Regulatory Changes at Record Levels

The pace of regulatory change is speeding up, with a record level of new and amended rules issued in 2011—and even more likely to come in 2012.

Last year, financial regulators around the globe initiated more than 14,000 regulatory events—everything from final rules to speeches indicating potential shifts in agencies' direction—according to a recent study from Thomson Reuters Governance, Risk & Compliance. That's an average of 60 changes per day to the rules and guidelines that companies need to follow. The U.S. accounted for 57 percent of regulatory activity; Britain and Europe, 22 percent; and Asia, 15 percent, the report notes.

Many of the rules, such as those from the Dodd-Frank Act here in the United States, are a consequence of the recent financial meltdown. “We're just beginning to wake up to some of the challenges resulting from the financial crisis,” says Alex Robson, chief editor of Thomson's State of Regulatory Reform 2012 report.

And if the sheer volume of rules didn't make compliance difficult enough, within many countries, multiple agencies issue regulations. Combined, the major regulators in the United States, Britain, Australia, and Hong Kong contributed only one-fifth of the total changes; other agencies accounted for the rest. Moreover, regulations on the same issue often differ from one country to another. As a result, compliance officers can't limit their focus just to the larger agencies or countries, Robson says.

In addition, trying to act in advance of new regulations (or changes to old ones) isn't easy when companies must wait for terms to be defined, comment periods completed, and final rules adopted. Only then can many companies begin to develop new policies.

Given that implementation often means reviewing the rules, training employees, and writing procedures, incorporating even a small regulatory change within most organizations takes at least a month, says Scott McCleskey, global head of financial services regulation with Thomson Reuters.

Monitoring and implementing changes in regulation requires an enormous amount of work that shows no sign of letting up. In fact, in the nearly two years since the passage of Dodd-Frank, only about 20 percent of the rules have been written; the rest are yet to come. “For end users, there's a scary amount of work ahead,” Robson says.

2012: Even Worse

Around the globe, compliance executives expect an even greater number of regulatory events in 2012. For starters, regulators in both the United States and Europe are focused on the over-the-counter derivative market, Robson says. This follows from a 2009 decision by leaders of the G-20 countries that by the end of 2012, all standardized OTC derivative contracts be traded on exchanges or electronic trading platforms, where appropriate, and cleared through central counter-parties.

Gary Gensler, chair of the Commodities Future Trading Commission, highlighted current areas of focus in a January 2012 speech. For instance, as of November 2012, futures commission merchants (FCMs) will no longer be able to offset one customer's collateral against another and send only the net to the clearinghouse. The Commission also completed reforms requiring FCMs and derivatives clearing organizations to segregate the customer collateral that supports cleared swaps. “For the first time, customer money must be protected individually all the way to the clearinghouse,” Gensler said.

Another agency with a lengthy to-do list this year is the new Consumer Financial Protection Bureau. Its January 2012 semi-annual report identifies several goals for the year. Among them: finishing rules defining lenders' obligations to assess borrowers' ability to repay mortgage loans, and proposing rules to implement provisions of Dodd-Frank that deal with mortgage origination and servicing practices.

“For end users, there's a scary amount of work ahead.”

—Alex Robson,

Editor-in-Chief,

Thomson Reuters

Changes Abroad

While compliance officers will have their hands full monitoring regulatory changes just within the United States, many will still need to track events abroad, McCleskey says. “It's important to have as wide a view as possible.” Even if a company's employees are all within the United States, its distributors may sell into other countries, obligating the company to comply with those countries' regulations, as well.

Regulators around the globe seem poised for an active 2012. Last June, the U.K. Treasury outlined its blueprint for financial reform, giving responsibility for financial stability to two new organizations within the Bank of England: the Financial Policy Committee and the Prudential Regulation Authority. Yet another new entity, the Financial Conduct Authority, gained responsibility for the conduct of business. Responsibility for the overall regulatory framework and protection of public finances remains with the Treasury and the Chancellor of the Exchequer. At this point, how the division between the Prudential Regulatory Authority and the Financial Conduct Authority will play out remains unclear, Robson says.

Also last year, the European Commission announced its goal for “stronger and more responsible banks in Europe.” To that end, it proposed that banks boost their capital holdings to better resist future shocks. The Commission also said it wanted to set up a governance framework giving supervisors new powers to monitor banks more closely and take action when they spot risks; for instance, they could reduce credit when it looks like a bubble is forming.

In the Middle East and Asia, organizations' regulatory efforts likely will be focused on implementation and compliance, the Thomson report notes. Issues of money laundering and terrorism finance remain top concerns.

At the same time, some countries are moving forward with a range of regulations. For instance, the Central Bank of Bahrain has indicated that it intends to adopt the Guiding Principles on Stress Testing and Liquidity issued by the Islamic Financial Services Board, according to the report.

In India, the Securities and Exchange Board of India, along with the Reserve Bank of India, are preparing guidelines to govern the investment of Indian stocks by qualified foreign investors.

WHO'S BUSIEST?

The following chart from Thomson Reuters' “State of Regulatory Reform 2012” shows activity by regulator over a 24-calendar month period:

The chart below from the Thomson Reuters report shows activity by region:

Source: Thomson Reuters.

Changes also are expected in Hong Kong, the report notes. For instance, the Hong Kong Monetary Authority and Hong Kong Exchanges and Clearing are expected to set up a trade repository and clearinghouse for OTC derivatives by the end of the year.

Coming up in South Korea is the April 2012 requirement that all listed companies have legally trained compliance officers. And, in Australia, an overhaul of the anti-bribery legislation in place is likely this year.

Even as rulemaking continues across the world, regulators face political pressure to refrain from issuing new regulations, particularly in the United States, Robson says. One example is President Obama's recess appointment of Richard Cordray to head the Consumer Financial Protection Bureau. Republicans have denounced the validity of that appointment.

“Under Dodd-Frank, new consumer protection powers can't be exercised by the CFPB until a Senate-confirmed director is in place. Not to be too cynical, but does a recess appointee legally meet the definition under the law of a confirmed director? I sense a second legal challenge brewing,” writes Sarah Binder, a senior fellow in governance studies at the Brookings Institute, a public policy think tank.

The increase in regulatory changes also creates more training and communication needs at companies and more verification processes. While compliance used to mean (at least in some cases) simply showing that an employee took a course or read a book, that's not always the case anymore, says Charles Coy, senior director of analyst and community relations with Cornerstone On Demand, a provider of talent management software. An organization now may need to show that an employee read a specific paragraph or Website section. “It's the digital equivalent of initialing every page,” he says. “You want a record of who was in the system at what time, and doing what.” Increasingly, that includes suppliers and distributors, as well as employees, Coy adds.

The growth both in regulations and in the need to track actions of individuals outside the company increasingly is rendering paper-based compliance systems inadequate. “After a while, it's too much of a liability, a risk-management issue,” Coy says.”

That's where technology comes in. “You have to move from dumb documents to smart data,” says Damien McGovern, founder and CEO of Compliance and Risks, a compliance solutions provider. For instance, you want to be able to view a regulation, and determine which provisions relate to different business activities, or click on a term and see its definition.

Also helpful are systems that automatically send alerts regarding pending or final changes to regulations that impact your firm, McCleskey says.

Going forward, many companies likely will make greater use of these tools. The alternatives, namely, paper-based systems and spreadsheets, are “like being asked to climb Mount Everest in flip-flops,” McGovern says.