Changing Times – Five Compliance Cornerstones for 2020
Compliance is complicated. New communications channels, outdated technologies, and shifting regulatory focus challenge compliance programs. Pundits predict increasing twists and turns on the regulatory landscape in 2020. To mitigate risk, fines, and other damages, you need to keep these five compliance cornerstones top of mind throughout the year:
- Think beyond explicit regulatory requirements. Financial services ﬁrms have long been subject to regulatory requirements, such as FINRA 3110 and SEC Rule 17a-4. These ﬁrms have been traditional leaders in adopting technologies to ensure compliance. Yet, organizations in government, healthcare, energy, and other markets are also subject to regulatory obligations. Beyond traditional compliance requirements, increasing demands for more effective governance and e-discovery along with the imperative to better leverage IT resources and cut costs drive many firms to adopt or enhance compliance programs. Comparably, growing needs to capture analytic advantages from multiple sources of insight are also starting to drive organizations across a wide range of industries to adopt sound compliance strategies.
- Leverage a cloud archiving platform. Cost, deployment speed, and other advantages of cloud solutions compared to on-premises applications are clear and compelling. Firms are steadily shifting away from legacy on-premises compliance tools. Bringing home this point, a 2019 Forrester analysis notes that 63% of decision-makers reported that their firms had implemented or were expanding their use of SaaS for archiving. We see adoption for cloud-based compliance solutions continuing to surge in 2020 and beyond along with a steady decline of on-premises deployments. Cloud has won. Yet cloud-based compliance platforms are far from all the same. A new wave of cloud native solutions is rapidly gaining traction with compelling capabilities and multi-cloud functionality across different geographies to better address data protection and privacy laws, including GDPR, with in-region storage and processing.
- Keep up - the scope of data will keep fundamentally changing for compliance and risk mitigation. Email has long been a key focus for compliance and e-discovery. Today’s communications, however, are far from homogeneous. For internal collaboration, customer communications, and partner exchanges, organizations use an extensive and growing variety of tools like Microsoft Teams, Slack, and messaging apps designed for use on mobile devices. While firms are keen to capture improved customer experiences, innovation advances, and other benefits from a this expanding set of social platforms and communication channels, many organizations are still in “catch up mode” in setting and enforcing compliance policies. Noncompliance risks can be significant. Re-enforcing this theme, in recent guidance FINRA reminds us that, beyond email, firms must adhere to preservation, supervision, and other regulatory obligations across all organization-permitted collaboration applications. Email is important, but lack of focus on other communications is a recipe for failure.
- The right cloud archiving platform matters – pick your vendor carefully. The marketplace for compliance solutions has been undergoing a transformation. As firms shift from legacy on-premises applications to cloud-based solutions, organizations report that some providers fall flat and that they struggle with lack of flexibility and a broad array of obstacles. To avoid these shortfalls, organizations should evaluate cloud content platform solutions in terms of their ability to:
o Consume and preserve native properties across communications and content types
o Incorporate modular design and architecture
o Ensure high performance and global scalability
o Enable usage across diverse cloud platforms
o Embrace cloud infrastructure standards
o Incorporate data security and privacy by design and default
o Foster openness and extensibility
Evaluating these requirements can be a complex exercise, partly complicated by vendor marketing hype. Wellington Consulting recently completed a buyer’s guide to assist in navigating this complexity.
Look to leverage analytics, AI, or machine learning. Compliance solutions help organizations with communications supervision, e-discovery, and other risk mitigation needs. Some of these systems also, however, hold strong potential for additional business value – especially given the extensive set of communications that they manage. Firms are finding that other systems, such as “big data” or “data lake” applications, can be enhanced with this deep pool of communications and rich collaborative data. Incorporating this extensive data set of extracted insights into relevant systems can greatly advance your customer data mining, advanced analytics, and other programs, yielding potential for increased revenue, lower costs, improved competitive advantage, and stronger customer retention. Over the next 12-24 months, we’re expecting that these capabilities will provide an expanding foundation for compliance professionals to work with other internal functional teams to unlock business value by surfacing new patterns and trends.
Complexity and ongoing changes can complicate compliance programs. As our market shifts, we encourage you to focus on the five key cornerstones noted above. Analyst reports such as Gartner’s Magic Quadrant for Enterprise Information Archiving 2019 can provide additional perspective in the evolving compliance market and in vendor selection. We look forward to ongoing dialog with you throughout the year.
Share this post!
Archiving and Compliance Blog
Our Blog explores the news, trends and best practices in electronic recordkeeping. It’s about managing and getting value from your electronic communications data. It’s about satisfying legal and regulatory obligations. It’s all about turning compliance liability into business insight.