Share on:  linkedin-color twitter-color.png



Ready to see the power of the SteelEye Platform?

Get a free, live demo.

Introduction to Financial Services Compliance and Risk

Compliance teams are having a torrid time of it. Regulatory change is happening in such volume and so quickly that teams can be excused for feeling as though they are being asked to run a marathon at the speed of a sprint.

There are too many projects, a scarcity of resources, and key issues that seem unsolvable. And this was before Covid-19 hit the financial services sector, adding on the challenges of compliant home working and pulling together required data when processes are manual and information spread across a wide array of platforms and systems.


This guide explores key challenges around compliance, risk and regulatory change that are impacting how financial services are approaching compliance requirements such as regulatory reporting, best execution and market abuse surveillance. It then considers a fresh approach to data governance & compliance for financial institutions based on understanding what lies at the core of these issues, and suggests ways in which digital transformation, with its focus on data quality, has a role to play in improving financial services compliance and risk.

It is clear that the way that financial firms are approaching the compliance challenges created by regulatory change is not working, and that a new approach is needed. Moreover, tackling the issues created by regulatory change through digital transformation opens possibilities for regulatory compliance in financial services to deliver value to the business in new ways.

What is the role of compliance in financial services?

Financial compliance is the regulation and enforcement of the laws and rules that exist within the financial services sector and capital markets. It exists to promote and maintain transparency and integrity of the financial markets and protect customers, investors, the economy and society as a whole from financial crime, market manipulation, ethical threats, and systemic risk.

There are a wealth of financial regulations that compliance teams within the finance sector have to comply with, many of which were born out of the 2008 financial crash to prevent such a crisis from happening again. Regulatory compliance in financial services imposes rules or principles that determine who can conduct financial services business and how authorised firms must do so.

network analysis icon white

How compliance has become increasingly complex and costly for financial institutions


The pace of regulatory change is pushing up both cost and complexity for financial services firms. 

Generally speaking, some of the spending is focused on updating legacy systems. 

The spending is also on people. Oliver Wyman estimates that between 10% and 15% of financial services employees are dedicated to compliance and risk management.

A shortage of financial services compliance talent across the industry means that remuneration costs are rising too, even as firms continue to struggle to fill essential roles.

Compliance costs are escalating at a disturbing rate. Meanwhile, the pace of regulatory change continues to increase.

While many firms are still working hard to comply with existing regulations, there is a lingering suggestion of even more regulatory change and increased enforcement action coming. In 2021, a top tier bank was fined $200 million by the SEC and CFTC for failures in relation to WhatsApp and employee communications record keeping. 


Regulators have been hinting for some time that a significantly larger enforcement crackdown is to come. The FCA knows that poor quality transaction data will impact the ability of firms to monitor their own employees for market abuse and other financial crimes. The FCA is also keen to have better quality data because it needs this information for its own market monitoring programmes.

In the US, the Securities and Exchange Commission (SEC) is already using its National Exam Analytics Tool (NEAT) to collect and analyse large datasets of trading records to identify potentially problematic activity, and its ATLAS tool to bring together multiple streams of data, including blue sheets, pricing, and public announcements, to search for market abuse. The US SEC uses these and other tools to often spot market abuse before firms do

Key Financial Compliance Rules

These key financial compliance rules have proven to be challenging for financial firms:

European Market Infrastructure Regulation (EMIR)

The cost and complexity of this requirement within the EU to report derivatives trades to trade repositories on a T+1 basis has left many firms struggling. Firms need to consolidate, normalise and enrich their EMIR reporting data, and then create and submit reports each day. However, the quality of data submitted by firms remains low – both pairing of trades and matching of specific data fields remain challenging – and so regulators are beginning to run out of patience. Over the past couple of years, the UK’s Financial Conduct Authority (FCA) has issued chunky fines to large firms that have reported incorrect data over a period of time.

Markets in Financial Instruments Directive II (MIFID II)

This directive and its associated regulations are being augmented by the EU over the next 18 months to help fix issues that arose after their initial implementation in January 2018. Many firms are still trying to get the initial implementation right. For example, they struggle with completing transaction cost analysis (TCA), a methodology often used to meet best execution requirements under MiFID II. They are also finding the required regulatory reporting, such as RTS27 and RTS28, to be expensive and time-consuming to produce. In fact, it is so challenging that the regulators delayed reporting requirements during the Covid-19 pandemic period.4 Regulatory reporting of transactions is plagued by data quality problems too, causing supervisors to hint at a coming crackdown.

Markets Abuse Regulation (MAR)

This EU regulation, which is set to be updated over the next 18 months, requires firms to ensure they are able to prevent and detect market abuse, including insider trading, front running, and other financial crimes. However, compliance teams are often faced with high levels of false positives, as well as challenges around monitoring different types of data in a connected way. Meanwhile, regulators are increasing their ability to spot unusual trading activity through the use of Supervisory Technology, or “SupTech”, raising the possibility that they may spot criminal activity within a firm before the firm’s compliance team does.

