Increasing regulatory oversight and static IT budgets create compliance headaches for the CIOs and CTOs of DrKW, Evergreen Investments, and JPMorgan Investor Services. Bring up the topic of compliance with most CIOs and they wince. Basel II, Sarbanes-Oxley and the USA Patriot Act all provide benefits to the financial industry as a whole, but for many individual firms, they're resource sinkholes. Waters gathered three IT executives, representing the buy side, sell side and outsourcing service providers, to pick their collective brains on their least favorite but most pressing topic: compliance. The impromptu virtual panel comprises J.P. Rangaswami, CIO of Dresdner Kleinwort Wasserstein (DrKW) and Waters' CIO of the Year for 2003; Mitchell Hodus, vice president of technical operations for Evergreen Investments; and John Galante, CTO of JPMorgan Investor Services.WATERS: How has compliance changed the role of IT in your investment firm?J.P. RANGASWAMI, DRKW: Our support services functions are integrated from a management and strategic direction perspective, so we have always worked very closely with compliance here. What has changed perceptibly in the last five years is that compliance has become a proactive customer as opposed to a reactive requester of vanilla services. Trust is an imperative in our industry, and IT works very closely with control functions to deliver and enhance that trust.MITCHELL HODUS, EVERGREEN INVESTMENTS: We're having to do a lot more work, such as building new monitoring systems for communications, e-mail and instant messaging (IM) as well as coming up with new rules for tape storage. On the e-mail and IM side, there are pre-packaged solutions, so it really isn't a development issue.JOHN GALANTE, JPMORGAN INVESTOR SERVICES: The role of IT has become critical in providing the MIS and analytics to ensure compliance. Within JPMorgan Investor Services, our compliance platform is considered best in class and some of our most talented leaders and technologists are making sure it stays that way.What methods have you developed to work better with the compliance officer or CFO?Rangaswami: We have an integrated model and we're part of the same management team. This helps us work on a coherent partnership basis rather than on a buyer/seller relationship.Galante: Our CFO and compliance officers partner with our CTOs to make sure that key practices are met and projects and production are monitored and addressed.Have your budgets for compliance increased to meet the new demands?Rangaswami: It is a relatively steady state; budgets only need to increase if we have not done our job right in the past. What we have found here is that as compliance requirements increase, which is happening, our partners in that department are very open to solving their challenges using technology.Galante: Yes, our investment in this space has continued to grow to meet our clients' demands.HODUS: There's some addition to the budget as well.Have you been tempted to outsource any of your firm's compliance responsibility or are you looking to handle it internally?Rangaswami: It is all in-house; we do [purchase] technical solutions where it makes sense. Hodus: Not at all, we're handling it internally.With these new demands, have you had to make any new hires, or are you managing with your current staff?Rangaswami: Steady-state, we can keep our costs trim by the appropriate use of technology, not just to monitor but also to train and educate.Hodus: We have been able to add staff for the extra workload, just one body though.Do you think more compliance regulations emerge or will the urgency for compliance fade over time?Rangaswami: The trend is moving upward. The challenge is to get some coherence from regulators on a worldwide basis; otherwise, the cost of compliance will become prohibitive over time for global institutions.Hodus: It's only going to get worse. Look at the recent regulatory run-ins of Putnam, Janus and other asset managers. The SEC has been making examples of them for the rest of the financial services market.Galante: I think more and more compliance regulations will emerge on a global scale. Within JPMorgan Investor Services, we feel we are well positioned to meet these needs on a global scale with our people and technology.Overall, have you increased your IT staff?Rangaswami: No. Doing more with less is what technology is about.Hodus: For compliance, we've added three people this year and slated five new positions for next year. I think we're still understaffed.How will your IT budget look for next year?Rangaswami: It's a steady state. The issue has moved from cost levels to cost mix. We need to improve that mix constantly, using a portfolio approach to managing and executing the budget. Baseline costs will continue to be driven down. Vendors and suppliers will continue to feel the pressure of a buyer-dominated market. Second-order cost transformation is complex to achieve and requires new tools and mindsets.Hodus: It's up about 1 percent. Considering that, we're still lean and mean.Galante: We will continue making very focused strategic investments to provide our clients with any view of their data at any time.Are there any issues that keep you awake at night?Rangaswami: From a compliance perspective, there's the increasing likelihood that compliance requirements will be mandated well after solutions hit Main Street, making the cost of compliance much higher. Examples of this would include treatment of instant messaging.Hodus: Fault tolerance and disaster recovery keeps me up at night. I'm not really concerned about compliance; we're implementing what the regulators say we need to implement.Galante: I'm sleeping well these days.As new regulations accumulate, what gets under your skin?Hodus: From what I can tell, there were people who were taking advantage of the market and breaking the rules, costing shareholders maybe a penny on the dollar. Now, companies need to spend pennies on the dollar to save the pennies on the dollar that they were losing. Who's going to wind up paying for this? The stockholder. Something just doesn't seem right about this.Rangaswami: Again, from a compliance perspective, it would be the inadequate coordination of compliance requirements between national regulators, creating expensive and sometimes contradictory spaghetti responses.If you could have one industry body get its act together, which one would it be? Why?Rangaswami: It would have to be data protection. Global organizations like mine need flexibility in terms of a disaggregated infrastructure, and the triple-witcher of data protection, latency and security is daunting. With whom would you least like to be trapped in an elevator¾your CIO, your compliance officer, or Eliot Spitzer?Rangaswami: My CIO, which is me. If I were to be trapped in an elevator, I would prefer some company or, at least, a book to read.Hodus: It would have to be Eliot Spitzer, I get along well with my CIO and my compliance officer. Waters...
Start a FREE trial or subscribe to continue reading:
Start a 4 week free trial
Try Risk.net's premium content for a limited period. Register now for your FREE trial to one of our leading brands.
*not available to previous trialists or subscribers.
Log In or Subscribe Now
Subscribe to Risk.net Business now to access all our premium news & features content for 1 year.
Pay by Credit Card for immediate access.