Policy management processes are part of everyday life for many industries, especially financial services. But that doesn’t mean the work is easy. Fast-changing legal, financial and regulatory environments demand rapid reactions — and even a single incident of non-compliance can have severe consequences.
Fortunately, effective policy management can minimise these risks and help financial service providers navigate changes, updates and more. According to Amanda Mark, Co-Founder and Managing Director at MIntegrity, the key is to identify and overcome common challenges for a more reliable approach.
‘Policy management — what does it mean?’
At its core, policy management is about effectively, efficiently and securely managing all the documents a financial service provider maintains for legal and regulatory purposes, in particular their compliance policies and procedures. This can include:
- Utilising a shared digital platform for file storage.
- Updating language and document structure in response to regulatory change.
- Distributing policies to staff with changes highlighted.
- Implementing version control to ensure teams have access to the latest information.
‘It’s not just about having policies available,’ says Mark. ‘It’s also about managing the upkeep of those policies — making them available, user-friendly and efficient.’
‘What kinds of companies should have policy management processes?’
Although policy management is commonplace in many industries, it’s especially valuable — and critical — in financial services.
‘All Australian financial services licensees and Australian credit licensees must have a suite of policies that reflect the nature, scale and complexity of their business,’ says Mark. She explains that, under the general obligations of s912a of the Corporations Act, these organisations are required to comply with financial service laws as well as manage:
- Conflicts of interest.
- Staff competency.
- Financial technology.
- Human resources.
‘These are just some of the sweeping conditions that apply to every [licenced] financial firm,’ says Mark. She adds that, while the conditions are similar, the processes may not be; it ‘varies greatly by the size of the firm and its offerings,’ she says.
Simply put, the more products and services are offered, the more robust the risk management and compliance frameworks — and the more comprehensive the policy management processes.
‘Are there common challenges in this area?’
The largest and most immediate policy management problem for most financial service providers, according to Mark, is the rate of regulatory change. There are at least seven financial regulators, each making dozens of changes per week — and a single change can have many smaller impacts on policy language, procedural updates, applicability to teams and clients and more.
‘Over the last 18 months in particular, we’ve seen a lot of high-impact regulatory changes,’ Mark explains. ‘That includes changes in breach reporting, design and distribution obligations and technology and operational resilience, just to name a few — shifts that require sweeping policy updates.’ She adds that ‘this ongoing maintenance [can] become really problematic.’
Unfortunately, the challenges don’t end there. ‘Once those documents are updated, you have to distribute them to the staff and make sure they understand them.’ That means policy management requires even more steps to encompass:
- Appropriate redistribution.
- Policy enactment.
Because many firms tend to house their policies in static file formats and generic templates, it’s often difficult to move quickly. The result is a lot of time, effort and resources spent on tracking regulatory compliance, which makes policy management challenging for busy financial service providers.
‘What does good policy management look like?’
Mark says that effective policy management starts with documents that are:
- Fit for purpose.
- Distributed in a timely fashion.
To achieve this, Mark recommends starting with the basics. ‘There’s lots of information — different media releases or newsletters — that capture regulatory change,’ she says. While it’s helpful to understand what these resources are and how often they’re released, Mark points out that this often isn’t enough. ‘You also need to have a team responsible for looking at that change.’
She says this team should have two main jobs:
- Understanding if and how a given change affects your business.
- Finding the relevant policies and other documents that need to be updated.
‘That in itself is a huge task that takes up a lot of time,’ Mark acknowledges. She also points out that this is especially important for smaller firms, which are impacted by most of the same changes but often lack the resources to keep up with regulatory shifts.
Luckily, she adds, you don’t have to do this work alone. ‘[You need] risk systems that will [do the tasks] and house those policies, helping you manage your processes in a more timely manner,’ says Mark. ‘That’s where RegsWeb comes in.’
‘How can you be more effective in managing policies?’
‘RegsWeb is a platform that enables clients to manage regulatory change risk, helping them keep policies updated and published,’ says Mark. ‘That way, the whole firm is working on the same document — a single source of truth.’
Supported by MIntegrity’s regulatory specialists, the RegsWeb platform houses a consistently updated legislative library that is interlinked to your internal policies. That means RegsWeb can highlight impacted language or documents and even help you distribute new versions once updates have been made.
This, according to Mark, is one of the best ways to become more effective in managing policies: shifting the responsibility from your staff to your systems. ‘RegsWeb links those policies to the regulations and the regulatory guides, which makes it really easy to find impacted content.’
Reach out today to learn more about effective policy management and how RegsWeb makes it possible.
*Blog image by katemangostar on Freepik← Back to Blog