5 Rising Topics in the Compliance Industry | 2023
Vigilant Insights
Brief Introduction
In an increasingly dynamic regulatory environment, finding financial success for your Firm without also finding compliance success appears to be highly complex.
As the SEC continues to propose numerous rules and amendments, while also handing out millions in fines, it would be prudent for Firms to be aware of compliance trends in the industry. We discuss some of these rising compliance trends below.
5 Rising Compliance Topics in 2023
- Customer Privacy
- An increasing amount of customer data is being collected and stored.
- Failing to comply with data privacy regulations can cause significant regulatory burden for Firms.
- Data protection standards, such as the General Data Protection Regulation, are becoming industry standards.
- Third-Party Vendors
- The SEC has proposed rules that place the responsibility of monitoring Third Party Vendors on the Registered Investment Advisers (“RIAs”) and Broker Dealers that hire them.
- Third Party Vendors that may normally be outside the regulatory reach of the SEC or FINRA would still need to show compliance with securities regulations when working with Firms that provide such products.
- Ongoing Monitoring
- Compliance is becoming a significant investment for Firms.
- Firms are recognizing that they must move towards a culture of compliance.
- Cybersecurity
- Cybercrimes have intensified.
- Cybersecurity incidents can be extremely damaging not only to the bottom line of a company, but to its reputation as well.
- Ransomware, phishing attempts, and data breaches are some of the major cybersecurity events being seen.
- Management of Information Technology (“IT”)
- The supervision of IT is starting to fall under the level of senior leadership for Firms.
- The SEC proposed new requirements in March requiring increased disclosure related to cybersecurity.
5 Helpful Steps Toward Success
- Monitoring – Firms should create monitoring policies and procedures that provide evidence of proper due diligence when assessing the compliance of their Third Party Vendors.
- Vetting – When hiring Third Party Vendors, it is vital that Firms properly vet the Vendor and make it explicit in their contracts that regular monitoring of compliance is expected.
- Cybersecurity – Create strong cybersecurity measures including 2FA, software updates, frequent employee training, and proper network segmentation.
- Risk Assessments – Firms should frequently perform risk assessments related to cybersecurity and maintain accurate and transparent records of incidents that occur and the strategies used to mitigate emerging risks.
- Culture of Compliance – Creating a culture of compliance requires workable policies and procedures that are both supervised and implemented, along with ongoing training of new and seasoned employees.
Vigilant’s Conclusion
Finding compliance success is an ongoing process that relies on diligence and support for your team.
Looking for compliance weaknesses through Third Party evaluation or a Mock SEC Exam is a good first step to building a culture of compliance for your Firm.
Trained compliance professionals with both industry experience and deep industry insights can help create tailored policies and procedures that will help your Firm navigate an aggressive and dynamic regulatory environment.