Aegis Data Management supports financial services firms in solving regulatory compliance challenges.
Our team comes from consulting and industry backgrounds and has extensive experience of risk management, data governance and regulatory compliance within the financial services.
Aegis services are designed around a risk-based approach for regulatory compliance and monitoring, and we partner with leading regulatory technology, compliance and consultancy firms to deliver solutions to clients.
As new regulations are introduced firms need to understand how their existing policies measure against the new requirements, and identify the gaps between policies and regulations that need to be addressed.
Working in consultation with industry and regulatory bodies, Aegis can provide this consolidated view of regulatory compliance commitments, mapping the catalogue of regulatory requirements to the client's own policies and standards, ensuring these are fully aligned with the regulations.
Aegis consultants provide advice and guidance on the applicability of regulatory or policy requirements across businesses and processes and how these translate into operational requirements.
Firms should be able to quickly assimilate new regulations into their existing infrastructure and understand any change required.
Aegis aims to streamline the controls definition and assessment process, integrating the compliance process with existing risk and control frameworks, and providing traceability between regulations and controls, resulting in efficient risk-based compliance oversight processes and remediation activities.
Aegis will further extend the traceability of regulatory requirements, policies and controls to include the evidence required to demonstrate compliance.
Clients can leverage their own existing in-house compliance assessment toolset, or Aegis software can be easily configured to integrate with the firms risk management platform.
A one-off assessment provides insight into the effectiveness and completeness of existing controls and establishes a baseline compliance position, setting out the roadmap and remediation requirements with confidence. Definition of key risk indicators for the controls will support an ongoing compliance oversight and monitoring process.
A mandatory requirement of BCBS 239 (Principles for Effective Risk Data Aggregation and Reporting), establishing a suitable 2nd line of defence function to independently validate compliance is increasingly viewed as industry best practice.
The Aegis 2nd Line of Defence service ensures regulatory requirements are fully mapped to policies and standards, delivering traceability between in scope regulations and the client's internal control framework. Aegis works with clients to capture the appropriate evidence linked to each control identified, and key risk indicators are defined for ongoing active monitoring of controls and compliance oversight.
Aegis will stand up and operate the 2nd Line of Defence function, providing training and handover to the client or providing an ongoing managed service depending on the client's preference.
Aegis will identify compliance gaps between existing policies and regulatory requirements, and, following compliance assessment, will articulate the business process and control compliance gaps to be addressed.
By ensuring traceability from regulatory requirements through to controls, a risk-based prioritisation of remediation activities can be made.
Aegis provides experienced regulatory programme and project managers to support regulatory or policy compliance programmes and remediation of compliance gaps.
Aegis analysts and consultants specialise in the data policy management and the data regulatory compliance space. Recent engagements include GDPR, MiFID II, BCBS 239 and CCAR. Aegis works closely with clients to understand their individual policy needs and regulatory focus to tailor bespoke solutions to exact requirements.