Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

CIO upfront: The compliance conundrum of digital transformation

Edited by Divina Paredes | Aug. 16, 2017
Regulators are focusing more and more on data and records, resulting in a myriad of regulations that businesses are required to comply with when creating, storing and using data, writes Paul Bruton of Hitachi Data Systems.



Digital transformation is such a hot topic because the way we do business, the way we communicate, the way we get things done as consumers on a day-to-day basis is becoming increasingly mobile, connected and digitised.

There is a lot of excitement about the possibilities of mobile apps, VR, and chatbots at the forefront of digital customer interaction. A related, business-critical process that unfortunately isn't on the tip of every CIO's tongue - though it should be - is compliance.

As the public and private sector increase focus and reliance on digital solutions, processes, applications and cloud, organisations are presented with changes in how they must deal with compliance, with existing regulations and legislation, and those to come.

Falling short of regulatory and compliance standards can be an expensive oversight. Regulators may take enforcement action, including fines calculated as a percentage of annual turnover, revocation of operating licenses and an organisation may also suffer reputational damage from being exposed as non-compliant.


Regulators get tech savvy

Significant legislative reforms over the past decade or so, particularly in relation to the integrity of records and reporting obligations, have increased organisations' dependence on technology solutions for compliance purposes.

Considering the increasing role technology is expected to take in contributing to business management and growth, it follows that there is a significant role for the CIO to play in not only ensuring compliance, but continuing to make compliance easier and more efficient.

According to technology law firm Fieldfisher LLP, regulators have become wise to the fact that technology is an intrinsic part of effective risk management and reporting by organisations.

CIOs in Australia and New Zealand need to know that they are already operating in mature markets in terms of access and disclosure requirements, and that regulators have an increasingly sophisticated understanding of the power of technology in advancing the compliance agenda.

Commenting on its July 2017 report called Compliance Obligations in APAC, Simon Briskman, partner at technology law firm, Fieldfisher LLP said: "Both New Zealand and Australia have legislation allowing electronic communications to be admitted in evidence in court, and of course there have been significant changes to the respective privacy laws in both countries. Overall, the landscape is one of increasingly sophisticated regulation that requires specific compliance solutions. Technology has become a vital part of those solutions."

According to Fieldfisher, as the viability of greater data capture and storage has increased, the scope of regulatory requirements for data capture, reporting and retention has increased:

  • Regulators are focusing more and more on data and records, resulting in a myriad of regulations that businesses are required to comply with when creating, storing and using data. Of course this must be managed at the same time as exponential growth in the volume of data.
  •  Regulators have extended past requiring post-transaction paper records and the post-transactional storage of digital records to an expectation of live digital capture of data, for example, the second Markets in Financial Instruments Directive (MiFID2).
  • Control environments ensuring data integrity have become core requirements.
  • Most recent regulation is calling for more and faster reporting.


1  2  Next Page 

Sign up for CIO Asia eNewsletters.