Annual Compliance Program Review | Compliance Programs

The Top Ten Features to Look for in a Compliance Program Management System

For a compliance officer, finding the right software to manage the compliance program is tough.  The initial ask is to find an affordable system that can automate manual processes, allow collaboration and oversight between compliance staff and supervised persons, record compliance testing and monitor results, send reminders when deadlines are looming, and preserve the integrity of your records by incorporating an audit trail.  The system should be easy to use, administer and customize.

Current “software as a service” offerings provide affordable, customizable programs that can be used by all types of registered investment advisers, including private equity and hedge fund managers, retail advisers and institutional asset managers.  Here are my top ten considerations in selecting a compliance program management system:

  1. Compliance calendar functionality. The system should include a compliance calendar programmed to provide reminders to compliance staff to complete tasks within deadlines.  Ideally, the system should automatically send reminders to compliance personnel and firm employees to perform certain required tasks by a predefined due date (such as annual holdings reports, quarterly personal securities transaction reports, the annual update of Form ADV).  Management level reports or live dashboards that provide higher-level visibility into the overall status of the program also help supervisors be more efficient.
  2. Certifications and attestation capabilities. The system should include the ability to send certifications to firm employees and access persons, track responses, send reminders to those who failed to respond and provide a report on responses.  The system should include some standard certifications as well as provide the ability to customize the questions and responses.  Ultimately, a compliance officer wants to be able to push out questionnaires, certifications or attestations to specific groups of people easily and have the system keep track of the responses.
  3. Different levels of access to the system. The system should allow for different access for different roles.  For example, the chief compliance officer should have the ability to assign compliance tasks to other compliance officers and review whether the tasks have been completed with or without exceptions, or are in progress.  Being able to approve the work of more junior compliance staff before it becomes part of the permanent record is another useful function.  The system should also allow limited access for non-compliance personnel to respond to certifications, questionnaires and attestation requests.
  4. Ability to upload testing and monitoring results in various formats. The system should make it easier for compliance officers to store their work, so they should be able to upload various document types to evidence their results.  If the test is performed using excel, the compliance officer should be able to upload the spreadsheet directly into the system.
  5. Search and download capabilities. One of the main purposes of a compliance software system is to allow a firm to house all of its testing and monitoring results in one place.  But compliance officers should be able to easily find the results of a specific test or certification and produce a report detailing those results.  This capability is especially important during an SEC exam.  Producing responses to examiner requests quickly builds credibility with the exam staff.
  6. Ability to access the system using the internet. The ability to store sensitive information in a safe place and access it when you need it is essential.  Today’s cloud-based systems offer secure storage backed up on servers in multiple locations.  The ability to access the system using the internet also makes it easier for compliance staff to work from home or other locations.
  7. Simple to learn and use. Most compliance professionals do not start off their careers as computer programmers, so the compliance program management system should be easy to learn, navigate and use.  Ideally, it should also be simple and intuitive to configure, customize and maintain.  The system should come with templates for common compliance tasks.
  8. Affordability. Although investment firms may be willing to open their coffers for expensive portfolio management tools, compliance teams have to fight for their share of budget dollars for incremental improvements.  A system that helps you automate time-consuming manual tasks, maintains the integrity of the testing records and helps the compliance team meet their regulatory obligations can provide peace of mind that you are not missing something.
  9. Ease of implementation and ongoing vendor support. The vendor should make it easy to set up the system to meet your firm’s needs and provide training and ongoing support to make the implementation a success.  A lot of promises are made during the sales process, so before committing time, energy and money to implement a system, compliance officers should do their due diligence to ensure that the day-to-day working of the system does not fall far short of the flashy sales presentation.  Request references and talk to peers.  Review the contract carefully to see what kind of support and training the vendor provides.  Find out whether the vendor sponsors any user communities, which can be helpful resources to exchange ideas and learn how your peers are using and configuring the system.
  10. Updates and upgrades to the system. Firms should also consider how the vendor responds to requests for changes to the system.  Get a feel for whether the vendor is committed to improving the system by listening to user recommendations.

A compliance program management system is a tool to help compliance officers stay organized, automate certain tasks and store required data.  But like all such systems, it is not going to fix all your compliance problems.  There is also no one perfect system for all firms.  Fortunately, there are a wide variety of vendors out there, bringing down the price and providing greater functionality to meet client demands.  It pays to take the time to perform due diligence on the products, including test drives and reference checks, to select the right system for your firm’s needs and budget.  Finally, get buy-in for your project through open and ongoing communication with all stakeholders, both in and out of compliance.  Help them understand how the system benefits them as both a risk management and time-saving tool.  These efforts can ensure support for the project, keeping everyone’s eye on the prize and helping the firm through the early days on a new system when things may not always go as planned.

Hardin Compliance Consulting uses compliance management software developed by BasisCode Compliance to power its Compliance Navigator® program.  Check out our videos to see how it works.  And look at all of the services offered by Hardin Compliance.  Please contact us with any questions.  Call us at 724-935-6770 or send an email to so that we can set up a time for one of our consultants to discuss your needs and how we can help.  Hardin is always in your corner!

Photo by Toa Heftiba on Unsplash