If compliance was really easy, what would that look like?
The old way involves ticking boxes to give the appearance of compliance. The new way is Compliance by Design, it involves linking each Regulatory obligation to a process activity to prove compliance.
Regulated businesses want to be compliant. What they don't want are lots of rules and exceptions that are disconnected from their day to day activities. They want a single rulebook for their business that is cross referenced to the processes they follow to deliver products and services to customers.
A list that identifies each Regulatory document that is in scope of an Investment Fund business with a URL link to the source. The RULES Index is organized by theme and cross references any post implementation updates.
Standard Operating Procedures
High quality standard operating procedures are logical process-flows followed to delivered products and services to customers. They include Governance, Management and Operations activities.
A library with each of your fund's Regulatory documents with clearly identified obligations. The library has a copy of each document with functionality to support an Impact Assessment including line by line linking to process activities.
Compliance Rules Matrix
A two-way report that shows all of the links between Regulatory obligations and Process activities. The report is two way, regulatory themes to process activities and business functions to regulatory obligations.
Compliance by Design
Regulatory requirements are complex. There are many thematic Regulatory documents with lots of detailed requirements.
Business is complex. Consistently delivering products and services to customers involves many functional components and attention to detail.
Resolving themes to functions requires a matrix with precision engineering.
Every Regulated Entity is unique. It has a combination of characteristics that defines the nature of the business and determines what Regulatory obligations are applicable to its operations.
The scale of Regulatory requirements and an increasing focus to enforcement is driving a shift to an enterprise-wide approach to Compliance.
Interpreting rules and deciding the actions required to be compliant should be completed once with a clear focus on the outcomes. An agnostic approach will promote wide re-use of the results of the analysis.
Operationalizing regulatory obligations involves the identification of activities that will be completed to ensure compliance. It requires precision engineering.
“Each Regulated Entity should review the regulatory obligations placed on it and should identify precisely under which managerial function each regulatory obligation falls”
Regulatory Guidance - Central Bank of Ireland