Senior Managers and Certification Regime (SMCR)

This UK regulation, recently rolled out for solo-regulated firms such as asset managers, holds senior managers personally accountable for the conduct of the firm that they represent. As a result, firms need to keep track of the roles and responsibilities of senior managers, perform fit and proper assessments, and complete a variety of other tasks. In particular, senior managers with responsibility for the trading business, including its operations, need to be able to say that the firm is wholly compliant. With personal accountability, senior managers are moving fast to ensure that they are able to identify and mitigate potential market abuse and conduct risks quickly and efficiently. However, in doing so, cracks in technology and data integrity are becoming clear.

In summary, firms are facing unprecedented times, in terms of the impact that regulatory change is having on both compliance teams and business operations more broadly. New regulations, increased enforcement, and the use of enhanced data analytics by supervisors are putting intense pressure on firms. Meanwhile, soaring compliance costs are diverting needed investment from the business. It is becoming clear that firms can no longer tackle regulatory compliance in financial services the way they have been. A change of approach is needed.

SteelEye Named #1 RegTech Solution in 2022

"We selected SteelEye because of the quality of their technology, the regulatory expertise demonstrated by their team and their willingness to support our tight implementation timelines.”

Keith Frimpong, Global Head of Operations Change, Schroders | Learn more >



Behavioural profiling icon white

Financial Compliance Challenges that Boards, C-Suites and Teams Face


To successfully alter the way they tackle financial compliance regulatory change, firms need to change their perspective on the nature of the issues that they are being presented with. While boards, C-suites, and financial compliance teams have typically considered each regulation and the enforcement around it the reality is that common challenges underpin all regulatory obligations.

Common financial compliance challenges include:

  • Poor Data Quality
  • Difficulty In Normalising Data
  • A Lack Of Enough Skilled People
  • Ambiguity Around Best Practice

While all these challenges (detailed below) are significant, they are common to almost all of the individual regulations and mandates. This opens the potential for a single strategic solution to be applied across the range of financial regulatory obligations, which is what we discuss in this guide.

Challenge Detail
Poor Data Quality The technology infrastructure of many firms is a patchwork of software tools and databases, which have been carefully stitched together over the past two decades. Data may be cleaned differently by each tool, and tools may not speak to each other. The result is poor data quality, and reporting errors.
Difficulty in normalising data For example, to monitor market abuse, firms need to bring together the data from all of their trading operations, which could be housed in anything from a spreadsheet up to a sophisticated vendor system. As well, for each of these different trading operations, firms need to have surveillance over a range of different data types beyond trade data, including emails, phone calls, chat messages, and social media. Bringing all of this together can be a significant challenge, much like throwing five 1,000-piece jigsaw puzzle pieces down in a single pile and then being asked to assemble all five puzzles without the box tops.
Lack of skilled people To date, many compliance teams have relied on using manual methods to meet requirements. Firms are beginning to accept that this is unsustainable because costs are rising too fast. However, firms seeking to build internal solutions to harvest the data they need from existing tools and databases are discovering that it can be difficult to find the human talent to undertake this work – individuals who understand both the technology and the compliance issues.
Ambiguity around best practice Each additional set of rules seems to foster a whole new list of best practices for compliance. Understanding what is needed at a fundamental level to achieve compliance, or how the rules might relate to each other, can be problematic. In these circumstances, it can be difficult for firms to see the woods for the trees.

Comply Smarter with SteelEye

Learn about how we simplify market abuse surveillance, regulatory reporting, record keeping and more.

Schedule a meeting


The role of technology in solving financial compliance challenges


Thinking about Technology Strategically to improve regulatory reporting and surveillance

To meet these challenges successfully, financial services compliance teams need to embrace digital transformation, which involves using technology, people and processes to fundamentally change the way an organisation delivers value. The return on investment (ROI) of digital transformation should include both enhancing customer relationships and improving operational efficiency.

Compliance teams may feel that they have been left out of their organisation’s digital transformation programmes – that it is not for them or that it has passed them by. Nothing could be further from the truth.

The advent of Regulatory Technology (RegTech) creates an opportunity for compliance teams to engage in digital transformation, to improve the way technology, people and processes deliver the right compliance outcomes. Companies are already doing this, at scale.

Furthermore, compliance teams that engage in the right way with digital transformation have the opportunity to accelerate their organisation’s overall digital transformation programme.

Accelerating your organisation’s digital transformation programme

It is all about realising the critical importance of data. By transforming the firm’s approach to financial services compliance data, compliance teams have the opportunity to not just dramatically improve their ability to meet regulatory expectations, but also to contribute proactively to other projects across the business, and deliver robust decision-making analysis to key stakeholders, the C-suite, and the board. Both within the team and across the business, there is the possibility to deliver digital transformation ROI.

