Navigating the complex world of regulatory data management is no easy task. But the challenges posed by the need to meet the concurrent demands of many new regulations and updates to existing ones should come as no surprise. Certainly, the regulators’ stance is clear: Firms are expected to comply; no excuses.
According to Peter Gargone, Founder and CEO of n-Tier, “This situation has been coming for a really long time, and if you go back and look at the older regs from around 2008 and the Flash Crash, you will see that regulators have been ramping this up for years.”
Gargone argues that compliance with newer regulations will be challenging for firms if they don’t have in place people who truly understand the data requirements and business flows. And the concurrency of regulatory updates becomes a massive time and resource constraint for firms across the board, he says.
“The concurrency of the requirements is challenging for firms because each regulation demands very specialised skills – interpreting the regulations, sourcing and validating the data, and the technology to comply efficiently. You can’t just rely on your operational groups like T+1, which was inherently operational in nature.”
Getting Governance Right
Gargone acknowledges that regulators’ expectations are high, especially when it comes to governance processes around reporting. “There’s an ingrained expectation from regulators around what you do to ensure your reporting is correct,” says.
As a result, the checking processes and the controls firm must now have in place are no longer optional: “If you put in a reporting framework in the US and your annual exam reveals that you have failed to put controls and checks around it, you will get into trouble. Regulators expect you to demonstrate these controls and checks.”
From n-Tier’s perspective, a control framework and a comprehensive set of checks on regulatory data are fundamental requirements for delivering a complete regulatory reporting service.
“We’re not just spitting out reports,” says Gargone. “We’re focused on a holistic process that encompasses data controls and governance because it’s what the regulators now expect to see. This is lot harder than the reporting itself because you need a lot more data – 2x more in many cases. In the US, for Consolidated Audit Trail (CAT) and Customer Account Information System (CAIS), for example, you’re looking at trillions of data points a day. That’s way beyond what most firms can handle as a platform or service.”
Workflow
The complexity of regulatory requirements demands seamless workflows that can handle large volumes of data efficiently. Automated workflows integrated with regulatory reporting systems help minimise manual intervention, reduce the risk of errors, and ensure timely submissions. Gargone continues:
“We’re seeing the way firms are planning for these changes coming this December and January of next year. This has created an environment where they’re flat out; the book of work is fully booked up, and for anything new, it’s like trying to get a reservation in a three- or four-star Michelin restaurant. You might as well call back in a year.”
The n-Tier platform is designed to operate across regulatory jurisdictions and markets but “that’s not the norm” according to Gargone.
“The norm is either a specialised vendor for each segment and each reg individually or custom-built frameworks and toolkits for each reg, where everything’s a little bit different. But we’re seeing a lot of pushbacks against that.”
Gargone continues, “When you look at this from a global perspective, those variations add complexity and cost firms more money. So, we see a move to centralising data governance and reg reporting within our platform, across regs and around the world because of the flexibility we have by default. This is part of our core design and one of our strengths.”
The company has built strong regulatory team from people with deep experience at major firms. These are former practitioners that understand regulations across the different jurisdictions and markets.
Gargone continues, “This team has been very instrumental in designing enhanced frameworks for making sure the data and accuracy of the reporting are correct. Anybody could spit out a report – many of these firms can say, ‘You know, you look at this from the outside, the numbers are correct,’ and you might assume, ‘Okay, that’s going to meet this regulatory requirement’. But what exactly does that mean?
You spit a report out and send it to the regulator but that doesn’t make it right. It doesn’t mean it’s accurate. It doesn’t mean it’s complete.
Then it becomes a ‘game’ of how long it takes the regulators to figure out you haven’t fulfilled the requirement. And then how much risk has your firm acquired following a process you haven’t designed properly?
So, we see a divergence in the market between firms that say they ‘do reporting’ and firms like n-Tier that actually offer a comprehensive suite of functionality and expertise where we actually care about the data quality.”
n-Tier’s regulatory reporting and trade surveillance platforms provide comprehensive visibility and searchability across all regulatory reporting requirements, helping firms manage and monitor trade data effectively.
Regulatory Data
Data management is crucial in this environment. Firms need the ability to aggregate, validate, and reconcile data from multiple sources. Advanced data management solutions like those offered by n-Tier integrate disparate data sets, perform continuous validation, and provide comprehensive exception management capabilities. These solutions are designed to aggregate regulatory reporting data from different sources while meeting reporting obligations for validation and research, supporting reporting for regulations such as CAT, CAIS, TRACE/MSRB, and more.
“Complexity doesn’t come just from the fact that there are new and overlapping regs” continues Gargone, it also comes from the fact that the data sets the regulators are asking for today don’t normally sit together in a regulatory model in the banks.
