The 24th Annual ADM Investor Services Conference in Chicago earlier this month hosted a top-tier group of introducing brokers and FCMs. Our team at Ascent walked away with three key takeaways for compliance professionals that we share below.
Takeaway #1: Security Infrastructure Is Critical
Implementing and maintaining sophisticated cybersecurity infrastructure has been and continues to be one of the top priorities for compliance officers.
For financial firms facing a complex and ever-changing regulatory landscape, achieving operational excellence can only happen with the right digital infrastructure in place. Many of us already recognize this is true insofar as supplying our teams with appropriate tools to do their jobs is concerned.
But, implementing and maintaining sophisticated cybersecurity infrastructure has been and continues to be one of the top priorities for compliance officers, who face daily challenges as diverse as protecting client data privacy under evolving regulations, to defending against hackers and malware.
The need for financial firms to build strong cybersecurity infrastructure is immediate and pressing. In 2018, there were over 800 disclosed data breaches, according to the Privacy Rights Clearinghouse (PRC), including at least 44 banks and other financial services firms.
One major bank announced in 2018 that a single former employee attempted to steal and share account data on 1.5 million customers. But, the PRC list also reflects that small firms – your local CPA or financial advisory – also have significant vulnerability.
Email remains one of the most common threat vectors for financial companies.
Despite the ever-present potential for a rogue employee to cause firm-wide harm, lowly email remains one of the most common threat vectors for financial companies.
This is because every employee and email account in your firm represents a point of human vulnerability. Spam filters and malware screeners can eliminate threats when properly installed and updated, but it takes only a moment of inattention or carelessness for human beings to mistake a cleverly-disguised phishing email for a real one.
Fraudsters continue to hone the sophistication of these attacks, leveraging insights into workplace psychology to convince unwary, tired, stressed-out workers to open an infected document or click on a seemingly-innocent link.
Takeaway #2: Volatility is Here to Stay, So Trusting Your Relationships Is Key
You must also ensure your firm builds that trust by responding to customer needs with honesty and a sense of purpose.
If there is one trait that defined the financial markets in 2018, it was the unprecedented levels of volatility. Beta-elevating events seemed to come from every corner last year without warning. It began to sink in for compliance professionals and C-Suite executives that risk factors of every stripe – political, climate, regulatory, cyber, mass media, and on and on – have a compounding effect that isn’t going away.
Volatility is the “new normal” in the financial industry.
This evolution presents a challenge, obviously. Firms need to be more nimble in navigating swings in market sentiment, key rates, and (potentially) liquidity, but how? One suggestion that resonated, simplistic as it may sound on the surface, was for firms to place renewed emphasis on building business relationships they trust with partners who have integrity and a track record of excellence.
The corollary to that insight is equally important: you must also ensure your firm builds that trust by responding to customer needs with honesty and a sense of purpose. As Tom Kadlec, President of ADM Investor Services, Inc. said:
“If you’re not adding value, your business is in jeopardy. Ask yourself, why should my customer work with me versus the other guy?”
This may sound like generic advice, but step back and consider its importance in a time of extreme volatility. When the markets seem to be going haywire, is there anything more reassuring than knowing the firms you team with have your back, and will make decisions that aren’t just smart or clever, but are also the right thing to do for your business relationship?
Takeaway #3: Take a Lesson From Doomsday Preppers
The speech you hear at the beginning of every commercial flight contains the same few pieces of advice. Mask, oxygen, help yourself first, look for the closest exit now, etc. That speech is so rote, you wonder why airlines still repeat it. Here’s why: experts say that taking a just few seconds to think through what you might do in an emergency, like your plane making a landing on water, increases your chances of survival dramatically. Having a plan for the worst case scenario can save your life.
There is nothing more risky or ill-advised than assuming you can adjust your compliance program on the fly to adapt to the world going sideways.
As we learned at ADMIS, the same mindset can also not just save your firm, but allow it to thrive. In this, scenario planning is key. Develop a number of “what if” scenarios, brainstorming how they would play out across your business and the industry, and coming up with a template for how your firm will respond. Scenario planning can be especially helpful for compliance officers. After all, there is nothing more risky or ill-advised than assuming you can adjust your compliance program on the fly to adapt to the world going sideways.
Your goal as a financial firm should be to have visualized your potential scenarios. How your plan dictates you should react may not end up being the perfect strategy if the time ever comes to implement it. But, that’s ok. The important thing is not to get caught flat-footed, trying to plot a course through a crisis or unexpected situation by the seat of your pants.
By having a plan, your firm will not only be prepared to protect against negative outcomes, it will be a step ahead in pursuing positive ones, because you will have built proper controls that can accelerate your firm’s path to revenue while everyone else is still figuring out what to do next.
Ascent helps customers automate and manage their compliance programs through a simple-to-use, cloud-based platform powered by Regulation AI. We help you reduce risk, control costs, and achieve total confidence in your compliance program.