Complex, Demanding Regulatory Environment Creates Need For Dedicated Governance, Risk And Compliance Solutions

Tuesday, November 2, 2010 - 01:00
David Craig

Editor: What types of regulatory pressures are corporate counsel, compliance officers and auditors facing?

Craig: They are dealing with a tsunami of new regulations. And it's not that they don't have enough information on all of the new regulations that are being created; it's knowing what they need to do with that information - and how to act upon it.

Let me put it into perspective: The regulatory landscape is changing dramatically in Europe and the U.S. since the meltdown on Wall Street in the fall of 2008. We've found that in 2009 there were more than 10,000 regulatory updates in financial services and insurance alone, that is regulatory changes in the U.S. and European Union combined. We already hit that figure this year in September. That translates into more than 50 regulatory updates a day, across the financial services and insurance industries alone.

And it's not just the amount of regulatory changes, it's also the amount of disclosure that is now required. Over the past several years, on average there have been around 200,000 filings per year in the U.S. by public companies. We believe the newly enacted Dodd-Frank bill - on its own - could increase that figure by an additional 100,000 new disclosures. The level of disclosures that are being required are mounting up and businesses are overwhelmed keeping up with it all.

Editor: What does all of this mean to businesses and their ability to innovate?

Craig: I think there is a perception that regulation can stop innovation, new business growth, and new product development. One of my goals is to help businesses understand regulation so they can adapt to it more quickly and easily, which in turn, allows them to be more innovative, and create competitive advantage.

For instance, I recently talked to representatives from an asset management firm that wanted to open a new operation in Poland, but they put their plans on hold because they didn't have the money or the time to invest in understanding all of the regulations involved in opening a business in that country. We believe that if we can make that information and intelligence more readily available, then companies like this asset management firm can move into markets more quickly because the cost and time associated with understanding the regulatory environment is more manageable.

Editor: Can you describe the new Governance, Risk and Compliance Group that Thomson Reuters recently announced?

Craig: Thomson Reuters has been serving the governance, risk and compliance (GRC) needs of businesses for many years, through a variety of its businesses, including Complinet, Paisley, Westlaw Business, West's Capitol Watch, Oden and Westlaw Compliance Advisor. What we've done is to combine all of our GRC strengths into one business unit to offer the most comprehensive suite of tools designed to connect business transactions, strategy and operations with the regulatory environment worldwide. These are all market-leading businesses providing global regulatory and securities intelligence; business law research; contract and deal-drafting tools; internal policy management; e-learning; anti-money laundering solutions; and audit, filing, board of director and disclosure services.

MCC: Why did Thomson Reuters form a new business specifically focused on governance, risk and compliance?

Craig: Pure and simple: customer demand. The rules of business have been dramatically rewritten since September 2008, when Lehman collapsed, AIG was bailed out and the crisis really started to play itself out. With those events came a huge response from the federal government in the form of greater scrutiny into the affairs of corporations. As federal regulators rewrite the rules, customers are really struggling to understand what the new rules are - how they're going to be affected by them, how to interpret them, and how to operationalize them.

We came together as a GRC business to help businesses address these new rules and to do so on a global scale. As a global business, with 55,000 employees located in 100 countries, Thomson Reuters is uniquely positioned to add value in this area. After all, what happens in Washington one day will affect Asia the next day, and vice versa. If you're sitting in a London bank with a global footprint, you have to understand the implication of regulation worldwide and how it can affect other parts of your business in, say, Africa. We have the global footprint to address GRC issues for businesses globally, regionally and locally.

Editor: Why are you focusing on this now?

Craig: I think now is a good time because banks and large corporations have addressed risk separately, almost in different silos. We believe they should begin to bring these elements together. Not necessarily integrate everything and align everything - but enable everyone within an organization (the lawyers, the risk people and the business people) to talk the same language around risk and to have a comprehensive view across the company of where the risks are, how to identify them, how to manage them and how to report on them. Based on our analysis and research, we believe there is a serious gap in how that happens in many corporations.

So for us, offering customers an integrated, comprehensive suite of tools that meets their GRC needs is a great start, but what's more important is to do this in a way that allows all departments within a business to better talk with each other, with a view of risk across the lifecycle of a business.

Editor: How about an example?

Craig: Let's take the Angela Merkel ban on naked short trading of financial services shares in Germany as an example. Because that news was unexpected, firms worldwide struggled to understand the implications of it and how to react to it. We demonstrated that we could get the news out quickly to our customers about what was happening, offer an analysis of the situation, and provide insight and services so banks could tell their traders what they could and couldn't do about these sudden new regulatory changes. It's a bit of an extreme example, but it shows that new regulations can hit quickly and that companies now have a source to which they can turn to get answers they need.

Editor: How will senior executives benefit?

Craig: We can help businesses understand new regulations and rules, give them the tools to respond more effectively, and in the end, remove the constraints of those regulations and rules to help a business make better decisions more quickly and with greater confidence.

One of the key constraints facing businesses is the hard cost associated with meeting regulatory burdens. Businesses are already crying "Uncle!" We estimate that financial services companies spend in excess of $15 billion a year just trying to understand and deal with the regulatory environment. If we can automate that workflow process in any way, we can reduce a business' costs and increase its confidence in meeting its regulatory obligations, which, in turn, frees up valuable financial and human resources to grow a business.

Here's the bottom line: We want to remove the "cold sweats" for a general counsel, vice president of risk, CEO, or board member. We want to remove that sinking feeling you get when you wake up in the middle of the night worrying about whether you properly disclosed that M&A deal or correctly interpreted a new regulation. We're about creating the trust and confidence you need to get a good night of sleep.

Editor: Governance, risk and compliance have traditionally been thought of as a necessary speed bump to innovation in many companies. How will your business evolve to help corporations become more innovative and more creative in their markets?

Craig: Over the past several years, compliance has gone from this sort of necessary speed bump in the back offices of a business up to the front offices where regulation is shaping the future direction, profitability and performance of many businesses.

Many businesses don't understand how to connect the business strategy, the business products and deals, and the operations of the business (regardless of geography) with the regulatory environment. It often takes a great deal of time and effort for businesses to get to the point where they clearly understand the regulatory environment so they can make decisions more quickly and with greater confidence. Layer on top of this the miscalculations that come with human interpretation of regulations and rules. For example, if a business wants to close or move an operation, launch a new product, or create a commercial deal or issue debt, they have a number of compliance hurdles to cross. What they need are the knowledge and tools to make those decisions better.

We want to put business executives back in the driver's seat, allowing them to drive the business and innovate versus having the regulations drive them.

Please email the author at with questions about this interview.