The previous articles in this series focused on the Challenges of Managing Market Data, Market Data Licensing Recommendations and Market Data Vendor Management. Now we will focus on market data compliance audits. Market Data compliance audits allow data providers, such the global exchanges and data vendors, to ensure your organization is sticking to the rules. They happen periodically, and you must be prepared for them. Here are some practical tips that can help you meet the challenges of compliance audits and achieve favorable results.
Understand the Process
There should be no mystery behind compliance audit requirements or processes. The auditor should provide the inspection checklist well in advance. In addition, industry associations and other groups may offer audit guidelines, sample policies and procedures, and even comprehensive audit preparation workshops. All of this can be used to help prepare your own internal audit program.
It is essential to have a sound internal audit program that includes adequate documentation and follow-up processes. Companies should perform internal data compliance audits regularly and proactively correct any deficiencies. An absent or inadequate internal audit program will be viewed as a deficiency and possibly encouraged a deeper examination.
While it is certainly possible to conduct your own internal market data compliance audit, some companies simply don’t have the resources or in-house expertise to handle that business function. Independent third-party market data compliance auditing firms can help to bridge this gap, allowing companies to present auditors with independent results.
Complacency is one of the biggest threats to market data compliance because compliance is not static. It’s a “moving target” that shifts and changes based on notable activities within the industry and policies and processes which require new enforcement procedures. Auditors will probably tailor their inspection to ensure that any new regulations are accommodated. Also, compliance issues at one or more companies in your industry may bring the auditors knocking on your door, even when you haven’t done anything yourself.
Market Data providers place a great deal of importance on preventing unauthorized to their data. During an audit, inspectors will want to verify that all aspects of these security requirements are in place and working properly. You will want to be familiar with the available controls and safeguards. In addition, you should have data retention/deletion policies that are clearly defined.
It is important to ensure that all the company’s systems where market data resides continue to meet the data providers requirements for security, documentation and control. This is particularly challenging for aging legacy systems that may not easily keep pace with changing compliance requirements. Upgrades and replacements may be needed to maintain proper adherence.
About S4 Market Data
S4 Market Data is the leading boutique consulting firm for the Financial Information Services Industry in Miami, with a special focus on market data vendor management.