Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

TACKLING THE COMPLIANCE COST SURGE WITH DATA VIRTUALISATION

By Iain Chidgey, VP and General Manager International at Delphix

Economic swings, digitisation, and cybercrime have collectively sparked significant regulatory reform across industries. Existing mandates like PCI, HIPAA, GLBA, and FISMA have gone through multiple revisions that increased non-compliance penalties and tightened enforcement. New and updated financial reporting directives including CCAR, the Dodd-Frank Act, EMIR, MiFID II, and Basel III have dramatically increased the burden and cost of compliance for banks across the globe.

In fact some of the leading banks have spent up to $4bn annually on compliance with a Thomson Reuters survey indicating that more than two-thirds of firms (68 percent) are expecting an increase in their compliance budget this year and 19 percent expecting to invest significantly more.

While the visible cost of compliance may seem to be the growing importance and size of compliance teams in IT, the real costs are far greater in magnitude and impact. In fact the direct cost of compliance, while significant, is dwarfed by the opportunity cost — having to forego other projects that drive revenues and improve margins.

Growing backlog of application projects

Iain Chidgey
Iain Chidgey

In many sectors, especially banking, software applications are a growing source of competitive differentiation. Not surprisingly, application development teams are overwhelmed by a growing backlog of project requests in the form of new application rollouts, customisations, upgrades, and integrations.

Compliance requirements only add to this backlog because applications have to be re-instrumented to keep pace with constantly evolving regulatory guidance. For example, many banks are overhauling applications and building out compliance data repositories to meet swap transaction data recordkeeping and reporting requirements of the Dodd-Frank Act. Moreover, compliance-driven projects often have to be prioritised over other projects that could have a clear and present impact on revenues and core business processes.

Redirection of operational IT resources

Regulations also introduce extensive reporting requirements to facilitate audits and validate compliance. Delivering on these requirements generally involves a three-phase lifecycle, spanning data collection, modelling, and reporting. But data management challenges are a major bottleneck at every stage. During the collection phase, source data availability and access are major constraints. In the modelling and reporting phases, multiple copies of source systems are needed to parallelise reporting work streams.

Across regulations, the cost of creating and maintaining reporting environments is overwhelming. Frequent refreshes of data in reporting systems tax the data sources, the network, and the reporting environments themselves. The recent wave of stress test laws like C-CAR, EMIR, and MiFID have brought these challenges to the forefront in the banking sector, and the net impact has been a redirection of already limited IT operational resources from production support and other important projects to compliance initiatives.

Barriers to IT transformation

Rising regulatory pressure and the resulting mismatch between IT resource supply and demand are driving interest in projects that can fundamentally transform IT agility, cost efficiency, and utilisation. Among traditional industries, the financial sector leads the way when it comes to cloud adoption, application portfolio rationalisation, offshoring, and outsourcing.

Ironically, regulatory compliance creates as many barricades around transformational projects as it provides impetus to execute them. Current data archival solutions fall short of required recovery service level agreements (SLAs), putting organisations at risk of audit failure if legacy applications are retired. Banking applications also contain widespread sensitive data that is only harder to protect in the cloud or in offshore and outsourced staffing models that fundamentally reduce control and visibility. Invariably, these projects and their potential return are blocked by security – and governance -related objections.

Compliance without compromise

The rising cost of regulatory compliance is untenable, given the inevitable, growing pace of regulatory reform. The direct cost of compliance, while significant, is dwarfed by the opportunity cost of forgoing other projects that can drive revenues and improve margins. The response across industries has been far too reactive. Point solutions, implemented for the most specific of regulatory requirements, have led to an amalgamation of compliance tools with limited impact and numerous secondary costs.

The problem must be tackled at a more fundamental level and the reality is that the data supply chain for compliance and governance is broken. Data is siloed across multiple formats (files, databases, big data, etc.) and locations (on-premises, private clouds, public clouds), without consistency or control. As a result, as data moves and changes, it gets harder to track, manage, and govern. It is time to tackle the problem at its core — at the data layer.

Technologies that virtualise data at its point of generation offer an opportunity to reverse the compliance dilemma. Virtualising data at its source eliminates compliance-driven project backlogs, operational resource redirection, as well as barriers to IT transformation.