Cloud Compliance is not that Obvious

We have a guest blogger, Vipool Desai, who is talking about Cloud Compliance. Loewen & Partners has to be compliant to the Ontario Securities Commission and this is a whole new take on the topic:

In the mid 80’s at a time when many small mom and pop businesses were just starting to apply computers in their operations, Apple came out with an endearing commercial:
Two older gentlemen who owned a fish and tackle shop were struggling over set up instructions for a new PC they had just purchased. They had difficulty understanding words like “port” and understanding instructions for installing the software. Finally, in the last scene, their administrative assistant popped her head in the office while the two fellows were still struggling. It was obviously night time by then, as seen through the window of the office. She told them she needed to go home and then pointed out, “at this stage, your computer is going to put us all out of business”. The men look up, dumbfounded.
Thirty years, later technology has advanced to such a stage that most businesses no longer require expensive in-house hardware or software. They just need a fast internet connection to plug into computing power available on the web. Physical servers with installed software are now kept in giant football size mega data centres throughout the world and operated by companies such as Amazon, Google and Microsoft.
Their computing power is available for rent by the month, week, day or even the minute depending on need. This trend, referred to as cloud computing, is now being applied by many global companies. Cloud computing allows operating companies to avoid the three greatest technology costs and challenges;

  1. costs of regularly administering internal hardware and software
  2. costs of running a business with obsolete internal hardware and software; and
  3. cost of regularly updating obsolete internal hardware and software.

If one replaces the words “internal hardware and software” in the above, sentence with “Compliance Policies, Procedures, Forms, Logs and Operating Protocol”, it perfectly encapsulates the cost of compliance for independent firms. The biggest compliance costs are:

  1. costs of regularly administering Compliance Policies, Procedures, Forms, Logs and
  2. Operating Protocol
  3. costs of running a business with obsolete Compliance Policies, Procedures, Forms,
  4. Logs and Operating Protocol; and
  5. cost of regularly updating obsolete Compliance Policies, Procedures, Forms, Logs
  6. Operating Protocol.

Registered firms often mistakenly assume there is a point in time when “compliance is under control”. This could be when their registration is complete, compliance manual updated or when they pass their most recent regulatory review. However, this assumption is as true as expecting that windows 97 is the last application program you will ever need. The effectiveness of a firm’s Compliance Structure will naturally drift due to changes in, regulation, the business, staffing, regulator focus, and industry changes.
For more information, please contact:
Vipol Desai, Ara Compliance info@aracompliance.com.

1 comment:

Anonymous said...

Where in the legislation is this covered? Not seen it.