Kompany_Grey60.png
DE EN

Subscribe to kompany updates

DE EN

$160 billion in fines, $80 billion in compliance spending. A recipe for disaster?

By Julia Prkna compliance, data cleansing, remediation, verification, audit proof, data verification
shutterstock_11137144_CI_colors_v3-3

With recent record compliance fails and fines making headlines, and ever-increasing regulation, the subsequent rising costs of compliance have been widely reported. According to a study cited in the Cost of Compliance 2018 Reportii, regulatory divergence (costs, risks, impacts) costs financial institutions 5–10% of their annual turnover. 
A common concept of compliance management; the “Three Lines of Defense”, can be summarized as follows: 

  1. First line of defense: Operational Management  -  a system of internal policies, procedures and controls  
  2. Second line of defense:  Internal Monitoring and Oversight Functions  -  designated compliance function/ compliance officer  
  3. Third line of defense: Internal Audit  - an  assurance function, internal  auditor  function  

What role does data play in the scope of things? 
Another recent studyii cited institutions receive 37% of their data from third party sources. If every line of defense is essentially built on the validity of data, it is shocking to read in the same survey that 44% of those institutions have only initiated or do not have a data quality strategy  at all.   

Trust is Good Verification is Better  
Reliable master and reference data deserves a lot more attention than it receives in the headlines. What good does any failsafe procedure or oversight provide if the foundation has not been verified? How to build a master data strategy to protect against compliance risk?
 
Start with Audit-Proof Data:

Audit-proof company data combines the following requirements: 

  1. Primary source
  2. Time-stamped   
  3. Guaranteed data integrity   

Step 1, Primary-source data means that original information is received directly from the primary source without any third party interaction, such as a government register, financial authority register, etc.
Step 2, All primary-source data has to be time-stamped to be audit-proof, the date and time of when the data was requested is recorded to ensure transparency on the data freshness.
Step 3, To ensure the data integrity, all data and original documents need to be in the original state, with no changes or adaptions.    

 

https://legal.thomsonreuters.com/en/insights/articles/cost-of-compliance-2018-report-your-biggest-challenges-revealed
ii https://www.paxata.com/wp-content/uploads/paxata-sourcemedia-data-quality-infographic.pdf
SHARE THIS STORY | |

Follow Us

     
© 360kompany AG –Gußhausstraße 15/5, 1040 Vienna, Austria – Commercial Court Vienna FN 375714x. All rights reserved.