Skip to content

Compliance outsourcing: Why it’s key to regulatory strategy

Tiffany Robertson
Tiffany Robertson
Freelance Legal Writer

Thomson Reuters ninth annual Cost of Compliance report has revealed that the complexity of regulation has led to more firms using third parties for compliance outsourcing. How does this type of outsourcing assist firms to remain compliant? And how can technology help?

  1. Thomson Reuters Cost of Compliance report reveals how complex regulations are increasing compliance costs for firms.
  2. The report found that almost one-quarter of firms are outsourcing their compliance functions to third-parties, while 43 percent anticipate growth in their internal compliance teams.
  3. While it may be more convenient for firms to outsource compliance functions, it is imperative the skills to manage this outsourcing is retained in-house. Training tools from Thomson Reuters can help with this.

For more data-driven insights in your Inbox, subscribe to the Refinitiv Perspectives weekly newsletter.

The financial industry faces increasingly complex regulatory oversight, with firms incurring significant costs to ensure compliance with a multitude of laws and regulations, as outlined in Thomson Reuters’ ninth annual Cost of Compliance report.

One of the key points in this year’s report is the considerable role compliance outsourcing strategy plays in firms’ regulatory thinking. Firms are relying on third parties — such as consultants or law firms — to ease their regulatory burdens.

Whether firms should choose to keep compliance functions in-house or outsource such tasks can be a daunting decision when faced with a wide variety of intricate regulatory requirements for which violations can result in significant penalties and other negative repercussions.

Relying on compliance outsourcing

According to the Report, nearly one-quarter (24 percent) of firms outsource all or part of their compliance functions as a means to gain additional assurance on compliance processes; address a lack of in-house compliance skills; and save money. Specific compliance activities outsourced included annual policy reviews and email reviews.

Internal compliance functions

At the same time, however, 43 percent of respondents expect growth in their internal compliance teams due to:

  • A demand for skilled staff and knowledge (86 percent).
  • The need for additional senior staff required to cope with the volume of regulatory requirements (73 percent).
  • An increased potential for personal liability (52 percent).

Compliance outsourcing: why it's key to regulatory strategy

In-house talent gap

The reasons firms use compliance outsourcing strategies and also plan to increase internal compliance resources highlight the existence of a significant gap between needed compliance expertise and firms’ existing talent.

Firms often opt to outsource to save money on the costs of training and keeping in-house compliance teams current with regulatory change by transferring certain functions to third party compliance companies who have the skills and experience the firm does not have.

Outsourcing also avoids disruptions in compliance management and turnover costs caused by relying on several key personnel who could leave at any time.

Third parties and compliance technology

Firms can also optimize compliance with technology — such as data management, analytics and artificial intelligence — to save time with functions such as onboarding, collecting and reporting data, testing compliance systems, and performing trend analysis and predictive modeling tasks.

Such technologies can be expensive to build and implement, however, giving many firms another reason to outsource to third parties that already have such technologies.

Compliance outsourcing: why it's key to regulatory strategy

How compliance outsourcing helps

According to the Thomson Reuters report, managing and coping with continuing regulatory change is firms’ biggest challenge, with 74 percent expecting regulatory focus on managing risk to increase in the coming year.

Keeping up with these changes is an onerous task, and outsourcing the necessary research to stay abreast of regulatory developments helps firms save time and money. Similarly, firms facing sudden growth and/or increased regulatory demands can turn to compliance outsourcing for additional support in times of change.

While compliance outsourcing is a convenient and cost-effective way to address many regulatory issues, it is not without its own risks.

Firms must ensure third parties comply with all relevant laws by affirmatively identifying risks, and verifying and monitoring third party compliance, as they are ultimately liable for any regulatory violations that occur.

In-house compliance remains vital

Compliance may not be a revenue-generating function, but it is a central component of managing firm risk and executing successful business strategies. Compliance failures can have potentially devastating consequences for a firm’s reputation and financial stability.

Outsourcing compliance functions does not negate risk or the need to ensure in-house staff are aware of the importance of compliance and the legal requirements for their role.

The “golden rule for successful outsourcing” highlighted in the Thomson Reuters report maintains that “… while activities can be moved to a different group, company, or a third party, the skills to manage those activities must be retained in-house.”

There is no substitute for having the appropriately skilled compliance personnel. This is why Thomson Reuters has developed training tools to help firms train staff on relevant laws and regulations, including its Conduct Risk Suite  online training courses on Data Privacy and Security, Ethics and Compliance Essentials and Financial Crime.

Refinitiv is now on Telegram! Receive daily updates of critical and timely market analysis to your mobile. Subscribe to

Subscribe to the Refinitiv Perspectives Weekly Newsletter