Are your third parties operationally resilient? Key considerations for UK firms

On July 21, 2022, the UK’s Bank of England (BoE), in partnership with the Financial Conduct Authority (FCA), published DP3/22 – Operational resilience: Critical third parties for the UK financial sector. The Discussion Paper notes that financial institutions “increasingly rely upon third-party services to support their operations”. These third parties offer myriad benefits, not least… Continue reading Are your third parties operationally resilient? Key considerations for UK firms

Enforcing from within: Morgan Stanley proactively tackles compliant communications

As a result of 2022 enforcement action from the Securities and Exchange Commission (SEC), which saw Morgan Stanley pay $200m in regulatory fines for longstanding failures to “maintain and preserve electronic communications”, the firm has taken steps to call out those that were involved in the activity and issue them with monetary fines. These fines,… Continue reading Enforcing from within: Morgan Stanley proactively tackles compliant communications

5 key messages from FINRA’s 2022 Report

As we settle in to 2023, FINRA has published its 2022 Report on FINRA’s Examination and Risk Monitoring Program. FINRA’s report provides firms with a foundation of focus for the year ahead, drawing on common issues identified during FINRA exams and providing outlines for what “effective practices” may look like. While comprehensive, the entirety of… Continue reading 5 key messages from FINRA’s 2022 Report

Illicit comms: not just a few bad actors

Not all communication channels are created equal, especially when it comes to compliance. While many channels (take email, for example) have longstanding and established compliance frameworks, newer channels have yet to receive the same treatment, leading a rise in illicit comms. The problem with compliant communications lies at the intersection of time and innovation: new… Continue reading Illicit comms: not just a few bad actors

For data center owners and operators, it ain’t easy being green

It certainly ain’t easy being green, especially if you’re a data center owner or operator. Data centers are among the most energy-intensive facilities. According to the U.S. Department of Energy, data centers consume 10 to 50 times the energy per floor space of a typical commercial office building. Collectively, it is estimated that U.S data centers… Continue reading For data center owners and operators, it ain’t easy being green

DOJ’s CCO Certification Requirement: raising the stakes for CCO liability

It’s not easy being a Chief Compliance Officer (CCO). There are few roles where, if something goes wrong, your legacy could be plastered over regulatory websites and the wider media. Even where the wrongdoing wasn’t the fault of the CCO – as is so often the case – eyes will turn to where the buck… Continue reading DOJ’s CCO Certification Requirement: raising the stakes for CCO liability

SEC Marketing Rule: compliance and confusion

On November 4, 2022, the Securities and Exchange Commission’s (SEC) Marketing Rule came into force after an 18-month transition period. For many, these 18 months had posed more questions than they did answers, and firms entered the new ‘in-force’ period in a state of confusion rather than empowered compliance. To add fuel to the fire,… Continue reading SEC Marketing Rule: compliance and confusion

SEC brings recordkeeping into the 21st century with Rule 17a-4 amendments

Think back to 1997, if you can. Did you have a mobile phone? What did your computer look like? Do you still remember your dial up tone to connect to the internet? Although many of us would not like to admit it, 1997 was a long time ago. Which is why it’s surprising that one… Continue reading SEC brings recordkeeping into the 21st century with Rule 17a-4 amendments

New Year, New SRO: Canada’s new single self-regulatory organization

The New Year isn’t only a time for resolutions, in Canada’s case it’s also a time for new regulation as the country moves to welcome the New Self-Regulatory Organization of Canada (New SRO) and a new Canadian Investor Protection Fund (New IPF). These “key milestones” come into effect on January 1, 2023 after years of… Continue reading New Year, New SRO: Canada’s new single self-regulatory organization

Helpful lessons from TSB’s £48 operational resilience fine

In brief – The FCA and PRA have issued almost £50 million in fines against TSB Bank for operational resilience and governance failures – In 2018, TSB migrated 1.3 billion customer records but suffered mass, sustained outages – The UK regulators found that these outages could have been avoided if TSB had paid closer attention… Continue reading Helpful lessons from TSB’s £48 operational resilience fine