Over the last 15 years, roughly since the Global Financial Crisis (GFC), there has been an enormous increase in regulatory control for companies in every industry. New regulations such as: the General Data Protection Regulation, Sarbanes‐Oxley Act and the Dodd-Frank Act have created significant increases in workload. This burden has fallen mainly on IT departments to ensure compliance across all of their systems, processes and infrastructures.
Regulatory requirements imposed on the financial services organisations are mainly focused on ensuring financial stability and integrity. These requirements are defined by official governing authorities whose responsibility it is to control the behaviour of companies within specific industries and in specific areas of their operations. The requirements are obligatory and failure to comply can lead to substantial financial penalties and brand damage.
Information Technology is a critical part of a modern organisation as it is integral in the delivery of most operational and strategic activities. Organisations rely on their IT systems to operate effectively and efficiently and at the same time to comply with regulatory requirements. For global organisations who are required to comply with regulations across multiple regions and jurisdictions the role of IT becomes more complex and even more critical.
The IT compliance manager ensures that the IT systems within an organisation are operating in compliance with all of the relevant regulations. He or she does this by verifying that the required governance policies, controls and standard, as well as the IT risk management framework, are effectively managed. This will include areas such as data collection and management, workflows, audit trails, information and application security, internal and external fraud, database management, supplier management, system availability, and service delivery.