• REGULATIONS & TECHNOLOGY
• Markets in Financial Instruments Directive (MiFID II)
• Alternative Investment Fund Managers Directive (AIFMD)
• Payments Card Industry Data Security Standards (PCI DSS)
• Information Security

The myriad of regulations address varied aspects of managing a business and its interface with clients and consumers. It is incumbent on compliance and risk managers to work closely with the legal organization to determine which regulations apply to the enterprise. Once this has been done, the compliance organization needs to plan for a program to discover, assess and identify the impact of the regulation on various parts of the enterprise and needs to work with senior executive management to find ways to use IT to ensure that the necessary compliance controls are in place and that automated control enforcement mechanisms are in place, to the extent possible

There are currently over 35 major regulations that have a significant impact on the IT organization of Retailers, Insurers, Banks and other firms and due to the need for the IT organizations of these institutions to comply with them, the need for the IT organization to support enterprise compliance, or both. Thus, regulatory compliance has become a critical element in IT decisions in the same way that e-business, client/server, ERP, service-oriented architecture (SOA), cloud computing and other major technological innovations have in recent years.

 Impact on Business Performance and Risk Management

It is important to note that most businesses have quality, security and reliability needs that go beyond the dictates of any single compliance regime or set of standard control objectives. Having a single source of data across risk and compliance is an important element in reducing cost, as well as to ensure consistency and quality of information and reuse across the organization.

 In many enterprises, operational risk data and compliance data are managed in cohesion with one another. Hence, risk management is linked to performance at the data management level, and the inclusion of risk management as an element of many regulations complements the emergence of enterprise risk management as a strategic business performance initiative.

Impact on Enterprise & Data Architectures

Over the last 10 years, as the number of regulatory compliance directives have increased, analysts have found that the discovery, analysis and remediation programs have had a significant impact on the Enterprise Technology Architectures and especially on the way data is extracted, transformed, stored, analysed and reported. For example, enterprises are having to balance privacy rules with counterterrorism rules that may give governments access to personal information, thus affecting enterprise architecture decisions on where personally identifiable information (PII) can be located geographically.

At SCS we recognize that navigating the complexity of a regulatory compliance directive and what the organization needs to do from an IT perspective, can be a daunting task. This is where we come in and bring the relevant experience and expertise to help our clients achieve the following:

a)    understand and assess the impact of a regulatory directive on their IT landscape

b)    plan and prepare for IT programs to address the gaps in meeting compliance requirements

c)    manage and support the program execution and implementation