscribe to their newsletters for relevant updates.
Carlos Gutiérrez, who works in a sector that is "closely scrutinised by regulators", adds that it can be valuable to "create a network of people working in the same field as us". It is by discussing with peers that one can be kept informed of changes in regulations. Joining a professional association or discussion group would be a "plus".
Advice n°2: Digitise processes (and leave Excel spreadsheets aside)
Among compliance managers or other roles in charge of this task within a company, many people "still work with very archaic models, such as Excel spreadsheets or Word documents," says Manon Anglade, who remembers being "very surprised" by this observation when she returned to France. "In the United States and the United Kingdom, we have had software for a few years now that allows us to centralise compliance, even if some of them are not always very intuitive... Before launching Leo to the French market, everything was scattered and decentralised: the RegTech market is still an emerging one."
This type of tool makes it possible to automate boring and repetitive tasks, to navigate easily and to keep a record at each step. Before opting for Leo, Carlos Gutiérrez remembers "the piles of printed files that needed scanning and filing." A merry mess that encouraged mistakes. "Having all the documents in one system allows for more rigour and certainty," he says, adding that he also greatly appreciates the "modular" side of the tool, which adapts to each evolving need of his business.
Advice n°3: Streamline internal communication
Another piece of advice distilled by Leo's Country Manager: "set up robust processes to work effectively as a team". She promotes the centralisation of various requests, the adoption of a notification system for the attention of colleagues, the use of a project management calendar to keep up with both tasks control and tasks progress, as well as delegating certain missions to these colleagues. "This back-and-forth between employees is essential," she says. Regulations affect everyone in the financial sector: the back office, the front office, the middle office..."
Good internal communication is indeed essential: "The advantage with Leo RegTech is that this task is made easier," notes Metori's Compliance Manager: "Two clicks, and all my employees are kept up to date with our latest updates. For their part, they only have to download the documents directly. This saves a considerable amount of time and strengthens the relationship of trust."
Advice n°4: Don't underestimate the business impact of poor compliance
For Metori Capital Management, which works with investors from all over the world, particularly from the United States and China, good compliance with international regulations is essential in serving the interests of its clients abroad.
Manon Anglade reminds us: "The regulator can impose very heavy sanctions, but the risk is not only financial. It is also reputational. A sanction does not reassure seasoned investors or partners. We have seen examples where asset managers have lost billions in assets under management due to poor compliance. So inevitably, the implications can be scary..."
Advice n°5: Don't wait for the compliance committees to take stock on the situation
"It's not uncommon to see managers waiting for the next compliance and internal control committee to check that everything is in order," says Manon Anglade. The problem is that this lack of consistent clarity will work against them. Ultimately, it is their responsibility that is at stake and they could find themselves being prohibited from being able to provide these services for several years..." It is therefore necessary to monitor "in real time" the regulatory updates of one's company, and to set up "a real culture of compliance".
"This is another advantage of digital tools," notes Manon. Not only do we centralise and optimise tasks, but we also make real-time monitoring a reality. There is a certain clarity that is beneficial for everyone. We know what has been done, and by whom.” Because regulators can ask to consult files "at almost any time" and would presumably be "more and more fond of reports", we understand the importance of such continuous traceability.