Corporate compliance is not just compliance with rules. Today, RegTech compliance solutions are an important component of brand reputation and a key factor in corporate conduct: it’s up to organizations to choose the right solution for their business.
What is corporate compliance?
This is an important question, as compliance has become fundamental for most every company. In the financial field, regulatory compliance is defined as the adherence to certain standards, rules or requirements; in a more general sense, the term is used to indicate compliance by the company with internal regulations or specific legal provisions issued by one or more authorities.
In essence, compliance has to do with the set of rules and regulations that companies in any sector must comply with as part of doing business.
More important than even before
Being “in compliance” is essential because doing so has a direct impact on the business.
Despite attempts to simplify regulations in some areas, the number of provisions to be observed, legally, is constantly increasing. Here are just a few examples of such regulations in Italy:
- Legislative Decree no. 81/2008 concerning workplace safety;
- Legislative Decree no. 231/01 regulating the administrative liability of legal persons;
- Legislative Decree no. 196/03 for the protection of personal data.
In addition to national regulations, there are also European regulations at play.
Over a short period of time, several important regulations have come into force. This includes the Payment Security Directive 2 (the directive on the security of digital payments), GDPR (or regulation number 679/2016, which concerns data protection), and four directives on the circular economy, which substantially amended previous legislation on waste, packaging, batteries, electrical and electronic waste, landfills and end-of-life vehicles, and is scheduled to be implemented by 2020.
As you can see, the set of rules is broad and impact multiple aspects of a business. And in today’s world, where businesses are increasingly perceived as having human characteristics, such as a reputation, the concept of regulation is enriched with new meaning.
An example: compliance according to the bank of Italy
In this context, it may be useful to refer to what the Bank of Italy has written in the Supervisory Provisions on compliance: “Compliance with the rules and fairness in business are fundamental elements in the conduct of banking business, which, by its nature is based on trust.”
Although these Provisions were repealed on 1 July 2015 and specifically concern the banking sector, they express the dual nature of compliance. On one hand, it has the task of ensuring that the company’s internal procedures are adequate to prevent violation of external and self-imposed regulation in order to avoid “incurring sanctions, financial losses or damage to reputation,” according to the Bank of Italy.
On the other hand, the concept of compliance in the company is increasingly associated with honesty and ethics in terms of how it behaves when it comes to codes or principles of ethics of the sectors to which it belongs. This means that being “in compliance with the law” is not only a bureaucratic and formal matter, but it is an increasingly a point for positioning.
One could go so far as to say that compliance is becoming an additional criterion for brand reputation, which is usually composed of:
- The ability to attract and retain talented people and the quality of management;
- Social responsibility towards communities and the environment;
- The degree of innovation;
- The quality of products and services;
- The intelligent use of company resources;
- Financial soundness;
- The value of long-term investment.
This is all the more true the more when it comes to legislation related to issues of sustainability (think of pollution or environmental impact or even the sustainability of production in terms of employment policies).
Another advantage of perfect compliance
Having a good brand reputation is fundamental for every company, also because it is a potentially powerful lever to be activated on the market. The better the company’s reputation among consumers, the more likely they will be to buy the company’s products.
In this sense, developing an efficient and effective compliance system can prove strategic in obtaining an advantage over the competition. Obviously this is not the only reason: another factor to take into account is the savings that compliance can make possible. However, there are significant penalties for non compliance. This issue should not be underestimated, at least according to the data.
For example, one year after the approval of GDPR, the General Regulation on the Protection of Personal Data, the total sanctions imposed in Europe have reached €56 million for around 60 measures taken by the authorities against companies. Or think of the banking sector, which 2019 has proven to be an expensive year in terms of fines. Danske Bank risks, in fact, a fine of $8 billion (in 2018 the Danish bank was formally charged for a money laundering of €200 billion), while Goldman Sachs Singapore will probably have to pay up to $7.5 billion.
In Italy, the UniCredit group, together with a fine imposed by U.S. authorities for having carried out transactions with Iran, was requested to improve its sanctions compliance program, including the adoption of procedures to address specific vulnerabilities identified by the board.
