Brokerages face big IT bills to comply with USA Patriot Act
Computerworld - A report released last week estimates that the U.S. brokerage industry will spend as much as $700 million through 2005 on technology and outsourcing services in order to comply with the antiterrorism and anti-money-laundering regulations of the USA Patriot Act.
The report by Needham, Mass.-based TowerGroup says brokerages spent $117 million on Patriot Act compliance measures last year and will invest about $404 million this year, when most of the Patriot Act's provisions become law. The report also indicates that some large brokerages expect to spend up to $30 million each. But after that, budgeting for compliance initiatives drops off sharply.
"I don't want to say they're not taking it seriously, but of 5,500 registered [securities] dealers in the country, I'd estimate that 1,000 or less are actively building or buying solutions," said Bob Iati, a research director at TowerGroup.
The Patriot Act, which was signed by President Bush in October 2001 in response to the Sept. 11 terrorist attacks, requires financial services companies to develop improved capabilities to identify customers and flag suspicious transactions.
Where the Money Goes
According to TowerGroup, about 39% of compliance budgets is being spent on integrating back-end systems, and 35% is going toward new software. Another 24% of the money is being used to upgrade IT infrastructures, such as hardware and storage, the report says. The remaining 2% is paying for outsourcing services with operators of customer databases, such as Regulatory DataCorp International LLC (RDC) in New York.
RDC was launched in July by The Goldman Sachs Group Inc. and other firms to develop a database for screening suspected criminals. Companies use a secure Web portal to send individual names or lists of customers to RDC, which then runs the names through an Oracle database installed on Unix servers.
Bill Catucci, CEO and president of RDC, said the company has about 25 clients in addition to its 20 original investors, who included Merrill Lynch & Co. and Citigroup Inc. But he noted that the stipulations of the Patriot Act are fuzzy at best.
"When [federal regulators] say you should have a compliance system that meets due diligence, you don't know what that means," Catucci said. "The issue is that if you don't meet the requirements, they'll sanction you."
Regulators are first checking to make sure that companies have established the required anti-money-laundering and antiterrorism programs, and then they're examining the actual compliance procedures, said Breffni McGuire, a TowerGroup analyst. "And after that, they're looking to see if you have the technology in place and are using it effectively," McGuire said.
Eric Friedberg is a former federal regulator who is now executive vice president and general counsel at Stroz Friedberg LLC, an IT services and consulting firm in New York. Friedberg said that although most large banks and brokerages are on their way to Patriot Act compliance, many smaller companies don't intend to get there because they don't think it's worth the cost.
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- The business impact of BYOA: Five major challenges and how your enterprise can solve them This E-Book reviews five major challenges of BYOA with key subject matter experts and outlines how businesses can solve them.
- The BYOA Opportunity Visual demonstration of problems that unmonitored, employee-introduced cloud apps can cause a business, and why IT managers need a solution to help and...
- BYOA: Embracing the Opportunity, Controlling the Risk This whitepaper explores the shift from BYOD to BYOA (bring-your-own-application) and how IT departments today can address this new change in the IT...
- On-Demand Webinar: Transform Your Datacenter with Cisco ACI and Citrix NetScaler Learn how Citrix NetScaler -- the leader in public clouds, integrates with Cisco ACI to enable the enterprise network transition to a new...
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade. All Gov't Legislation/Regulation White Papers | Webcasts