  • Getting the data right is foundational to all digital transformation projects and to get regulatory compliance in financial services right. Base camp involves making sure that the data is sourced correctly, cleaned, and normalised – and automating these processes through the use of technology.
  • Operationalising key elements of compliance data governance in this way enables the data to support a wide range of use cases. These include automated regulatory reporting and market abuse monitoring, as well as analytics that can help the business make decisions about operations efficiency enhancement and customer experience improvements.
  • Compliance teams should seek to work with an end-to-end Cloud solution that automates data quality processes and normalisation, and then uses that data to monitor for market abuse and report trade data to fulfil regulatory obligations.
  • In addition, the solution should be able to take that same data set and provide insightful analytics to the business, to help improve operational efficiency and enhance the customer experience.

"SteelEye enables us to automate as much of our compliance set up as possible reducing the complexity of what can otherwise be an arduous and painful process. Very few other vendors offer the same breadth of regulatory compliance solutions.”

Aidan Brady, Chief Operating Officer, Ardent Financial


Compliance Data Analytics

There are a wide range of analytics that can be derived from unified, clean and normalised data which can be of great benefit to the business. By having one single golden set of data to do all of the calculations from, firms can explore the data in multiple ways for their own business analytics, safe in the knowledge that decisions are based on the right information.


Examples include:

  • Comparing transaction costs across different asset classes to  drive enhanced performance, as well as lower costs for clients.
  • Using the data collected for portfolio analytics and Net Asset Value (NAV) calculations.
  • Aligning trade transaction data with customer relationship data, to potentially better anticipate client needs and proactively suggest products.

There are dozens of potential use cases and benefits that derive from a data-centric approach to regulatory compliance in financial services. Focussing on digital transformation when addressing existing challenges can deliver benefits well beyond the core need for compliance with transaction reporting, market abuse rules and other obligations, and has the ability to enhance the value that compliance teams can deliver to their organisations.

Best execution icon white

Making a business case for digital transformation within compliance

Taking the next steps

Compliance teams often have to build a business case to gain support for investment in RegTech. Helping business executives to understand the potential benefits of taking a data-focused approach to regulatory conformity requires compliance teams to first obtain a better understanding of the issues that the business is facing.

Five key steps that compliance teams can take to deepen their knowledge of how their own digital transformation needs might overlap with those of the business include:

  • Learn about the digital transformation needs and aspirations of the business in areas such as trading and back office operations.
  • Discuss the successes and challenges of previous digital transformation programs with those involved, to learn key lessons.
  • Ask what information senior managers, C-suite and the board would like to have to make better decisions around the sales and trading business.
  • Educate the business, senior managers, the C-Suite and the board about the role that RegTech, and quality data, could play in both increasing efficiency and growing the business.
  • Set goals for digital transformation of regulatory compliance in financial services that are measurable. Identify key metrics and then track those metrics over time. Share those metrics with key stakeholders.

These steps can help compliance teams better understand how they can position an investment in RegTech as not just a way to improve operational efficiency within key compliance process, but also as a way to provide important, high quality data for the business to work with, to meet its own digital transformation goals.


Financial Services compliance teams can solve a range of challenges associated with regulatory change by adopting an approach that is rooted in digital transformation, and specifically, the enhancement of data quality. Beyond this, compliance teams also have the opportunity to contribute proactively to their organisation’s digital transformation programme.

After all, much of the data that is needed to comply with regulations like EMIR, MiFID II, and MAR is also data that is can be put to other, value-generating uses. This is an important win-win for compliance teams, which can help them build relationships and enhance engagement with key parts of the organisation.

Data-driven Financial Services Compliance Takeaways

By adopting a data-centric approach to financial services compliance, team can gain a wealth of benefits, including: 

  • Embed best regulatory compliance best practices within the organisation’s culture through standardised workflows.
  • Reduce the volume of false positives and take comfort in the fact that all potential risks are being properly detected, investigated and resolved. Firms can be more confident about being able to spot market abuse before the regulator does.
  • Conduct internal investigations more smoothly with all of the data in one place, tied to a single case.
  • Support senior managers complying with SMCR by giving them the information they need to manage risk and compliance in the areas they oversee, as well as to support attestations.
  • Engage proactively with supervisors. Complete transaction reporting and regulatory reporting on time and with good quality data.
  • Find information requested by regulators quickly and easily. Reconstruct trades quickly and easily. Better communication with regulators can mean fewer investigations and reviews.
  • Respond more nimbly to regulatory change by using a cloud-based platform that will be updated automatically to reflect new rules and guidance.
  • Create an organisation with more operational resilience. RegTech will make processes faster and more reliable, as well as less expensive to perform. Automation, and holding data in the Cloud, also improves business continuity.
  • Refocus individuals within compliance and the business on more value-adding activities.

“We were looking for a solution that would allow us to meet our regulatory requirements and consolidate our ever-growing number of supported platforms, communication channels and trade and order systems. SteelEye provided that solution.”

Patrick Fietje, CEO, Tavira Securities




Optimise your Financial Compliance to free up costs

Bring your people, tools, and data together to maximise your regulatory compliance and reduce risk.

Schedule a meeting

Share guide on:

  linkedin-color twitter-color.png