From these few examples we can already conclude that good compliance is worthwhile because it avoids this expense, as well as additional costs associated with internal audit processes and dispute management.
How can you optimize your compliance?
Managing the many regulatory requirements and meeting deadlines is no easy task. Maintaining perfect regulatory compliance also implies a significant deployment of resources, both in terms of investment of time and manpower, which could also be used to carry out tasks productively more relevant. However, this does not constitute a justification and does not make the obligation to ensure compliance any less binding.
But how can this be done?
Fortunately, even in this case, digital transformation offers innovative solutions that companies can adopt to make internal processes more efficient and effective.
The reference here is to RegTech, a sub-sector of Fintech that combines technology and regulation, putting digital solutions at the service of regulatory compliance. Moreover, an interesting definition of RegTech is that it is the management of regulatory processes within the financial industry through technology. The main functions of RegTech include regulatory monitoring, reporting, and compliance.
In essence, RegTech exploits information technologies to improve regulation and internal compliance processes. On its own, RegTech will not be enough. In fact, there are many different technologies that offer specific services that impact different parts or processes of your business.
So you need to know the main areas of RegTech to choose the one or the combination of solutions that best suit the needs of your business.
Let’s look at five areas of RegTech.
1. Control everything: MonitorTech
Large companies have to manage a large amount of data about their customers and operations. For example, in the banking sector, each institution must check that every action is carried out in compliance with internal and external rules.
It is impossible, however, for this to be done by a single person. That’s why MonitorTech could be useful. MonitorTech allows you to map everything that happens within the company, especially in financial institutions, in real-time.
The software then stores them, tracking them and all the information that has emerged from the monitoring activity so that they can be monitored in case of violations.
2. A good relationship with supervisory authorities: ReportTech
A large part of the obligations and deadlines imposed on financial institutions concern communications that the same institutions must send to national and international supervisory authorities.
ReportTech allows you to manage these tasks, making it easy to create and send documents, to automation systems that simplify the creation of reports and ensure that they are sent within set deadlines.
3. In an increasingly open market: DataExchangeTech
New financial ecosystems are the trend. Think, for example, of Fintech and, in particular, the online payments model carried out by the recent Directive number 2366/2015 (PSD 2).
According to the directive, the digital payments sector must be opened up to new competitors. It is not by chance that this Directive introduces Authorized Third Parties who can perform the types of financial services previously reserved only for traditional banks.
This transformation should push all traditional credit institutions to collaborate. Since the entry into force of the Payment Security Directive 2, we’re now hearing about Open Banking and Open Financing.
The condition for achieving all this, of course, is data sharing between different market players, such as, for example, between banks and Fintech companies.
Also in this case, specific solutions are available that fall into the category of DataExchangeTech, a branch of RegTech which facilitates connection between different subjects, automating and making the exchange of data and documents faster and more secure.
4. Every day a regulation: LegalTech
Rules change and are constantly updated. As a result, obligations and deadlines are also renewed. To be stay on top of updates, companies pay consultants and law firms to make sure that their regulations and internal procedures are still up to date.
Also in this area, digital innovation offers interesting solutions that fall into the category of LegalTech, an area that aims to simplify the lives of businesses and citizens, reducing the costs of standardized legal services, for example, staying on top of the various regulatory changes in other countries.
5. If everything is in compliance: ComplyTech
Finally, RegTech, in the form of ComplyTech, is an ideal solution for verifying that your internal procedures are followed by customers and employees, making them easier to understand.
This can be done through automated communication and support systems that operators can turn to to find out what they are and aren’t allowed to do and in which situations.
As we have seen, there is not just one type of RegTech, but many, depending on the solutions provided and, above all, the needs to be met.
It’s not necessarily the case that everyone serves at the same time, but together they are able to make every organisation safer, more efficient and, therefore, more competitive.
For this reason, it is not surprising that the RegTech market is expanding: on closer inspection, there are many needs to be covered and the technology is not only beginning to provide appropriate solutions but places companies in a position to transform what were simple obligations into opportunities for development.