Expert insight on regulatory change management

Regulatory change management is notoriously difficult for financial service providers — especially in Australia, where regulations are particularly strict and numerous. With at least seven top regulators to watch, including the Australian Securities and Investment Commission (ASIC), AUSTRAC and the Office of the Australian Information Commissioner (OAIC), each releasing dozens of regulatory changes and notices per week, financial firms face significant challenges.

Fortunately, according to Andrew Tait, Co-Founder and Managing Director at MIntegrity, these challenges can be overcome. All it takes is a solid understanding of regulatory change management, what it means and the technology that makes this process possible.

‘What does regulatory change management mean?’

The term regulatory change management is broadly defined, encompassing many tools, processes and solutions. To best understand the concept and how to leverage it, Tait breaks it down into two constituent parts: regulatory change and change management.

Regulatory change

‘At a very basic level,’ says Tait, ‘regulatory change applies to every Australian Financial Services or Australian Credit Licence holder.’ There’s an expansive universe of organisations affected by regulatory change, including those that offer financial product advice, deal in a financial product or provide certain services.

Change management

‘Change management is the ability to interpret and implement change in a timely manner,’ says Tait. When it comes to regulatory shifts, this concept becomes even more important, as just one misinterpretation or implementation failure could render an organisation non-compliant.

‘What types of change do we see?’

Regulatory change takes many forms and covers a huge variety of laws, policies and requirements. Regulators make changes based on their role in the market and their research into consumer needs; however, Tait says that patterns frequently emerge.

‘In the last couple of years, there have certainly been more material changes, which have affected compliance and the way people do business,’ he explains. ‘Typically, it’ll be a change to the Corporations Act, with additional guidance and implementation guidelines provided by ASIC, but other laws are also impacted, such as the Anti-Money Laundering Act or the Privacy Act.’

The top regulators also disclose their priorities, which can indicate patterns in upcoming changes. For example, ASIC published its list of Enforcement Priorities for 2023, which includes:

• Targeting poor design, pricing and distribution of financial products.
• Combating and disrupting investment scams.
• Protecting financially vulnerable consumers.

‘Why is this process so challenging?’

It’s no secret that regulatory change management presents challenges and frustrations for financial firms. Tait sheds some light on what these hurdles are and why they exist:

Volume

When it comes to regulation shifts, Tait says the sheer volume of changes is one of the biggest obstacles. ‘Small to mid-sized firms don’t have the resources to track every regulatory change that has occurred across the entire universe of regulators,’ he explains.

Interpretation

Just tracking changes isn’t enough; firms also need to be able to interpret the underlying meaning or purpose of those shifts, according to Tait. ‘Law firms, newsletters and other resources try to help you understand what it means for your business,’ he says — but that’s still a lot of effort.

Implementation

‘You have to be able to find which regulatory shift has impacted a policy, procedure or way you do business,’ says Tait. Unfortunately, limited time and technology make this process complicated. ‘Somebody has to manually decide what needs to be changed, coordinate that internally and communicate the change within the business.’

‘What does good regulatory change management look like?’

According to Tait, there are a few key things that make regulatory change management successful:

Tracking

A financial firm must be able to keep track of the thousands of changes across all seven top financial regulators in a single year.

Interpretation and implementation

Once changes have been released, firms need fast, effective processes to interpret new regulatory expectations. This includes:

• Identifying impacted policies.
• Identifying what those changes are.
• Rewriting and updating the policies.
• Updating related procedures and processes.
• Distributing new guidelines to the entire organisation.

Internal governance

Tait points out that firms always have reporting requirements for boards, compliance committees and other internal bodies. ‘Being able to generate reports around analytics — for example, when things are updated — helps the governance process,’ says Tait.

Proof

One final element of change management, according to Tait, is the ability to ‘demonstrate to a regulator that you’re aware of and have implemented the regulatory change.’ He adds that any organisation might be able to claim that it’s completed tasks on time, ‘but without being able to demonstrate that to a third-party auditor, regulator or other party, it’s not really successful.’

‘How do you make it happen?’

Tait explains that it’s possible to successfully implement regulatory change management — firms just need the proper tools.

He points out that many change management solutions allow organisations to record info and track regulatory shifts, but that’s only one part of the process. It’s also necessary to understand the purpose of a change, identify impacted documents, make updates and ensure those changes are visible across the company. Unfortunately, according to Tait, ‘there’s not a lot out there other than doing it manually.’

The good news is that MIntegrity has the answer. 

Our regulatory change management platform, RegsWeb, contains an updated library of regulatory content across key regulators and provides financial firms with the ability to easily highlight affected policies, procedures and other related documents. Detailed analytics provide firms with evidence that policies are being read by impacted teams, which in turn informs future training and reinforcement of compliance processes. With RegsWeb, firms also have access to MIntegrity’s advisory services, which help interpret and implement ongoing changes.

To learn more about RegsWeb and benefit from the expertise of MIntegrity’s team of regulatory specialists, contact us for a demo today.

*Blog image by Freepik