Driving business value from compliance

Smart organisations are preparing for compliance but the smartest are realising that if approached strategically, compliance is not a burden but an opportunity.

The regulatory environment is becoming increasingly complex for UK-based enterprises, with UK, EU and industry-specific bodies imposing a growing level of legislation, writes Lynn Collier, solutions director, Hitachi Data Systems EMEA.

Companies must stay alert if they are to avoid public embarrassment, fines or even legal proceedings. Smart organisations are preparing for compliance but the smartest are realising that if approached strategically, compliance is not a burden but an opportunity.

Learning lessons from Mifid

Despite being forewarned about impending regulatory changes, companies are often ill-equipped to deal with legislation because its true impact may not be immediately obvious.

For example, the Markets in Financial Instruments Directive (Mifid) introduced in October 2007, which most financial services companies need to follow, demands that about three times the current amount of contact records must be stored than previously. After a few months of complying with Mifid, CIOs and IT managers began to hear their storage infrastructure creak under the strain of the data deluge. In some cases, the influx of new data volumes began to cost the organisation serious money as it was stored on expensive, high-availability disk systems.

For many financial services companies, Mifid has meant a lengthy retrospective overhaul of their data storage processes and infrastructure. Switching to highly scalable storage systems to avoid expensive upgrades implementing tiered storage to lower management expenses introducing virtualisation to maximise capacity and running data deduplication software to reduce data volumes are all common approaches.

Coping with compliance

To support compliance demands today and in the future, it is key to build a robust, adaptable and agile infrastructure. There are three important things to consider when re-engineering your IT infrastructure to support compliance objectives:

  • The immense increase in data volumes often associated with compliance can require the implementation of an archiving platform. When choosing an archiving infrastructure, it is important to select an open system. Many archival systems store data in a format unique to that vendor, which can cause problems when the system has to be upgraded and the data transferred to a new format. In some cases this can lead to volumes of unreadable data or a lengthy and expensive migration process.
  • When it comes to retrieving data, the storage process is key. Files saved without the correct descriptions (meta data tags) attached will be almost impossible to find. Ingraining a culture of uniform tagging throughout the organisation will pay dividends when regulatory authorities request specific data at short notice.
  • Future-proof technology is more cost-effective than cheap storage methods. While tape storage is appealing for its price and familiarity, it can degrade over time and managing data deletion in such an environment can be challenging. This makes tape an unsuitable medium for compliance archiving whereas the reliability and longevity of disk-based systems makes them the obvious choice for critical information archives.

Driving business benefit from necessity

Forward-thinking enterprises are increasingly looking to drive business value from the necessity of compliance. As organisations log more and more data relating to customer contacts and financial information, it makes sense to harness this knowledge for business advantage, ultimately generating profit for the company.

The rate of new legislation does not look likely to abate for some time. From the Financial Services Authority's Financial Services Compensation Scheme to updates to the EU Data Retention Directive, the need to proactively address potential compliance issues before they arise will remain. By planning your IT strategy to support compliance objectives well in advance, your company will be able to deal with upcoming regulations with relative ease.

If this forward-thinking approach becomes more common, we will see many more companies mitigate the costs involved in compliance and take the opportunities that it offers.

Read more on IT legislation and regulation