Compliance after Corona
Three major topics will move compliance departments in the financial industry after the pandemic:
- The tumultuous further digitization of infrastructures and processes
- The security issues that will inevitably accompany it
- The digitization of compliance tasks themselves
Digital infrastructure
Infrastructures were partially dissolved by the pandemic, or at least radically changed. The home office became the primary workplace for many, but an occasional one for almost everyone. And even in areas where it was previously rather unthinkable.
In addition to new technology (from laptops to zooms), this required and still requires above all new work concepts and processes. Let us be under no illusions, this process has been initiated, but it is still absolutely in the beginning. It will certainly take another three to five years to achieve the necessary level of maturity for routine work in the long term.
Digital security
The security problems arising from the new way of working are currently becoming more visible every day. A distinction must be made here between technical security, such as the reliability of network connections, and the adaptation of access options to standard applications that were previously only available at the workplace.
On the other hand, process security is a very, very big issue. Processes that are no longer organized in a consistent manner lead to increased work in recording processes with all the error-proneness that we know all too well from the past. This definitely increases costs, but can also lead to penalties, for example in the case of misdirected information, due to violations of data protection requirements. But much worse: become a reputational risk, the so-called headline risk.
And then there is the major risk of inadequate protection against criminal attacks. Certainly, the greatest risk of all. Criminals operate this business model in a highly professional manner. It is their main business purpose in this field. They don’t have to worry about pesky things like marketable products, satisfied customers, loyal employees, budgeting, etc. on the side. Only acquiring technical know-how and developing more and more new fraud, theft and extortion schemes is their focus. Therefore, in many cases, the criminals are vastly superior. Especially now that we have all been forced to act quickly, often improvising.
Digital regulation
This, in turn, will lead to a further increase in regulatory compliance requirements as the disruptive changes that have begun increase risks.
However, since neither the labor market nor budgets allow for a further, disproportionate expansion of the number of employees in compliance departments, the further digitization, i.e., automation of many tasks and processes will become imperative here. From reporting requirements to active monitoring of trading activities and payment processing.
Conclusion
The three megatrends mentioned here, which will not only but also hit compliance departments with great force, will inevitably lead to a high number of challenging development projects at the interface between business and IT requirements. In addition to specialist expertise, the need for project management skills will also be high here. Project managers, project leaders, business analysts and quality engineers do not grow on trees. Especially not with the skillset that is so important for the sensitive projects in compliance.
There will be a bottleneck in these resources. To avoid getting into the situation of not being able to implement important projects due to lack of early planning, in addition to the inevitable pandemic-related risks, it is certainly wise to start working now. Which requirements are the most urgent, which have the greatest bottlenecks? How can I make provisions here in good time. Banal requirements, but in the special post-Corona situation a special challenge. Be prepared for supply bottlenecks with your service providers. Know-how will become a scarce commodity similar to cement and wood in the construction industry.
