Offloading Compliance Responsibilities to a Vendor Still a Dream
Panelists at the Chicago Trading and Technology Summit discuss the possibility of large, public cloud providers taking some compliance pressures off firms.
It's a chief compliance officers' dream come true.
The CCO outsources some of his or her compliance requirements to a cloud provider to alleviate some of the stress and pressure that comes with constant regulations. The responsibility ─ and potential penalties ─ all fall on the vendor, not the firm.
While that scenario is hopeful, it's also problematic. Can firms just sign a service level agreement (SLA) and not have to worry about a compliance requirement again?
That was a question brought up by a panel at the Chicago Trading and Technology Summit 2015 as industry experts discussed how to leverage technology innovation to manage regulation and compliance.
"Can you offload something to a cloud provider to no longer make it your responsibility, or does that just complicate matters altogether?" a member of the crowd asked the panelists.
Not the Case
While it might be nice for banks to lessen their compliance demands, the end responsibility still falls on the firm and its compliance department, according to Petar Kostur, a chief compliance officer at Chicago-based Fifth Third Bank.
Kostur said his firm does utilize outside service providers, but the bank is still responsible if anything goes wrong.
"At the end of the day, the CFTC is not going to be like, ‘Oh, I didn't realize such-and-such vendor screwed this up. You're off the hook,'" Kostur said. "They're going to be like, ‘Well, you didn't have to use them. You can't do whatever you want.' Therefore, it ends up in my pocket."
SLAs
The same attendee then asked if an SLA could be constructed in a way that would change things. What if large firms like Google or Amazon said they would be willing to step up to the plate and take those requirements off the banks' hands?
Justin Slaughter, chief policy advisor and special counsel to the office of commissioner Sharon Bowen of the CFTC, said neither of those companies has reached out to him about that possibility, although he said it would make for a fascinating meeting.
Slaughter said he wasn't aware of those tech companies even looking into creating any type of all-encompassing SLAs, but he would be intrigued by it. However, as powerful as the cloud is, Slaughter said firms should still be hesitant.
"At a time of heightened cyber risk, I do have to worry about that too," Slaughter said. "The very benefit of tech is you substantially improve trading and compliance. You also are at risk. ... Electronically, damn near anything can happen."
Marc Merrill, CCO of E.ON Global Commodities' North America-based operations, cited a recent case in which the CFTC fined a bank that was having problems with its vendor for a reporting violation. Despite the firm trying to work with its vendor, Merrill said, the vendor was continuing to submit incorrect information to the CFTC.
It's those situations that exhibit why it still comes down to firm's compliance departments at the end of the day, said Kostur.
"If the CFTC came to us and said, ‘Well, we want these voice recordings for this issue,' and the outside service provider we used said they lost it, what do I do? Besides cry," Kostur said.
The Bottom Line
- Firms' compliance departments cannot rely on vendors to take complete responsibility for compliance requirements.
- While large cloud providers offer plenty of power and cost-saving opportunities, they can't totally erase firms' compliance responsibilities.
- Firms need to understand that they are still responsible for remaining compliant, even if there is a problem with their vendor.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
More on Regulation
DSB says industry is ready to meet UPI mandate ahead of deadline
The Unique Product Identifier will be required for certain OTC derivatives in the EU at the end of April, following US adoption in January.
‘Very careful thought’: T+1 will introduce costs, complexities for ETF traders
When the US moves to T+1 at the end of May 2024, firms trading ETFs will need to automate their workflows as much as possible to avoid "settlement misalignment" and additional costs.
Court case probes open-source licenses as movement stands at crossroads
The Software Freedom Conservancy’s lawsuit against TV-maker Vizio begins trial in California, raising questions about open-source licenses and the risks posed by adhering to them.
Waters Wavelength Podcast: Countdown to T+1
DTCC’s Val Wotton joins the podcast this week to discuss the impending move to T+1 in the US.
Consolidated tape hopefuls gear up for uncertain tender process
The bond tapes in the UK and EU are on track to be authorized in 2025. Prospective bidders for the role of provider must choose where to focus their efforts in anticipation of more regulatory clarity on the tender process.
Fighting FAIRR: Inside the bill aiming to keep AI and algos honest
The Financial Artificial Intelligence Risk Reduction Act seeks to fix a market abuse loophole by declaring that AI algorithms do not have brains.
Waters Wrap: The rise of AI washing… and regulation washing?
The SEC recently levied fines against two investment advisors over “AI washing”. Anthony takes issue with the announcement.
Prepare now for the inevitable: T+1 isn’t just a US challenge
The DTCC’s Val Wotton believes that firms around the globe should view North America’s move to T+1 as an opportunity—because it’s inevitable.
Most read
- Sell-Side Technology Awards 2024: All the winners
- Deutsche Börse democratizes data with Marketplace offering
- Sell-Side Technology Awards 2024: Best sell-side front-office platform—Bloomberg