1. 18 Jan 2016
4 best practices to help you
avoid regulatory fines
Posted on 20 May 2015 by Sunay Shah in Transactions and processes, Financial
technology, HighQ Collaborate
Regulatory reporting
Regulatory pressure across the financial services industry is increasing. Fragmented internal
communication and control has resulted in big fines for institutions, with one recent high-
profile example being UBS, which has been forced to pay $3 billion in fines since the start of
the financial crisis for failing to comply with various banking regulations. Consequently, the
firm plans to employ up to 350 new staff to monitor regulatory compliance and avoid further
fines.
The case of UBS highlights the need for financial services institutions to focus more efforts
on compliance and regulatory reporting. In order to do this, they need to centralize
processes and communication with regulators around the world to ensure consistency of
reporting, and control over how this information is compiled through workflow approval, and
how it is distributed and monitored to give control back to financial services firms on what is
sent and how.
In order to help them do this, here are a few best practices that will help financial services
firms to be more efficient and gain back control whether for Basel, SOX, Recovery and
Resolution Planning (RRP) or other regulatory reporting processes.
1. Automate processes and reduce operational risks
UBS is typical of many financial institutions which are hiring more and more people in
compliance and regulatory roles to meet the growing demands of oversight across the
financial markets. However, this is a resource-heavy, expensive way to manage regulatory
reporting and with the right tools, financial services firms can be smarter about how they
manage compliance.

2. It is possible to automate many elements of the regulatory reporting process, which not only
saves on time and resources of having to undertake these processes manually, but it can be
a much more reliable and consistent way to mitigate operational risks.
To streamline the process, financial services institutions should look to communicate within
a single platform that allows them to manage multiple regulatory reporting requirements.
This ensures that there are controls in place to manage the compilation, reporting and
monitoring of communication with regulators all in one platform, giving control back to
financial services institutions.
Implementing a rules-based engine, an automated review and approval process enables
smooth creation of documents such as CCAR reports. Compliance teams are able to
centrally control how information is collected from different teams internally, across
departments, with managed user permissioning to restrict errors. Document automation
tools provide firms with the ability to generate reports from this pre-approved information to
ensure consistent and compliant reports to the regulatory authorities, minimising human
error.
2. Store and share information in one secure space
Financial services firms will find it beneficial to centrally control how information is collected
and distributed, rather than gathering documents from several different repositories and
sharing them ad-hoc with regulators. It is helpful for firms to have their own portals, or data
rooms, where regulators can securely access, view and download documents and reports.
In this type of environment, the financial services firm will have the ability to control when
and where they share this information and who can see it, as well as being able to track
which regulators have viewed which documents and when.
It’s also important that there is visibility across teams as to the location of documentation
related to compliance and regulations, and that all this documentation remains in one place
and is easy to find, with an intuitive file structure that allows for quick access. This helps
avoid business continuity challenges including wasted time hunting in email inboxes when
team members depart their role. Having the relevant documents that are version controlled,
audited and time stamped and visibility of communication around the content in one place
throughout time is critical.
Essential processes can be managed through a secure online hub too, such as KYC
screening and AML (anti-money laundering) regulations. Firms can invite clients to provide
their information for these purposes in an automated fashion and in the knowledge that their
information and relevant documentation is being directly collected securely. Once this has
been received, internal teams are notified and can proceed to validate and use this
information as needed.
3. Enforce transparency with audit trails

3. Throughout the reporting process, it is vital to register key stages of communication,
approvals and to ensure that everything is consistent and nothing has been missed. This
includes documentation that assists with the preparation of any reports, which may be fully
available for reference by users that are granted access to them across the firm. This
includes supporting models, methodology and notations.
It’s vital to prevent inconsistencies; it’s easier to do this when all information is stored in one
system with auditing capabilities. All data, reports and information should be stored through
time, so that at any stage of the process audit trails can assist the audit and regulatory
review process. An auditable trail of uploaded documentation, version history and user
activity is crucial to automatically police the sharing of highly sensitive information without
relying on emails that can be forwarded on anywhere.
4. Facilitate controlled communication
It’s essential to centralise communication with regulators in one place, in order to keep a
historical record of all feedback and responses, but more importantly to maintain consistent
responses to specific questions. Use a controlled communications tool, such as a Q&A tool
or secure enterprise cloud, to ensure communications are monitored and best managed
between the relevant team and regulators.
A controlled communications tool allows financial services firms to ensure that the subject
matter expert is in place to answer a specific question posted by regulators and to ensue
that one authorized response is provided. This helps as having a centralised process for
collecting questions and providing answers means that there is no duplication or conflicting
answers which could lead to potential further probing and far worse, additional fines.
Communicating in this way allows for global coordination too, vital for financial services
organisations that operate across countries. Information needs to be consistent across all
jurisdictions even though certain regulations apply to different jurisdictions. There is a great
need for clear communication and visibility across the business and around the world.
Regulation is only increasing, centralising processes is key
to cultivating trust
Key to regulatory reporting is consistency, communication and secure transparency. It’s
important that financial services firms manage their regulatory reporting processes in one
centralised space which can be accessed by everyone across the organization, but maintain
permissioned access based on each user’s specific involvement. Ultimately, employing the
right tool to help manage the regulatory reporting process will improve communication
internally and with regulators. Furthermore, adopting strong tools to help will streamline
processes, increase consistency and ultimately help firms to comply with regulations without
the need to massively ramp up resources and risk human error.

4. As the demands of regulators increase, efficient processes, controls and secure
communication with both clients and regulators will be imperative to cultivating an open
dialogue and trust.
To find out more about how HighQ’s regulatory reporting solutions could help you, contact
us today.
Sunay Shah
HighQ Solutions