BearingPoint has published a report, “How To Create a Holistic Compliance Framework,” which details how companies need to better interconnect their processes and systems in order to meet ongoing compliance requirements.
The report takes the following stand on the compliance issue: “To establish a vibrant compliance culture within an organization, firms need to fundamentally shift their focus from measuring historic risk within individual business unit silos to monitoring and managing compliance risk across organizational boundaries,” the survey reports.
BearingPoint further asserts that traditional audit and examination techniques have been effective at detecting compliance issues within organizations, but to establish an effective compliance culture, however, firms need to establish a converged compliance framework that will alert management to areas of emerging risk. This framework needs to connect core compliance platforms to support prevention, detection and sanctioning of compliance infractions across the enterprise.
“There is no silver-bullet solution for companies trying to respond as quickly as possible to new regulations,” said Sean Culbert, a managing director with BearingPoint. “But, rather than spending a good deal of money and time replacing existing compliance systems, a converged, more comprehensive, holistic-type of framework can connect those systems and allow for quicker responses using document management, business process management, business rules engines, and business activity monitoring systems.”
Fortunately for a number of financial institutions, many of these technologies, which would make-up such holistic compliance frameworks, are already in place, Culbert said. Their task now is in inter-connecting the systems. He suggests that companies seeking to create a holistic compliance framework can follow a four-step approach.
The first step is to dimensionalize the compliance problem. BearingPoint describes this as identifying the data elements required to respond to an alert, alarm, or regulatory examination inquiry. Customers, market conditions, product mix, and other factors can contribute to the possibility of a compliance event.
The second step is to normalize the data. Understand where discrete data elements exist and how they intersect. Then, create a regular data model that provides a full, accurate view of data sources and systems.
Next, create a logical model: Map out the environment in terms of compliance workflow. Identify connectivity gaps between data resources that can be addressed by business process management, document management and other technologies to create a holistic process framework.
Lastly, create a physical model, which means that based on the logical model, develop the physical infrastructure required to support compliance. Create a converged dashboard that allows executives to monitor and respond to events across the compliance spectrum through a process-controlled, logical framework.