Last week was a busy and interesting week on the financial institution conference circuit. In New York there was the Financial Information Management conference (FIMA); in Hollywood, Florida there was the 17th Annual Anti-Money Laundering Conference; and in Miami, Florida there was the SIFMA Annual Compliance and Legal Society Seminar.  Alacra had representatives at the FIMA and AML events and when we compared notes on Friday we noted the shifting and almost completely uncoordinated regulatory challenges being faced by financial institutions.

Fima2012At FIMA, there was continuous discussion of Dodd-Frank, the Office of Financial Research; progress being made on the Legal Entity Identifier (LEI) and firm-wide Enterprise Data Management (EDM) efforts.  At AML there were sessions that covered FCPA and UK Anti-Bribery Act; FATCA;Aml FinCEN’s advanced notice of proposed rulemaking on CDD; OFAC sanctions; PEP screening; and the FATF 40+9 recommendations.  Alacra did not attend the SIFMA seminar Sifma2012but a glance at the program shows sessions on “Fraudulent Investment Schemes – Detecting and Preventing;” “Compliance Issues for Support Functions;” “Dodd-Frank: Where We Are Now;” and “Compliance for Large Private Client Firms.”

Looking at the programs and our notes from these conferences, it reinforced our understanding of the following:

1) Financial regulatory bodies (both domestically and internationally) are extremely far away from devising a coherent regulatory framework for financial institutions to comply with.

2) Financial institutions want to comply at the lowest possible cost but the lack of coherence often forces them to comply in silos, thereby dramatically increasing costs and risks.

Given that this is the nature of the beast it seems that the questions that financial institutions should be asking themselves are:

1) What processes, procedures and workflow do we currently have in place that can be adapted to deal with some of the newer regulations?
2) Can our enterprise risk / reference data strategy, which is largely being driven to deal with operational risk issues, be expanded to meet regulatory requirements in the KYC, tax and corruptions arenas?

I’ll be following up this post with a couple of examples of what can be done and some conversations I’m having with practitioners in enterprise data management and regulatory compliance.