Sai Sireesh: Regulatory Compliance Trends Driven by Technology
Regulatory compliance is being driven in some instances by technology innovation. As an example over the years the records management and retention policies have evolved rapidly to keep pace with technology. I am sure you see similar interesting trends in your part of the world. Let me give a few cases that I know of, to start this conversation and hoping that you will provide inputs on what’s happening in your part of the world.
USA - The FRCP (Federal Rules of Civil Procedure) amendment in the USA brings the ESI (Electronically Stored Information ) under the purview of the legal discovery process. Many banks are undertaking projects to build an e-discovery process capability. The other examples of technology influencing regulatory reporting are SEC 17a-4 on broker dealer electronic communication and SEC XBRL (XML based reporting language) based 10k filing by June 2009.
UK - In London, the proactive super regulator FSA (Financial Services Authority) has updated & released several policies for retention – e.g. Records Management Policy and Standards (RMPS) for its own internal records management as well as external industry oriented policies. Examples include Consultation Paper 07/9 - Conduct of Business regime: non-MiFID deferred matters (including proposals for Telephone Recording) issued last year and eventually the actual Policy Statement 08/1 - Telephone Recording: recording of voice conversations and electronic communications policy. The deadline for 08/1 telephone recording policy was March 2009, so I am sure some of you are right in middle of implementation and reporting on compliance. This 08/1 policy requires financial firms in UK to reassess their voice and electronic messaging archival policies and infrastructure.
With focus on preventing, detecting market abuse as a key priority, FSA is particularly tightening the regulation to make good quality recordings of voice conversations and of electronic communications (taping) a key pillar of detection and deterrence of market abuse. This serves to standardize on a consistent approach to recording telephones and electronic communications as well retention schedules across the industry value chain.
Takeaway: Firms needs to review all existing voice and electronic messaging systems used in business and create document and records management policy to capture and manage business content to comply with regulations. Pardon me for a shameless pitch for Microsoft, but I do truly believe it – our Unified Communications approach of integrating everyday office tools, emails, live meetings, communicator, extranet blogs, etc. can really help accelerate the standardization of business content capture and management across different channels.
*******************************************
Sai Sireesh is Director of Risk Management & Compliance Strategy & Solutions, Worldwide Financial Services for the Microsoft Corporation. Mr. Sireesh has over 18 years of global experience across Risk and Compliance Consulting, Financial sector Strategy and blueprints execution. He has worked in North America, Australia, Singapore, Malaysia, Philippines, Thailand, Indonesia and India, is a regular contributor to the Journal of Regulation & Risk, and has authored several global research studies and articles.