In regulated industries such as financial services, banking, insurance, and energy, periodic examinations by regulators and auditors are a regular occurrence. They might follow up on a workers compensation complaint; investigate misleading marketing and advertising of products, fraudulent sales practices, or inappropriate underwriting practices; complete a periodic SEC or FINRA exam; or follow up on violations found in a previous exam.
These regulatory examinations can result in costly penalties and fines and unwanted publicity. For example, in 2017 alone, the Financial Industry Regulatory Authority (FINRA) alone has assigned more than $31 million in fines and restitution.
In addition, the process of identifying, locating, and gathering all required documentation for the examiners is a time consuming and often manual process. The data required is owned by a variety of teams across the organization, which requires a great deal of coordination to collect. There are also many systems used to capture necessary evidence and retain records. Once the exam is complete, tracking the progress and completion of exam findings and remediation actions is executed using email and spreadsheets providing little visibility on findings status and progress.
All of these challenges can be addressed with RSA Archer technology. This week, RSA Archer released the RSA Archer Exam Management app-pack on the RSA Exchange. This new app-pack helps organizations prepare for, document, and manage the processes for conducting a regulatory examination. It provides a centralized process to manage scoping, data collection, collaboration, and the post-analysis phase of an exam. Organizations can: