Compliance Control Room: What Is It And Who Needs It?
One of Africa’s biggest banks need it, and soon enough so may you. Here’s why
“There’s a growing awareness in the financial services industry about the purpose and the need for a control room function as part of the larger compliance function. This growing awareness is being driven by increased regulation as well as increased complexity in the day-to-day operations of the institutions themselves.” So says the Head Of The Compliance Control Room at one of Africa’s leading banks. And this veteran compliance officer is putting her money where her mouth is; she’s currently leading an implementation of a brand new control room product for her bank.*
Control rooms are nothing new, but the way in which they’re being managed is, or certainly can be. Control rooms are part and parcel of any bank or financial institution that has a private side and a public side. The private side is where deals are done: mergers and acquisitions, equity offerings, debt offerings, and the like. The deals themselves are very complex, and generate a deluge of data that must be rigorously monitored.
It’s up to control rooms to do this monitoring. Control rooms act as a firm’s nerve center: the nexus through which deal related activity must pass to be organized, recorded, and analyzed. But the volume of this deal data is immense, and keeping track of who’s involved in what and who said what to whom can be overwhelming, with little room for error and a premium placed on clearing deals quickly. Yet for the amount of work they do, and the amount of pressure they operate under on a daily basis, control room teams are small: maybe just five or six people, directing the bank’s most important traffic.
These elite teams used to have to monitor this data deluge completely manually or semi-manually, at best relying on rudimentary combinations of spreadsheets and email chains to ensure conflicts are kept in check. Automated control-room software is changing all that. “Control rooms are intense environments,” says our control room veteran. “The work is fast-paced and there’s a lot to keep track of. Software can automate much of what previously could only be done manually, like data mining directly from spreadsheets, but it also keeps data organized and up to date. In this job, data can’t go stale.”
These already intense environments are just getting more intense, especially for the bigger financial institutions, which may offer a complex variety of financial services, like private banking, corporate banking, investment banking, asset management, or even a brokerage. But complexity can mean chaos. Chaos can mean lost deals, if they aren’t cleared quickly enough, and lost reputation, if conflicts result in regulatory action. Again, our veteran compliance officer: “Control room is a compliance function, the purpose of which is to manage the flow of sensitive corporate information in a multi-service financial institution, like ours. The more services you offer the greater chance for conflicts, and the more the need for a control room. You need to manage the flow of information in every respect.”
And it’s not just complexity that’s driving the need for a well-run control room, it’s also regulation. In many places around the world, Twin Peaks is now officially up and running. Twin Peaks is the trending regulatory model globally. It denotes a system with two primary regulators: a prudential conduct authority and a market conduct authority, with special emphasis placed on preventing market abuse and maintaining market integrity.
“Compliance has traditionally been more about anti-money laundering, terrorist financing, and consumer protection,” continues our expert. “The increased focus on market conduct means banks and other financial institutions need to beef up their controls around it. Control rooms fit squarely into this increased regulatory focus. And while Twin Peaks may have accelerated the trend somewhat, I think things were already heading in this direction, especially for the bigger institutions.”
Of course, big firms can operate both nationally and internationally, which means compliance leadership needs to consider not just domestic regulation but also foreign. Again, our control room veteran: “The more international business an institution has the more exposed it is to external regulation, especially if it has interests in the EU, where you’re seeing control room type legislation at it’s most mature. Where in the past it’s been left to the banks to figure out how to navigate this world, it’s going to become a lot more proscribed. And domestic regulators will look to international regulation as a guide.”
Reputational risk can also be a concern, which gets at perceptions of a financial institution beyond the business community. “Sometimes there are no conflicts of interest,” says our expert, “but you also have to think about managing how the firm is perceived overall. How would the person on the street view the activities we’re involved in? We think of this kind of risk from a control room perspective, as well.”
When it comes to planning and implementing a new control room platform, all the aforementioned challenges are likely common to other ambitious, sizable banks in an increasingly complex, competitive, and regulation-saturated global economy. Again, our expert: “Understanding the information we have in the bank is key to managing it, and you can’t do that from spreadsheets anymore. Capturing MNPI, no matter where it originates from, is critical. Data needs to be stored in a safe place. You need proper record keeping and audit trails. You need good report generation. The software has to be easy for front line people to use and tech teams to integrate with. This what we looked for in a control room product. The must haves.”
*(Full disclosure: StarCompliance is the vendor for our featured bank’s new control room product.)
>