As most financial services firms move to an off-site working model and navigate the “new normal,” it is even more critical that they take steps to mitigate the increased cybersecurity risks arising from the COVID-19 pandemic.
A Strong Compliance Program Aligned with Your Financial Firm
ComplianceWorks’ mission is to provide affordable outsourced compliance services to small and medium-sized financial service firms. We provide experienced compliance experts to educate firms on compliance needs so they can alleviate the opportunity cost paid when they devote in-house resources to compliance programs.
If our service is not good enough to keep our clients, then quite frankly we do not deserve their business.
We take a strategic, adaptable business-centric approach to compliance that not only helps prevent financial or reputational damage but also makes business sense within a given firm’s business model.
We take full responsibility (and in the case of outsourced CCO, legal liability) for the portion or entirety of the compliance program assigned to us. We will provide quarterly updates on tasks assigned to us; review any compliance tasks assigned to in-house personnel, dates of completion and any side note on each task. These reports also serve to fulfill the regulatory requirement that a firm supervises what is outsourced.
Our contracts are changeable at any time. You can lower the level of service, expand our scope, or discontinue services at any time without penalty or fee. Our services are a versatile, scalable and cost-effective way to do business. If your firm grows to a point that it needs a full-time CCO, we will help interview candidates and provide training on your firm’s operations to smooth the transition.
We are in this for the relationship. In essence, we are a part-time employee with our cost but a full-time CCO-caliber employee in terms of commitment. This is why our administrative contracts allow firms to call with questions, any time, without additional charge. Good communication is key to a good relationship. This is why we don’t charge clients for every phone call or email response.
All of our people have been CCO’s and understand where compliance fits within your business model. We work with you to arrive at business appropriate solutions while maintaining compliance with applicable regulations. Our objective is to set up a compliance system to mitigate regulatory risk, where any deficiency does not lead to a monetary penalty or cause reputational damage.
One of our biggest differences is the commitment to providing proactive compliance advice. All clients will have a dedicated professional looking over the shoulder of the firm’s compliance efforts in addition to actively accomplishing tasks assigned to us. As compliance professionals, we will direct a client’s compliance program and alert them to changes or compliance effects of new business plans. ComplianceWorks does not sit around waiting for client requests, we actively manage a client’s compliance program.
No matter the size or scale of your business, we can establish and provide ongoing maintenance of a corporate compliance program to effectively manage risk. We alleviate the opportunity cost paid when human resources are devoted away from value-building tasks – raising assets, attracting clients, and managing portfolios.
Learn About The ComplianceWorks Team
Our team of compliance experts assists organizations in understanding regulations relevant to their business while keeping them abreast of important changes. We stay up-to-date on regulatory events so you are empowered to make necessary changes quickly and effectively. Each firm is given dedicated and experienced compliance personnel that provide proactive compliance guidance for your compliance program.
Frequently Asked Questions
There are three distinct advantages to outsourcing compliance.
The first relates to the knowledge gap. Many firms have CCOs that are also principals of the firm or administrative personnel. This typically means they have a limited compliance background. While compliance is not rocket science, it does require some familiarity and process to be effectively administered. Without a compliance background, how is one supposed to know what areas need to be documented and how often? How in-depth does any given compliance task need to be? By what date or what frequency do compliance tasks need to be completed? Without a compliance background, you are left guessing as to what’s best. Perhaps you use something from a previous firm without knowing how effective that was in meeting the requirements for any given task. A solid provider of outsourced compliance will proactively define the compliance program for your business model, translate it into a calendar, and perform all assigned tasks. They could help the firm by training or provisioning information on how in-house personnel should address certain situations.
Second is another extension of the knowledge gap. If you get a compliance calendar, you can figure out what tasks need to be done and in some cases how often, but what should the final document contain and in what format. In other words, you again are spending time doing a compliance task with your best efforts, but with an uncertain outcome. Without knowing what a regulator is looking for, you may end up spending valuable time on a compliance task that needs to be re-done requiring significant changes/additions to satisfy your examiner. It’s essential for a firm to give the regulators the documents requested in a format that they are accustomed to seeing. This will give them comfort that the compliance program is functioning effectively.
Last is the opportunity cost for principals or in-house staff working as makeshift CCO’s. Compliance tasks are an obligation for all financial services firms but they aren’t revenue-producing in-of themselves. A poor or neglected compliance program can generate a great deal of business risk which can lead to lost revenue. So, when a principal or in-house staff member devotes time for compliance tasks instead of business developing tasks, they lose time spent generating new clients that would have more than pay for the cost of hiring an outsourced compliance provider.
Historically regulators took either a dim view or no view at all on compliance outsourcing. However, the more current view is generally favorable as they have come to see that the resulting compliance is generally better quality, more on point, and provides better security and information. The most important thing to them is that the firm’s compliance program functions properly. However, when firms that have a solid outsourced provider, in a limited role, neglect the rest of the program they typically don’t have good audit experiences. To a regulator, the firm appears disinterested in compliance, using the outsourced contract as a smokescreen to show that compliance is important. Instead, this shows that the firm is disengaged from its own compliance program.
