No two Compliance organizations are exactly alike, especially when it comes to their approach to supervision. There are however some common best practices in how leading firms structure their supervision model. Over the past decade, Hearsay’s Compliance Strategy lead, Iain Duke-Richardet, led compliance teams for some of the world’s largest financial services firms. I had a chance to sit down with Iain recently to talk through a few key areas where hours can be gained and lost for compliance teams.
William: Iain, we work with clients that prefer a centralized model of supervision as well as others that prefer decentralized. I know that you’ve worked with both over the course of your career. My question to you is… is there a correct set up?
Iain: How first and second line control functions are set up, or any setup for supervisory controls really, is dependent on how an organization is structured. What might be best for one is not necessarily going to be right for the other. I’ve actually seen instances where an organization has started with, for example, a decentralized model and moved to a centralized model for efficiency gains or simply because they’ve had supervisors leave an organization and therefore they’re restructuring. So, it really is incumbent upon the regulatory Supervisor to evaluate and implement what makes the most sense.
All firms—regardless of their model—can align on certain best practices to put themselves in the best position to succeed. For instance, they can all look to reduce the instances of data fragmentation. So if a supervisor’s looking at a profile and the profile has been archived in such a way as to make it very fragmented, that’s not really very straightforward or easy. Our approach is to actually crystallize all those changes into an easy to read and review format so that the process is seamless and there’s no pushback from whichever group is assigned that review.
William: In your experience, what’s been the main driver of efficiency for the compliance teams you’ve led?
Iain: I find the way financial services organizations have structured their compliance functions very interesting. Efficiency is always at the top of their priorities. In this space, there are two main drivers toward efficiency. One is the efficacy of the organization’s lexicon, and by that I mean, is the firm using the terms that most align with the behaviors they’re trying to prevent. This is relevant because including an overabundance of terms in the lexicon will mean that items that get flagged much more often than they need to be. You won’t end up getting to the type of behavior you want to identify to correct through the supervisory process, due to too many false positives.
The second component is around how the review is being performed. It’s important to align reviewers with different components of the review process, leveraging a hierarchy of some kind, so that there’s no duplication in the work that is being done but identification is still prioritized through the process.
William: Thanks. Finally, taking a step back, at the enterprise level there’s been this rise of centralized databases and business intelligence systems, but really these tools are only as valuable as their inputs. We like to say, “Garbage in equals garbage out.” So, as advisors and clients communicate on more channels than ever before, does the same hold true for compliance and supervision technology? How can firms be more confident about the quality of their input?
Iain Duke-Richardet: I think that’s a great point. The “garbage in, garbage out” absolutely holds true in the compliance and supervision space where, as advisors use more and more channels to communicate, there is a notion of channel hopping; an advisor might move from one channel to another very quickly. Sometimes it’s an effort to perhaps circumvent some of the control or it’s simply because that’s the form in which the customer would like to interact. Having clear data that’s properly time stamped with the right author attribution, as well as having any corresponding attachments like 3rd-party links, is the key to seeing context. Because, ultimately, as the supervision is being performed, the ability to see the context of a conversation or a communication, regardless of the channel in which it occurs, is going to be the way that advisors and supervisors of those advisors will be able to identify any behavior that is not ideal.
- Both centralized and decentralized supervision are valid options; supervisors must decide what makes the most sense for their organization.
- There are two main drivers of efficiency for supervision in financial services firms: efficacy of the lexicon and a prioritized review process
- The ability to see the context of a conversation or a communication, regardless of the channel in which it occurs, is the way supervisors can identify risky behavior
Properly managing compliance includes regularly assessing compliance strategy, tuning of policies & procedures, and evaluating technology. Our experts at Hearsay are ready to help. Learn more about our Hearsay Compliance Advisory Services and how we can offer compliance insights, analytics, and training to meet your program needs.