Posts Tagged James Carney

“Just in Time” is Too Late for Efficient Compliance

The time to have the files ready for the regulators is before the regulators even schedule the review. Third-party gurus say it’s time to get your documentation ready for 2013.

Too many financial service firms take a “just in time” approach to compliance that creates needless stress and potentially worse regulatory outcomes.

Once they get word that the auditors are coming, it’s all hands on deck to review the manual and clean up the files as the clock ticks down.

While that’s better than nothing, Gary Davis at MarketCounsel insists that everything should run a lot smoother if you set up well in advance.

You can get his full discussion with our CEO James Carney HERE but I want to tease out a few of the key points.

Preparation is everything

By getting ready for an audit now — even before the appointment is on the calendar — a firm can allocate scarce resources far more efficiently.

If preparation is a year-round proposition, you can schedule staff time in increments instead of dropping everything when the SEC calls.

And if someone planned a vacation or has to go on unexpected medical leave, you don’t have to call them back into the office.

Besides, a more efficient process translates into better outcomes because the regulators want to see proof of active compliance around the calendar, Gary says.

If you’ve pulled the equivalent of an organizational all-night cram session to pull your files together, it will leave traces that they’re trained to recognize.

“If your complaint log is blank, does it mean you didn’t have any complaints or you didn’t document them?” he points out.

He recommends that firms test their logs at least semi-annually, which is going to be extremely difficult if you’re working toward that once-a-year deadline.

Likewise, all employee securities holdings need to be reviewed at least every 12 months, billing procedures should be tested frequently — maybe every cycle — and the compliance manual should be up to date every day.

Automation can go a long way toward checking off all the recurring boxes, freeing up your team to work on tightening procedure and training all operational personnel how to fill out their reports.

Farming out repetitive tasks to a computerized system also has the benefit of producing error-free and practically tamperproof documentation.

If no errors were found, the reports list exactly which data points were sampled, how they were tested and what criteria they passed to qualify as “clean.”

“I never like to give an examiner a blank form,” Gary points out. “It is important not to leave the examiner guessing.”

Properly engineered automated reports — pulling in data straight from the custodians or other sources — can answer all the questions in advance.

Were the reconciliation logs checked? Is execution truly the “best” available? And are these procedures being followed day to day, week to week, month to month?

Getting ahead of the calendar

If your compliance team is still in the habit of working toward the annual deadline, odds are good that they don’t relish the idea of prepping for next year’s audit right after this year’s examiner leaves.

They’re probably either exhausted or need to jump off right after the exam to clear up a backlog of other work.

However, the farther ahead of next year you can get, the easier the transition from just-in-time compliance to compliance every day will ultimately be.

Start with scheduling an operational review between formal audits to ensure that any findings from last year are being followed up on and that any new issues are resolved quickly.

This is more than a fire drill. It’s a chance to collect all the paperwork and think through all the angles in a relatively low-stress moment when your compliance team is rested and alert.

Document everything you learn here and keep it in your compliance folder.

The regulators will probably find favor with the fact that your firm made the effort to police itself and correct any problem areas that show up during the year.

Integrate the findings into the current version of your compliance and operations manuals as well.

Gary points out that the compliance manual should indicate what your staff needs to look out for and why they need to do it. The operations manual should lay out how they find and fix mistakes.

Once these are “living” documents updated on a rolling cycle — think wikipedia, only better controlled — your firm’s ability to react to business and regulatory shifts improves enormously.

And in this era of profound regulatory angst, that added flexibility can make the difference between success and stagnation.

“In today’s environment of heightened regulations, firms should create a ‘culture of compliance’ and run their business like they are preparing for an SEC exam each and every day,” Gary sums up.

An exam every day may seem like a recurring nightmare if you’re not prepared. But if you are, compliance becomes almost unconscious — and a lot less painful.

, , , , , ,

No Comments

Take Compliance Out of the Ivory Tower

Too many asset managers isolate their internal watchdogs from the day-to-day operations they need to observe first-hand. An integrated approach will impress the regulators and make the whole process run more smoothly.

Whether they recognize it or not, many asset management firms keep their compliance personnel from doing their jobs.

They don’t mean to hide anything from their people, but by keeping them at arm’s length, it boils down to the same thing.

Our CEO James Carney recently had an intensive discussion about this with Gary Davis, who heads the practice management team at MarketCounsel.