In other cases, firms might save a few dollars by hiring an outsourced CCO that does minimal work and rarely or never shows up on-site. If that provider is the CCO then he/she is a supervisor of the firm just as an in-house CCO would be. How can you effectively supervise anything without direct contact and a complete understanding of the business? This would be the first question from a regulator. That’s why finding an engaged, knowledgeable, experienced outsourced CCO is a great asset that can save the firm substantial money.
It’s essential to find a proactive outsourced CCO rather than someone whose best skill is cashing the check.
To make informed, effective decisions on compliance providers, the decision-maker should have an understanding of financial service compliance. Unfortunately, an overwhelming majority hire what they think is the best or lowest price which then leads to bad audit results, client legal actions, and/or general dissatisfaction on services provided (another aspect of the knowledge gap). An old rule of thumb is that a firm should devote 10% of its budget to compliance solutions including staffing, software and consulting. Many firms try to get by with less but do so at great risk. In many cases, the cost of one negative event runs for years. The cost paid could have been neutralized with a sufficient allocation of resources to compliance. Fortunately, a good dose of common sense will go a long way in looking at various solutions:
- Technology solutions – these can be great tools but are not a replacement for human resource allocation to compliance. A technology solution that claims to be “all you need” is (a) shifting all the work to the firm and charging you for it and (b) harming a firm through a false sense of security. This would be the equivalent of some financial planning software claiming that “all you need” is the software to do financial planning. Compliance technology is a good tool, not a magic bullet to get everything done.
- Remote Consulting solutions – an interesting approach to scale compliance consulting. This solution has people manning the phones to answer questions and perhaps provide some assistance on compliance tasks/calendar generation. They, however, are never on-site with a firm. When you call in, they may charge you for phone time and stick you with someone new every time. The people on the phone may not even be steeped in compliance experience or perhaps lack the experience with a compliance program at a high level.
- Admin Step Up Solution – this is where a person at the administrative level in a firm wants to increase their value by saying they do compliance. This might be one of the worst arrangements we see. Generally, the person is actually lacking in proper compliance experience, leaving them (and the firm) with a limited and narrow scope. Once they get the pat on the back for stepping up, they typically find compliance work tedious and often let things slip. Very rarely do we see them set up a complete program that addresses all the business units and risks a firm faces with any kind of efficiency. Ask yourself… if my admin is so accomplished in compliance then why did they accept a position and compensation as an admin? On the other hand, admin that supports either an in-house compliance officer or an outsourced compliance officer is worth their weight in gold.
- Outsourced Compliance Providers – are generally more experienced and accomplished in the compliance field. Their service tends to be more comprehensive and you will likely get assigned to a person who is devoted to your firm. Their cost is usually higher than other solutions but the higher level of service makes the added cost understandable.
So the answer is dependent on the skillset and time of human resources available. Are you really going to use the tech product or will it stack up in the inbox? For most firms, a combination of useful technology tools to help organize compliance programs; admin level staff to take on the blocking and tackling of filing, chasing down data or firm reports; and a CCO or outsourced person (or both) to manage and run the compliance program at a high level seems to be the most successful formula.
ComplianceWorks is an outsourced compliance provider that utilizes CCO level personnel to provide a more holistic and proactive service to guide a firm’s compliance program. ComplianceWorks personnel use the firm’s proprietary software, CAP, to set a customized compliance calendar. This helps the compliance consultant to perform their compliance reporting functions while performing the tasks outsourced both remotely and with on-site visits.
ComplianceWorks builds relationships with its clients to facilitate the proactive direction of a client’s compliance program. We provide transparent accountability and flexibility to change service levels at any time without locking a client into long term contracts. If ComplianceWorks’ service level is not good enough to retain a client, then quite frankly we do not deserve their business.
In short, with ComplianceWorks, you are getting a CCO caliber person for the same or lower cost than hiring a basic, non-compliance trained administrative position. Engagements for State Registered Advisers run $550 – $1500 per month and for SEC Registered Advisers the cost is $1,250 – $5,500. Broker-Dealer monthly expenses run $1500 – $8000 a month. By outsourcing versus hiring, your cost is either equal or less than the salary of an administrative person; completely eliminating the cost of employment taxes and benefits with no obligation to invite the person to the Xmas party!
At ComplianceWorks, outsourced CCOs are much more costly than outsourced compliance consultants for two reasons. As a CCO, ComplianceWorks takes on the personal liability of the CCO position. For this reason, we need to make ourselves available as a supervisor of the business. We must understand the ongoing operations of the business which would increase our time-on-site to 2-4 days per month. As a result, the range of outsourced CCO work is $6,000 – $10,000 per month based on the size and complexity of the client. For this to make business sense, the firm should be reasonably sized. An alternative solution is to get the maximum outsourced consultant role. ComplianceWorks would perform all the compliance program work, direct the compliance program like a CCO, and then work with the person named CCO to help with signing off documents and general supervisory duties.
Introductory Call or Meeting
Preliminary Plan Meeting
Schedule your complimentary meeting and we'll be in touch soon!
Still wondering if ComplianceWorks is right for you?
Contact us to learn more.