In the 10 years that have followed since the global financial crisis, the ever-tightening regulatory environment has put increasing pressure on company directors to ensure their compliance policies, procedures, management and governance structures are in good order. Without a doubt, financial directors are well aware that non-compliance can not only turn esteemed names to notoriety but may also result in financial ruin and imprisonment.
Compliance, long seen as a box-ticking exercise, is now fully recognised as a core component of any business. Investment in technology has moved compliance programmes from an annual declaration to sophisticated systems for monitoring customers, business activities, HR programmes, and employee relations.
Like many systems, high-end compliance systems take advantage of mobile technology, cloud-based computing and most recently blockchain. Innovative start-ups have emerged targeting issues ranging from regulation, email security and anti-money laundering (AML), using a variety of tools including machine learning, Boolean searches and anonymous data aggregation. When considering investing in compliance programmes, technology, reporting, and security all play a key role in reviewing the top 10 compliance software providers in 2018:
DueDil (small business)
Ensuring the identity of a transacting client can be difficult for businesses, particularly when operating globally. DueDil offers a multi-jurisdictional approach, tackling adverse media screening, sanctions checks, AML and KYC (know-your-client) on-boarding.
The platform pulls together thousands of data points like corporate filings, media articles, FCA registration, company ownership, sanctions and politically exposed persons lists. When acting as a third-party screen, DueDil helps businesses assess the potential customer against credit criteria to ascertain whether the customer has been blacklisted or does not match the credit check.
Supporting both small and large businesses, DueDil also offers services to individuals looking to access basic company data for compliance. While not as established as many of the other software providers, DueDil’s unique offering to small enterprises is a powerful argument for integrating compliance in the early stages of building a business.
Cashfac Technologies (cash management)
Robust transaction reporting capabilities ensures that companies are able to adhere quickly to new regulations and are alerted to exception. Cashfac provides non-branded cash management services to corporate and banking clients and are a prominent bank-to-corporate cash management software provider.
The software company is directly linked into banking channels, giving their customers a smooth, transition-free solution to bank payables, receivables and account management. Important for many institutional clients, high transaction volumes are also not a problem for Cashfac. For FDs looking to outsource cash management activities, Cashfac’s team are ITIL qualified, and from an audit perspective, ISO 27001 compliant. The software provider also makes use of cloud computing, allowing clients to privately access the cloud storage, important for FDs wanting to improve their business continuity and disaster recovery plans.
Fenergo (tax compliance)
Fenergo, rated by 17 of the top 50 banks globally, is a provider of multiple compliance solutions. In recent years, the US IRS has implemented new standards in collection requiring Americans with offshore bank accounts to pay tax. FATCA regulation requires financial institutions to sift, and identify all US persons with overseas accounts reporting to relevant authorities.
Fenergo’s software automates the collection, verification, processing, maintenance and storage of tax-based documentation. The software can also manage web-data, documents, legal entities, and relationship hierarchies, allowing compliance teams to ultimately trace where funds go. Smartly, the software can infer whether further documentation is required before proceeding. Taking a long-term view of tax compliance, Fenergo has anticipated regulatory changes has added advanced suites capable of incorporating additional tax rules, regulatory requirements, and attributes as and when they are demanded.
There is no surprise, that SAP, the German multinational conglomerate appears on the list. Providing holistic support across GRC (governance, risk and compliance), SAP operates four lines of software protection against intrusion: SAP risk management, process control, audit management and business integrity screening offer businesses onsite or cloud roll-out, giving businesses flexibility in set-up and access.
All of SAP’s GRC software provides users with detailed analytics, tracking, real-time analysis, continuous support and alert monitoring. Interestingly, for large companies, SAP’s software for access governances provides options for firms looking to protect sensitive data and IP. Enterprise digital rights management and access violation management affords businesses surety against unauthorised access to documents by adding permissions – even if documents are sent outside of the company. For large institutions and sophisticated enterprises, SAP offers a full suite of compliance options.
siena Regulatory Reporter (MiFiD II)
For those concerned with MiFID II, Eurobase International Group’s Finance practice offers siena, designed to address MiFID’s three pillars: protection, control and proof. Considering some of the high profile financial crimes involving chat rooms, siena fully captures all customer dialogue on trading platforms, phone, and email. The installation process is also relatively simple and there is no need change existing IT architecture – siena is a ‘processing engine’ which connects to trading platforms. The tool is then able to make sense of pre-trade compliance, deals, and post-trade matching. Netting all aspects of MiFID II, siena fully addresses compliance for complex trading organisations.