Gary argues that integrating compliance into the rest of your operation is the best way to satisfy regulators that you’re making sure all the rules are being followed.

You can get the executive summary of their conversation HERE.

Break through the silos

“I often hear firms discuss compliance and operations as two separate departments,” Gary says.

“But I feel you need to look at things more holistically and have a culture of compliance, especially with today’s heightened regulations.”

While the phrase “culture of compliance” can become glib corporate jargon in the Dodd Frank world, what Gary is talking about here is more a matter of tearing down the wall between compliance and everything else your firm does.

It’s actually a revolutionary concept and I’d like to spend this week and next spinning out exactly what it really means.

If compliance is something separate from the trading, research, client communications and reconciliation — just to name a few functions — then compliance will always be one step behind.

That’s the kind of mentality that forces your compliance officer into a reactive role, dealing with problems only after they’ve gotten too big to avoid noticing.

And besides, as Gary points out, treating compliance as an add-on task that follows all the “real” work only encourages your staff to treat their regulatory responsibilities as an afterthought.

They might flawlessly check off every task in the manual, but at best it will only be a question of routine, not second nature.

Having compliance personnel involved in the development and maintenance of operations manuals, trading workflow and even the creation of marketing materials ensures that the rules will remain in force as your firm evolves.

Otherwise, the compliance team has to clean up inadvertent conflicts after they’ve had a chance to become entrenched in the firm’s operational patterns — and retraining staff costs time, money and morale.

Bringing compliance in at the end also increases the likelihood that they’ll have to bounce finished work back for revisions or worse, be unable to weigh in before something goes out that would raise eyebrows at the SEC.

The reverse of normal practice

My feeling is that many firms drag their feet before getting compliance involved simply because compliance can such a source of anxiety if not outright dread.

Too often, compliance is cast in the role of the bad cop, the disciplinarian, the dentist.

It’s true that a compliance officer needs to be tough, but as with the dentist, too much fear means that appointments get delayed or skipped altogether, leaving potential problem areas to fester.

Gary Davis tells me that the compliance team’s job really boils down to making sure your firm is ready for a formal SEC audit at any time.

That means that unlike the bad cop or overly strict disciplinarian, they’re always on your side — provided of course that you and your people want to do the right thing.

Moreover, compliance staff will be the primary point of contact with the regulator if and when questions arise.

The SEC will want to see more than a record that shows that all required tests, meetings and reviews were conducted on schedule and that steps have been taken to resolve any problems that were detected.

“It is important not to leave the examiner guessing,” Gary explains.

“Many times when I ask a firm for their execution review documents, they show me a form that says they are using a certain custodian, have reviewed their reports and they continue to be a good custodian. This doesn’t tell the examiner anything.”

Letting your compliance officer sit in on the process helps him or her take the kind of notes the SEC actually needs on what was discussed, how decisions were made and how remediation plans were put together.

After all, trained compliance professionals know how the SEC thinks better than anyone else. That’s their job and their specialized expertise.

And if they can bring that expertise to bear on the way your firm documents its errors and the way it rectifies them, so much the better.

Gary flags trading, execution and complaint logging as areas where most asset managers would benefit from letting compliance out of the box and into the day-to-day workings of the firm.

He’s full of practical suggestions here and I suggest you download the report to see them.

How to turn your team loose

For me, I can’t help but note that the compliance team is almost always stretched extremely thin. They can’t be everywhere.

If you choose to imbed them into the operational side of things, they’re going to be even busier.

Naturally, the more you can automate the tasks that can be automated — trade reconciliation, execution review, model portfolio drift — the more time they’ll have to watch, record and weigh in on qualitative matters like communications, training and ethics.

I know for a fact that our technology can help with that and generate an error-free record to show the examiners as well.

Odds are good your clients will appreciate it, too, because after years of scandals, they’re no more willing than the SEC to countenance regulatory laxness.

So stop thinking of your compliance officers as forensic detectives trying to piece together problems after the fact.

Think of them as your canaries in the regulatory coal mine. If they get nervous, you have time to take measures.

But the compliance canaries can’t do their job if you don’t let them into that coal mine.

You Might Also Be Interested In:

Your Firm’s Technology Personality (blog post)

Portfolio Construction and the Impact of System Selection (blog post)

Three Steps to get Started Searching for a New System (blog post)

, , , , , ,

No Comments