The IT department has always had to shoulder some of the
responsibility for compliance with current laws regarding enterprise data. But
according to a new report from the Economist
Intelligence Unit (EIU), the future will see that burden on IT grow even
more. According to the report, 45 percent of IT executives, from across the
globe, said that the top three compliance activities they were engaged in were
security and privacy, document retention, and financial regulation.
Luckily for financial services, one of the most heavily
regulated industries, IT vendors are providing a competitive array of
compliance solutions. A number of storage, data backup, and disaster recovery
products are proving invaluable when coping with the demands of regulation, new
and old. IT’s role in compliance is growing because regulation increasingly
requires that business activities be monitored, audited, and scrutinized; this
translates to the storage and retention of vast amounts of data—and only
technology can handle that load.
“The nature of IT’s role in compliance varies widely
among companies, but it’s clear that growing regulatory requirements are giving
IT specialists in companies a lot more work and bringing them into contact with
different corporate departments,” says Nigel Holloway, director of
executive services for the Americas at the Economist Intelligence Unit in New
York. “Companies may not realize it now, but in time this will help to
involve IT professionals in broader corporate strategy.”
However, just because technology can assist with compliance,
does not mean that it comes cheap. And this is making for a further imperative:
spending on compliance must be linked to the investment in wider business
goals. For many, this is likely to be the only way they can justify the expenditure
compliance necessitates. According to the EIU, over half of the executives they
spoke to said that the annual expenditure in this area of IT is expanding by
over 10 percent a year.
Moreover, integrating budgets is not enough. Compliance needs
to be seen as a strategic concern too—furthering the commercial goals of the
Aligning compliance and business goals
A good case in point is BankAnnapolis.
This local Maryland bank, founded in 1990, serves small businesses and
individuals through six community-banking offices across the greater Annapolis
area. The challenge it faces is that, although it’s a small operator, it still
has to comply with the regulations at which large banks throw millions of
Take the Gramm-Leach-Bliley
Act of 1999, which lists provisions to protect consumers’ personal
financial information held by financial institutions. Mike Haske, vice president of
technology at BankAnnapolis explains how the bank addresses this regulation: “To ensure ongoing customer
service and regulatory compliance, we replicate our loan and mortgage
applications from our central server to two separate remote servers every
night.” The problem is that for a small operation, this can be an
expensive and risky undertaking. BankAnnapolis has more
than 160 gigabytes of data moving across its network at any one time, so
replication, if done manually, would be very time-consuming—time that could be
spent on improving other service areas. Further, should something go wrong
during the replication process, the bank could be left with applications going
down the next morning, compromising customer service.
deployed Veritas’ Storage Replicator product to
cut out this risk, and keep compliant. It copies only changed data from remote servers—located at each
branch—to a central server at the bank’s headquarters for backup and archiving.
In so doing, it ensures that data is available in its most current state across
the network without slowing down normal server operations.
to Haske, this decrease in the amount of data
traveling across the network means server performance doesn’t suffer while
critical data is being protected. This capability is critical for the bank
because in reality, it performs eight scheduled replication jobs each day,
combined with several real-time replications, making resource consumption a key
win-win situation for BankAnnapolis means that they are able to meet regulatory
requirements for maintaining data availability while continuing to improve their
standards of customer service. In other words, the business goals of the bank
are perfectly in line with its investment in technology. This kind of harmony makes
the case that compliance is an important strategic goal in itself, and that IT
is most valuable when fully engaged in the organization’s business strategies.
Stay up to date with the latest IT news and information affecting the world of finance with TechRepublic’s free Financial Services IT newsletter, delivered each Wednesday. Automatically sign up today!