Compliance

Compliant to what? What is mandatory and what is nice to have?

Regardless of location, a firm will find that it has to be compliant to local and in some cases global legislation. There is no maybe or partially, it’s black or white, you either are or are not compliant to regulations.

Failure of compliance can have very adverse affects; share price, share holder confidence, client confidence and financial penalties.

Firms must understand that regulations and legislation are mandatory, standards and methodologies are not. Being compliant to internal policies and standards might not necessarily mean that you are compliant to the external regulations. Ideally when a firm builds its internal policies, it has one eye on the regulatory requirements ensuring that the business and technology divisions don’t have unnecessary overheads when regulators come to call.

There are also other pitfalls that can befall firms when looking at compliance. It may be seen as a positive by obtaining compliance to a standard and using this to attract business, but should a firm loose this compliance, the impact can lead to potential loss of earnings and reputational damage.

Compliance cannot be watered down, a firm is or isn’t compliant to a regulation or policy. Controls to support compliance are either effective or ineffective there are no grey areas. Firms not only need strong policies to meet regulatory requirements, they must have in place the controls to meet the elements of those policies.

At Playbook Solutions we have worked with firms to map internal policies to regulatory requirements, mapped standards and methodologies to regulations and identified, documented and tested controls to meet those requirements.