If you look back at a brokerage workflow and the reporting from 10 years ago, it used to be much more normal that the data would come from one system and have one owner. It belonged in a business function, or a line function, and data was isolated for that line function. So, when doing some kind of risk for a line of business, they basically had all the data.”
Gargone goes on to describe what regulators are expecting to see in this new environment. “They include looking for nuances from the data where much of that data is now coming from different parts of the organisation which don’t normally talk to each other and aren’t necessarily in sync in a timely manner or what that data represents.
If you look at CAIS, regulators are looking at reference data en masse and have turned that reference data into a regulatory reporting requirement. Previously, correction processes were based on a three-day or four-day correction cycle where you could correct it when you got to it. But now it must be corrected immediately.
“If you don’t have a process around this, where data is sourced from multiple systems in inconsistent formats along with versions of it coming off the master copy, it creates a huge workflow challenge that’s even more difficult than just generating the data. It’s mind-boggling, and that’s why we built our software.”
The company started in 2000 with the core of the n-Tier platform being built as a data platform, not a regulatory platform. Today, n-Tier is a large-scale, high-volume, completely configurable engine with a no-code interface for regulatory data management.
According to Gargone, some of the most critical work, is figuring out if the data feeding the regulatory report is right or wrong in the first place – “To do that, you have to be able to compare against different sources of that data to figure out what’s right or wrong. And, even within a single record, your data points may not map directly versus another related data point coming from a different source. And you may have to compare that against three or four different sources to figure out if it’s right or wrong.”
But that’s not quite the whole story as Gargone continues “This is where human assistance is important, because once you get to the point of figuring out within the guardrail framework, is it right or wrong – it then becomes a different question – ‘What is right in this context? Are they the same? If they’re not the same, are they the right values? Where did it break down?’ The exciting part about this is having the data at scale to do the integrity checking in one place, along with a tech stack that can actually get through that volume of data. This framework is very hard to build out, and that’s where we’re at now.”
Emerging Technologies
Solutions such as advanced analytics, machine learning, and AI can help identify patterns, predict compliance risks, and automate regulatory reporting processes. n-Tier’s platform, with its no-code environment, allows practitioners to configure datasets and data controls easily, ensuring that processes remain adaptable to evolving requirements. This flexibility and scalability are vital for maintaining compliance in a dynamic regulatory environment.
Gargone is cautiously optimistic about emerging technologies like Generative AI (GenAI) making a difference in regulatory data and reporting. For example, on regulatory horizon scanning, “That’s great if you can get the regulations machine-readable, but how far will that get you? I know some firms do the aggregation, but the terminology for risk data is vastly different.”
Gargone stresses the importance of context throughout the validation process where things that sound the same aften mean different things across markets. “You need everything to be taken in context, and that insight is something our staff have built up over their careers in this industry.”
n-Tier is beginning to leverage these technologies in correction frameworks and similar repetitive tasks. “I think as we progress through this and get more into next-gen stuff, which we’re looking at different variations of, I think the value prop for that becomes better and better.”
Closing Takeaways
Given the current state of the industry and n-Tier’s depth of experience, we asked Gargone for his top three messages for the Compliance community:
“Top of the house is don’t underestimate the regulator’s ability to focus on and find problems in your systems and processes. Moreover, they’re going to continue getting better at this. Because if you take a lackadaisical approach to it and you think, ‘They’re not going to know if your data reporting is inaccurate,’ you’re just playing with fire.”
Gargone reminds us that regulators are focussing heavily on internal controls and come with expertise and tools and they will uncover discrepancies in data and in process – “So, that’s our top line. If I were looking at it from the practitioner side, I wouldn’t feel comfortable until that was taken care of.”
The next consideration are the controls themselves and the need for a holistic approach across the jurisdictions with different structures in place to make sure there’s some independence in the software and the processes (e.g. maker/checker) around those controls versus where the actual data flow processes live. Gargone makes clear that “a single framework with some built-in checks from the same people that did the reporting is not a good idea.”
Gargone’s final take-way is “You have to pick a good partner. We see a lot of ‘try and build yourself’ at this point, but it’s very hard. There’s a stack of functionality, which has taken us a very long time to build.
You should look for a good partner and you should look for something that’s flexible enough where you’re not going to have 50 solutions. The fewer solutions and the more common processes you can have as a firm, the better you’re going to be at implementing standards and controls to make sure you don’t make mistakes.
You really need a solid partner – someone who fully understands the requirements, knows the regs. And that’s where we sit.”
Subscribe to our newsletter
