“Just in Time” is Too Late for Efficient Compliance

The time to have the files ready for the regulators is before the regulators even schedule the review. Third-party gurus say it’s time to get your documentation ready for 2013.

Too many financial service firms take a “just in time” approach to compliance that creates needless stress and potentially worse regulatory outcomes.

Once they get word that the auditors are coming, it’s all hands on deck to review the manual and clean up the files as the clock ticks down.

While that’s better than nothing, Gary Davis at MarketCounsel insists that everything should run a lot smoother if you set up well in advance.

You can get his full discussion with our CEO James Carney HERE but I want to tease out a few of the key points.

Preparation is everything

By getting ready for an audit now — even before the appointment is on the calendar — a firm can allocate scarce resources far more efficiently.

If preparation is a year-round proposition, you can schedule staff time in increments instead of dropping everything when the SEC calls.

And if someone planned a vacation or has to go on unexpected medical leave, you don’t have to call them back into the office.

Besides, a more efficient process translates into better outcomes because the regulators want to see proof of active compliance around the calendar, Gary says.

If you’ve pulled the equivalent of an organizational all-night cram session to pull your files together, it will leave traces that they’re trained to recognize.

“If your complaint log is blank, does it mean you didn’t have any complaints or you didn’t document them?” he points out.

He recommends that firms test their logs at least semi-annually, which is going to be extremely difficult if you’re working toward that once-a-year deadline.

Likewise, all employee securities holdings need to be reviewed at least every 12 months, billing procedures should be tested frequently — maybe every cycle — and the compliance manual should be up to date every day.

Automation can go a long way toward checking off all the recurring boxes, freeing up your team to work on tightening procedure and training all operational personnel how to fill out their reports.

Farming out repetitive tasks to a computerized system also has the benefit of producing error-free and practically tamperproof documentation.

If no errors were found, the reports list exactly which data points were sampled, how they were tested and what criteria they passed to qualify as “clean.”

“I never like to give an examiner a blank form,” Gary points out. “It is important not to leave the examiner guessing.”

Properly engineered automated reports — pulling in data straight from the custodians or other sources — can answer all the questions in advance.

Were the reconciliation logs checked? Is execution truly the “best” available? And are these procedures being followed day to day, week to week, month to month?

Getting ahead of the calendar

If your compliance team is still in the habit of working toward the annual deadline, odds are good that they don’t relish the idea of prepping for next year’s audit right after this year’s examiner leaves.

They’re probably either exhausted or need to jump off right after the exam to clear up a backlog of other work.

However, the farther ahead of next year you can get, the easier the transition from just-in-time compliance to compliance every day will ultimately be.

Start with scheduling an operational review between formal audits to ensure that any findings from last year are being followed up on and that any new issues are resolved quickly.

This is more than a fire drill. It’s a chance to collect all the paperwork and think through all the angles in a relatively low-stress moment when your compliance team is rested and alert.

Document everything you learn here and keep it in your compliance folder.

The regulators will probably find favor with the fact that your firm made the effort to police itself and correct any problem areas that show up during the year.

Integrate the findings into the current version of your compliance and operations manuals as well.

Gary points out that the compliance manual should indicate what your staff needs to look out for and why they need to do it. The operations manual should lay out how they find and fix mistakes.

Once these are “living” documents updated on a rolling cycle — think wikipedia, only better controlled — your firm’s ability to react to business and regulatory shifts improves enormously.

And in this era of profound regulatory angst, that added flexibility can make the difference between success and stagnation.

“In today’s environment of heightened regulations, firms should create a ‘culture of compliance’ and run their business like they are preparing for an SEC exam each and every day,” Gary sums up.

An exam every day may seem like a recurring nightmare if you’re not prepared. But if you are, compliance becomes almost unconscious — and a lot less painful.

You Might Also Be Interested In...

The Best Way to Run Your Reconciliation Desk (Blog post by Mark Wickersham, Director of Product Management, ByAllAccounts)

Solving the Alt Investing Reporting Problem (Blog post by James Carney, CEO, ByAllAccounts)

Fast, Efficient Reconciliation (Complimentary Whitepaper)

comments powered by Disqus