There are some key focus areas that have been brought to the fore by the pandemic, especially communication surveillance given recent announcements by the FCA on the subject of monitoring home working users as effectively as those in the office environment. Others continue to be a priority focus, including, AML/KYC, regulatory horizon scanning and Regulatory reporting.
These are the big subjects that you often see splashed across the press/LinkedIn. They are all very important, but they often take up all the space and eclipse others. Sometimes the smaller pieces get lost amongst these items. Take policy management.
On the face of it, who needs a policy management system? Surely, a waste or luxury for all those valuable change budget $/£/€? After all, it can't be that hard, right? You just write a document, get it reviewed and approved, store it somewhere centrally and send it out to your staff then periodically update it when regulations or processes change. Easy.
Let's take a look at word processing packages like MS Word. It has an extraordinary amount of functions that, on the face of it, appear to allow you to produce a policy document; capture versions, share with others, collect comments and overall provide some structure via a universal template.
Unfortunately, it doesn't really play out that way. Instead, you're probably more familiar with the following scenario:
The regulatory landscape is changing continuously as regulators worldwide pour out more and more changes. These changes can also have an impact across multiple policies and so the above scenario becomes even more complex and frustrated. It is not unheard of for organisations to take 6-9 months to get policies through their internal processes.
Is this acceptable? Probably in the 1980s, but in the 21st century, not really.
We need an agile and effective policy management system. Or do we?