Simplifying FCA Compliance
The biggest challenge for many organisations regulated by the FCA is providing evidence that the business is taking its responsibilities seriously. As the 2015 Information Security Breaches Survey proves, staff still play an unacceptably high role in security breaches, with 75% of large organisations declaring that they had suffered staff-related security breaches.
A fair argument is that a good well-run firm should implement policies and procedures, in conjunction with user-awareness programs, regardless of whether the FCA is forcing them to do it or not. However there is always room for improvement, and why shouldn’t an organisation reap the rewards of a proactive approach to compliance?
Having the ability to provide tangible evidence that staff have received, read, and understood policies not only negates an immense amount of labour-intensive work, but also helps avoid costly preparation for regulatory audits. Being proactive in applying an automated solution to the business pays dividends when it comes to demonstrating compliance and producing evidence for regulatory investigations.
UK data breach investigations within the financial services industry have almost trebled over the last two years, according to figures acquired via a Freedom of Information request to the Information Commissioner’s Office, with human error almost always responsible. Inadvertent human behaviour was blamed for 50% of the worst breaches in the year, as reported by the 2015 Information Security Breaches Survey (up from 31% in the previous year). These figures give a clear indication that the weakest link in any organisation is the human factor. Where tasks are undertaken manually, mistakes are inevitable. Applying an automated solution to the policy management process is an effective and reliable way to mitigate costly errors.
Ensuring adherence to regulations can be an onerous task, particularly for Compliance, Audit and HR Officers. Having an integrated policy management and compliance solution, such as NETconsent, reduces the large dependency on specific areas of the business by allowing responsibilities to be shared across the business, whilst making employees more accountable.
Another challenge that regulated businesses face, particularly larger organisations, is simply finding a sensible place to keep policies and procedures. Many organisations rely on SharePoint®, document management systems, intranets, and file shares to store such documents, which can make it difficult to exercise version control and ensure that only the currently active version is available. NETconsent provides an alternative simple solution by bringing all policies and procedures together in a centralised and intuitive library, enabling users to simply navigate between associated documents.
Organisations operating in Financial Services have a regulatory requirement to demonstrate that all employees are competent to a suitable level which often results in organisations having to bring in additional training tools and resources. NETconsent however, allows educational integration blended with the day-to-day on-going policy management, providing a much more effective and efficient awareness program for employees and third-parties alike.
NETconsent is a comprehensive automated policy management, compliance and communication system that sets the bar when it comes to simplifying financial compliance due to the numerous unique functionalities it has on offer.
To find out more about how NETconsent can help your business cut cost, reduce risk, and achieve awareness, please visit www.NETconsent.com
2015 INFORMATION SECURITY BREACHES SURVEY commissioned by Department for Business Innovation & Skills conducted by PWC
75% of large organisations (up from 58% a year ago) and 31% (up from 22% a year ago) of small businesses suffered staff related security breaches in the last year.
When questioned about the single worst breach suffered, 50% of the worst breaches in the year were caused by inadvertent human error (up from 31% a year ago).