Compliance Technology
Compliance Is Still People-Powered | Iron Mountain: Toward a Paperless Office | Pre-trade Compliance: Better, Cheaper, Faster | The High Cost of Best Execution | Playing Catch-up in E-archiving
Pre-trade Compliance: Better, Cheaper, Faster
Firms answer regulatory, investor demands with added controls and third-party systems
February 18, 2008
At the heart of Societe Generale's recent EUR4.82 billion ($7.01 billion) in losses from unauthorized trades is the fact that the accused trader--Jerome Kerviel--was able to use his knowledge of the system to get around the checks and balances. Kerviel, an equities trader, started in the back office and had maintained the French bank's compliance technology. Societe Generale has acknowledged that he understood the trade processing and control procedures and knew how to avoid them.
The alleged fraud comes as regulators and clients alike are demanding better transparency, reporting and accountability. Firms are beefing up their pre-trade compliance technology, turning to Web-based delivery to reduce costs and improve accessibility, expanding asset-class coverage, replacing in-house platforms with third-party vendors' and adding more checks and controls to existing systems.
Small hedge funds and traditional investment firms may not have the money to buy all the necessary hardware for compliance systems, nor the time to set one up, says Craig Weston, manager for London-based Fidessa LatentZero's Sentinel compliance product. A software-as-a-service, or application service provider (ASP), approach can give those firms online access to high-end tools.
Open to ASP
The ASP model also eliminates maintenance issues. Software is updated on the Web, and clients don't have to download and install upgrades or patches.
A few years ago, securities firms were wary of Internet-based software because of the security risks--sensitive financial data is sent to a Web site and stored by an offsite company. But Salesforce.com, a San Francisco-based customer relationship management software vendor, did much to combat that perception in 2005 when it signed on Merrill Lynch & Co., among other high-profile firms. Today, many vendors are following Salesforce.com's example, conducting security audits, building backup data centers and working to assure the safety of data.
SunGard Data Systems' Protegent PTA compliance platform has a disaster recovery site, says Christopher Aronis, general manager of the Wayne, Pa.-based company's compliance group. "It is highly secure, with a firewall and intrusion protection," he notes. "Everything is encrypted. There is no commingling of data--each client gets their own database. We are a paranoid company by nature, and given the type of data we handle, that serves us fairly well."
The Protegent platform is available in both traditional and hosted versions, but 85 percent of clients opt for the ASP model, according to Aronis.
He adds: "This application is not available through the broad, unwashed Internet. Our clients give us the IP addresses from their offices, and only those IP ranges are able to access the information."
More Asset Classes
One result of the subprime crisis in the U.S. has been increased attention on the need to monitor investments across assets classes, including derivatives and other exotic financial instruments. Much derivatives valuation is done manually or using systems built in-house, says Helen Foo, compliance product manager at Burlington Mass.-based integration vendor Charles River Development. But more firms are adopting "automated pre-trade checking for these asset classes," she says.
Foo, who is responsible for the Charles River Investment Management System's compliance module and the Web-based Anywhere portal, points out that, unlike equities, which have an obvious market price, derivatives are valued based on a variety of complicated formulas. Vendors have begun building these models, and allowing clients to add their own formulas to the compliance systems.
