As compliance processes become increasingly digitised, the risk profile of the business changes and business continuity plans are needed in the event of a digital meltdown. Compliance professionals need to up their technology capabilities, while at the same time further developing their own ‘human’ skills.
These were the topics discussed:
- As compliance processes move further towards digital solutions, the risk profile of the business changes as does the human capital it employs
- Business continuity plans are needed in the event of digital meltdown
- How learning and training can play its part in retraining for the compliance professionals of the future.
- How can we make sure the compliance team has the right skills to understand and implement digital compliance solutions?
- Outsourcing – loss of internal control
- The educational and experience profile of compliance professionals is changing quickly
- Technology brings sophisticated compliance solutions, but will it ever be able to replace human gut instinct and the sniff test?
- Cyber terrorism, hacking, data theft
A star-studded panel of forensic IT experts and compliance professionals joined the final panel of the Hubbis Compliance in Asian Wealth Management Forum on January 18 in Singapore. The discussion was digitally recorded into a computer and thereby became yet another digital footprint in the cyber universe.
Digital storage, data deletion and retrieval are all high on the agenda for forensic IT experts. “With new technological innovations the collection of data in some ways is becoming more difficult for us, for example, new laptops today with Windows 10 might have major encryption formatted, thereby making it more difficult, but still not impossible to retrieve data,” explained one expert. “Some of the smartphone apps have end-to-end encryption, but even there if we can get hold of the physical phone we can also retrieve deleted messages, with special forensic equipment. That surprises many people.”
Data to facilitate enforcement
“Data, pre-existing data, certainly from a UK perspective, is discoverable,” the same panellist added. “And the reality is that digitisation creates a new way for regulators to enforce, thereby providing a further challenge for the compliance function.”
Digitisation is certainly creating a much more robust audit trail for regulators. The next question is whether the human participation in the data and compliance arenas will be downsized, or possibly eliminated completely with a decade or more.
“A machine is a machine and only as good as the support and the technicians who actually maintain it,” opined one expert. “It is the same as with a car - if not properly maintained, no matter how sophisticated the car is, it will cease working, or not work as effectively as it should.”
Holistic approach required
“Talking directly about compliance and digitisation much depends on where the digitisation function resides within an organisation,” observed another panellist. “We often find that, in the event of a crisis, there is a gap from an organisational perspective as to whose concern it is and where the responsibility sits. Each organisation must structure the precise structures and processes and right people. And businesses should recognise that technology is a critical risk issue for the whole business, not just for some departments of it.”
Compliance professionals will, without doubt, require a different set of skills from those most prevalent in the past. They need advanced IT skills and the ability to absorb sophisticated technology concepts, as well as the ability to process the data generated by the increasingly complex and inclusive software.
Compliance professionals must adapt
Compliance risk is probably going to become more complicated because of a certain loss of control of the data process through outsourcing, as wealth firms will not have those skills and technologies in-house. Not only are they too costly but their in-house skills would rapidly become outdated if those professionals were not at the cutting edge of solutions for a wide variety of businesses.
One panellist commented: “We have to believe that human beings, whatever the extent of digitisation and the process, will still ultimately make the key decisions.”
Another panellist was not quite so convinced that compliance will not become entirely digitised. “We must distinguish between compliance and front office. Front office human interaction will remain important. But how many compliance officers have interacted directly with the clients? Hardly anyone. So, where is the value of having the human-human interaction in compliance? I believe one can automate a great amount of the compliance functions and processes.”
He added: “Look at what is happening in China, which is advancing remarkably with identification technology, following people throughout their social media, following them on the roads, even what they are saying on the phone. They are starting to monitor everything, and they will bring in social scoring. So, for example, if you don’t have the appropriate social score, sorry you are not going to be able to open a bank account. That is the future. We will not escape it. Computers will come up with the red flags.”
Another expert added a slightly less austere perspective. “There is indeed tremendous potential in automation, but I think, at the very least, in the beginning people will be required to set up the appropriate processes and to make the risk choices. There will more automation, but I do not see too bleak a future for humans in compliance, at least from where we stand right now.”
One forensic IT professional observed that computers will be best for humans in terms of predicting and monitoring transactions, or monitoring accounts. “At the moment it is the regulators who do not yet accept that assisted machine learning is making a better way forward than human capital. When that regulatory mindset changes, the floodgates will open.”
Another expert followed this line of argument, saying “Human beings must adapt, if we do not we will be extinct.”
Still room for human DNA
And yet another opinion came from a European expert. “Algorithms can also learn to adapt, but I think it will be some kind of tremendous computer power that will be needed to be as adaptive as we human beings are. Technology fails if it is in the hands of the machines.” In short, humans will always be required for key decisions.
Additional insight was given of the commercial perspective. “Let’s not forget at the end of the day the business pays the bills,” noted one panellist. “It is the business that pays for the automation, for the new world of digitisation, not vice versa.”
Does technology provide the largest corporations with an unfair competitive advantage, as it is only they that can afford the most sophisticated technology? One answer was ‘yes’, at least perhaps initially, but only for a brief time, before solutions are commoditised and become ever cheaper. Moreover, the followers will enjoy having many of the wrinkles ironed out by the first movers.
The final word went to a China watcher. “The state will drive much of the change in data collection and management. China, for example, is driving ahead to digitally map every citizen, every business. And if China does it, everybody and every business will have to do it as well.”