Email blunders at work can be amusing at best, but very costly if confidential information is sent to the wrong person. High profile cases typically involve divulging financial, health, or personal details to wrong email address easily turn into PR nightmares, pressing the need for email security. Up-and-coming Tessian, formerly known as CheckRecipient has been making waves in cybersecurity. The company’s system Guardian bars sensitive emails from going out to the wrong addresses. Evolving from rule-based algorithms to detect anomalies, Guardian looks at communication histories, and uses machine learning and natural language processing to decipher if the addressee is right. Incorporating Tessian into existing cyberinfrastructure is also possible, as they have engineered add-ins at the email program (for example MS Outlook) and at the computer server level making this cybersecurity system attractive to small and large businesses alike.
Offering an end-to-end anti-money laundering solution, FinScan offers step-by-step capabilities for AML teams. In compliance with regulations and defending against illegal activities, FinScan’s processes enable FDs ultimate control over internal controls. The system is able to digitally examine customers and transactions alike, simplifying the choice for FDs.
FinScan uses a matching algorithm to determine whether conventions are met. Meaningful for teams wanting to save time, the algorithm reduces the incidence of false positive reports when detecting for PEPs, maligned companies, or risky clients. Another powerful feature of the software is its ability to fully work along-side CRM systems. By using legacy data, the software can also harness existing client information to add to its AML processes. Finally, the system is offered on-site, SaaS or Hybrid, creating flexible options for businesses.
Accuity (KYC bank counterparty risk)
Multi-national corporations completing complex and pressing transactions rely on speed and accuracy of identifying who their bank counterparties are. Security also matters when transferring large amounts of funds across payment platforms. The most prevalent platform, SWIFT, relies on accurately identifying counterparties by many criteria including IBANs, SWIFT codes, SSI information, legal entity, and security and fund settlement details.
Accuity provides the Bankers Almanac, a database comprised of over 23,000 banks worldwide which are easily identifiable, protecting sending institutions from KYC risk. With few other providers in the field of bank KYC details, Bankers Almanac provides necessary information reliably and quickly both within SWFT and on an online platform, reducing the risk of sending securities or funds to the wrong counterparty. For professional counterparties, subscribing to Accuity’s platform is a must.
Business Systems (mobile call recording)
Addressing the proliferation of communication channels that employees have with each other and clients, software monitoring mobile phone calls on company devices is essential to comply with the FCA and MiFiD II. Business Systems offers software to monitor telephone calls and texts messages through its TeleWare Mobile call recording services.
Compliant with MiFID II, Dodd Frank and most recently GDPR, the application records voice and SMS communications. The technology is in sync with mobile technology and is compatible with any GSM handset. Businesses offering any type of mobile device are able to subscribe to the application. From a user perspective, while many software applications for mobile phones delay connections (for example delayed ring tones), TeleWare suffers no delay in call connection. While mobile solutions are a key feature of Business Systems, other products include call-centre recording and mission-critical call recording, making the offering compelling for businesses geared towards customer services.
AXIOM SL’s cross business compliance and regulatory reporting spans across buy and sell side, front and back office, broker-dealers and banks. Offering tools beyond regulatory compliance, AXIOMSL includes data-lineage tools, CFO attestation support, shareholder disclosures across major jurisdictions, central bank liquidity reporting, and CPO-PQR requirements for funds enables businesses to transform compliance solutions across all financial enterprises.
Mastering reporting and measurement beyond simple ‘add-on’ software, AXIOMSL’s ControllerView can be reviewed and checked by firms before submissions to the regulator. For companies with complex IT infrastructure, ControllerView can accept many data inputs and is able to ‘deep-dive’ into the details. AXIOMSL’s ControllerView is conceptually closer to an operating system, transforming a firm’s perspective on compliance altogether.