Article updated 4 February, 2019
According to the TAS Compliance Report, risk and compliance are at the top of the agenda, with calls for collaboration between industry and RegTechs.
At the time of writing, the final Hayne Royal Commission report had not yet been published, and those in the financial sector were waiting with bated breath to see what impact the recommendations might have on their ‘business as usual’.
The TAS report indicated, however, that RegTechs have been slow to start in Australia.
At ASIC RegTech Liaison Meetings, RegTech providers have often commented on the length of the on-boarding time for major financial institutions.
The report highlights that this is the opinion of 74 per cent of members, which is just under a 20 per cent increase from the 56 per cent who thought the same 18 months ago. It seems this will continue to stay high on the agenda for the foreseeable future.
This includes defining and restructuring the role of compliance within organisations.
Significantly, of the leaders whom TAS surveyed, 60 per cent have committed to increasing their compliance management headcount by five.
Additionally, Seek data indicates the demand for roles has risen by up to 50 per cent over the past year.
The report goes onto quote Seek Australia Managing Director, Kendra Banks, who said that risk and compliance roles increased by 122 per cent, with risk and compliance roles increasing 48 per cent in one year alone.
(Source) Seek. Table by John Saunders GRC Institute RTO.
However, Seek Australia data also indicates that roles plateaued coming up to the end of 2018 and into early 2019.
Andrew Woutersz from international recruiting agency, Randstad, indicated that risk and compliance roles are increasing, but also noted that, in some cases, these were roles that had been cut from major institutions about ten years ago.
Even if there is growth, is it sustainable?
“I think the challenge still remains that the industry is concerned everyone is being tarred with the same brush. Those organisations that did focus on consumers as a priority in their business are not coming through because the Royal Commission is centred on the things that haven’t been done right,” said TAS CEO Shane Baker.
The worry is that the growth being seen in compliance roles is just a ‘knee-jerk’ reaction to the raft of new legislation and both the interim and final report of the Hayne Royal Commission.
For Baker, the recent inquiries and the Royal Commission have been the catalyst for the increased focus on risk and compliance.
“I do think that it is sustainable because it is a fundamental shift coming from the top, and from the first compliance report that went through to what we are now hearing, there seems to be a consistent, ever-increasing focus from board and executive level driving that culture through the business.”
Baker said that where it will be tested over time is in the area of how organisations continue to fund these investments, as well as the findings from the final report and any up-coming election results, all of which could have an impact on the position organisations may need to take.
GRC Institute Registered Training Organisation Manager, John Saunders, who is responsible for the Institute’s risk and compliance course, highlighted that compliance is not listed as formal profession with the Australian Bureau of Statistics (ABS), the Australian Tax Office (ATO) or the Australian New Zealand standard Classification of Professions (ANZSCO).
Not all about investment in more people
The report did highlight that 40 per cent of organisations are not hiring more bodies but instead are up-skilling their staff, bringing in consultants or bringing in technology solutions.
However, both the report and Baker himself pondered the imbalance of the large concentration of RegTechs in Australia against the lack of equivalent uptake from Australian financial institutions.
According to Baker, “The feedback that they are getting from the market of the RegTechs, insurtechs and fintechs in general is that banks are still struggling with how to engage with these small techy organisations that are very entrepreneurial by nature, as opposed to the structured fashion of the businesses looking to acquire their services.”
This forms the crux of the issue of financial institutions engaging in assessing the viability of these smaller businesses—and whether these companies will be around in the long term.
When dealing with cloud technologies, there is still the question of meeting the requirements laid out by the Australian Prudential Regulation Authority (APRA), and the clarity on the part of the regulator that organisations cannot outsource risk.
In an official statement commenting on the report’s findings, Baker said, “According to the report, Australian executives are taking a top-down approach to creating positive change in their organisations towards compliance. Leaders are taking the right steps to ensure greater transparency moving forward with increased commitment to specialist resources as well as the prioritisation of compliance at board level. This shows executive ownership at the most senior level to meeting regulatory requirements, which is critical when creating a company-wide, robust and effective compliance culture.”