John Schneider on the Compliance Crossroads


In today’s business and regulatory environment, asset managers are focused increasingly on examining their business models to ensure that they are positioned for long term success through the appropriate and effective mitigation measures.

At first pass, it is important to recognize the factors and activities that have contributed to the present business models. For example, the regulatory and industry environment that has been encountered since the financial crisis of 2008 has been unprecedented and has left most asset and wealth managers expending available resources just staying abreast of regulatory change and as a result, have resorted to implementing bespoke solutions to mitigate regulatory risks. This has resulted in fragmented business processes that are not necessarily integrated into the existing business activities.

A current generation of business managers, however, are beginning to think a bit more strategically about their business models in an effort to integrate compliance and risk management, and become more efficient and effective in managing regulatory and business risks simultaneously.

In addition, to the regulatory drivers, the landscape for managers has become more and more competitive.  As this competitive landscape continues to take shape, managers are focusing, to no surprise, on revenues and expenses.  The revenue focus has led to broader product offerings and in many cases globalization of product offerings.  On the expense side, managers are focused on optimizing business and investment risk and are examining their target operating model to achieve this goal.

3 Lines of Defence

One model that is frequently utilized, to initially assess business and risk management alignment is the 3 Lines of Defence model, which is a federal reserve concept that is intended to ensure:

1. The business is the first line of defence and therefore has ownership of the control environment with a goal of mitigating business and regulatory risks to an acceptable level;

2. Compliance and risk management functions are the second line and should be organized to monitor risks associated with the business activities; and

3. The audit function is the third line of defence, responsible for reviewing/testing the efficacy of the control environment. The second and third lines are intended to be independent of the business.

Firms examining their business model in the context of a risk mitigation optimization framework is what Alpha is seeing as the compliance, operations and risk management crossroads. To derive an appropriate outcome, it is important to examine them in concert to achieve a business model that is profitable and appropriately mitigates business and regulatory risk to protect the firms reputation.

People, Process, Technology and Governance

As a strategic review may be performed in line with the three lines of defence other objectives that firms are considering include:


Staring Point

In order for a business manager to effectively implement a new system that promotes risk mitigation proactively, there are four steps that must be taken:

1. Inventory of all current regulatory requirements and risk mitigation processes

2. Analysis of all current risks

3. Determine appropriate business model approach

4. Implementation of approach that addresses new policy and risk mitigation controls


Alpha has considerable expertise, extensive knowledge in governance, regulatory requirements and risk mitigation operating models. Alpha can help align these core services that can be tailored based on client specific needs:

  • Target Operating Model: Leverage Alpha’s expertise in producing bespoke, detailed designs for future state operating models for risk and compliance
  • Recommendations & Business Case: Our proprietary evaluation methodologies and vendor knowledge produce practicable recommendations, which are justified in comprehensive business case rationale
  • Implementation: Alpha’s experienced regulatory and risk expertise along with project management can support the full implementation process, from current state to new Target Operating Model

John Schneider, CPA, CFF

Executive Vice President, Head of Alpha’s US Compliance Practice

John has over 25 years of experience with a broad range of regulatory and risk management initiatives within the investment management industry. He is a regular contributor to articles from major publications, speaker at various seminars and conferences on pertinent topics and issues relating to regulatory change and requirements.