White Paper: How Companies in Highly-regulated Industries can use Website Monitoring Platforms to Mitigate Compliance Risk
New Technologies Engender New Compliance Risks
The impact that recent and rapidly accelerating advancements in technology have had on how we do business is undeniable. As cloud services and mobile technology continue to grow and evolve, enterprises are continually presented with ways in which they can cut costs, reach new customers, and even monetize their offerings.
While it is true that larger, entrenched organizations often struggle to adopt new technologies — often for very practical reasons — the reality is that all firms can and will make this transition if they are to survive in the increasingly competitive, technology-driven marketplace.
At the same time, new opportunities present new risks, especially when a company ventures into uncharted territory. This is especially true of companies who find themselves in highly-regulated industries, where they are exposed to a myriad of compliance risks and liabilities inherent in operating in this digital age. Such risks must factor into the “go” decision, but are all too often an afterthought.
As technology creates new opportunities for regulated companies to evolve their array of offerings – and the channels through which they reach new and existing customers – they may be unknowingly be exposing themselves to new compliance risks. All of this is not to say that these organizations shouldn’t evolve the way in which they operate; in fact, their very survival requires that they do. There are a few key steps specifically:
1 organizations (particularly those subject to stringent regulatory environments) take the time to consider the various ways in which changing and/or evolving aspects of their business operations might impact their ability to remain compliant and where necessary,
2 put safeguards and workflows in place to protect their business from potential liabilities, as well as
3 leverage a set of new and quickly-evolving digital tools designed to mitigate the risks of new compliance liabilities and increasing reliance on technical infrastructure
A Case Study: The P2P Lending Industry
One of the fastest growing industries in the past ten years — despite having cooled off considerably as of late — is the “FinTech” / online lending sector. This industry is a classic example of how advancements in technology can lead to a rise in fast-moving new entrants that can skirt existing industry regulations, given the unbundled nature of their business model and product portfolios relative to industry incumbents.
So, what is it about these online “Peer-to-Peer” lending startups that enable them to circumvent many of the prohibitive regulations enforced on banks? It turns out that by not accepting or “holding” customer deposits — a crucial element to a traditional bank’s business model — these new upstarts can serve a need that traditional banks legally cannot.
The result? Dozens of startups armed with huge financial war chests flooded the space as this industry became fiercely competitive seemingly overnight. Traditional means of customer acquisition became out-of-reach for some of the smaller, greener players in the industry — but the well-funded peer lending “unicorn” startups were willing to pay for them.
Given the intense pressure many of these organizations felt from their investors to achieve their aggressive revenue growth forecasts, the costs for these leads continued to rise at a rapid — and, for industry leaders and ambitious startups alike, alarming — rate.
Before long, Search Engine Marketing (SEM) began to become cost-prohibitive as the Cost Per Click (CPC) for lending-related keywords quickly became among the most exorbitant of any industry.
The now seemingly boundless cost of acquiring a new customer led to a notable rise in content marketing partnerships, as well as the execution of new digital marketing strategies previously uncharted by the financial sector.
Content Marketing Partnerships Fuel Industry Growth but Introduce Unforeseen Compliance Risk
As companies in the P2P lending industry rely more and more on digital marketing firms to generate lending leads, however, they also expose themselves to potential misrepresentation as they outsource promotion and sales content to firms with which they contract with, but in the vast majority of cases, do not necessarily control.
Often, content marketing firms like this will not utilize copywriters with expertise specifically in the P2P lending industry — as such, they are not aware of the nuanced and specific compliance legislation and guidelines that P2P lenders must adhere to (and which vary significantly not only from country to country, but also state to state within the US regulatory climate).
While these marketing agencies, PR firms and content shops can deliver effective marketing appeals and language successful in generating new leads, they also can inadvertently misrepresent a lender’s services, credentials, and other aspects that can violate industry regulations and compliance standards.
P2P lenders are able to avoid many of the regulations facing traditional financial institutions, but they are still subject to a fair amount of regulation and are overseen by the SEC.
Given that these P2P Lenders aren’t technically issuing any loans and are instead — at least in the eyes of the law — serving as a marketplace where borrowers and lenders are connected, they are required by law to convey this in all marketing materials.
As these companies accumulated more and more content and affiliate marketing partnerships, they simultaneously engendered a massive amount of compliance and regulatory risk. These companies began to publish volumes of advertisements in the form of content pieces that would matriculate through their internal legal compliance and risk review channels. However, after publication, these companies no longer controlled the content that they remained legally (and financially) responsible for in the eyes of regulators.
P2P Lenders Face Mounting Legal Costs as State and Federal Agencies Accuse Industry Leaders of Misleading Advertising Practices
It wasn’t long after state and federal officials began to examine the practices of the leaders in the P2P lending industry, which many considered to be under-regulated, that these firms began to endure legal challenges and increased public scrutiny.
The accusations were almost universally related to the methods with which these companies (and their marketing affiliates) conveyed their offerings to consumers. Facing public pressure, mounting legal bills and settlements, in addition to suddenly illiquid credit markets (these “Peer-to-Peer” lending companies actually depended on large institutional funding back their loan portfolio), these companies adopted much more stringent and transparent advertising practices.
While most of these organizations are committed to adhering to emerging marketing regulations, many are still challenged by the fact that a large share of their marketing efforts are through online channels out of their control. How could these organizations possibly stay on top of the thousands of paid content marketing posts and articles that it was continuing to put out?
One industry insider (and a marketer at one of the “unicorn” P2P lending firms) recalled the challenge:
“The reality is that we didn’t [effectively stay on top of the media we were producing]. We were very careful after our legal troubles to make sure all of our materials passed a thorough review by our internal compliance team but after they were published, it was really hard to monitor. The content was being posted on third party sites that we didn’t control but that we were still liable for. At first we tried to manually check these posts on a monthly or quarterly basis. We’d even set calendar reminders — but ultimately the volume of these posts became too much and we had our normal job responsibilities.”
Helpful Web Monitoring Tools for Those Operating in Highly Regulated Industries
While working in marketing and/or compliance in a highly regulated industry like the financial services sector can cause a great deal of apprehension, the good news is that number of sophisticated online monitoring platforms are on the rise:
ChangeTower – this platform provides change monitoring, which can be targeted to specific keywords, phrases, or domains themselves to allow companies to track any changes that are being made (both in-house and by contracted marketers or even competitors). This is an effective method for ensuring compliance and avoiding these aforementioned situations – a company’s legal team can provide a list of phrases or content that must be included to avoid misrepresentation, as well as monitor contracted marketing content for any promises or guarantees of services which violate established industry and legal standards.
Since its inception, ChangeTower has been well-received by those in the financial services industry plagued by a constantly growing and changing set of regulatory requirements — and the risk exposure and monitoring challenges that they pose. Regardless of the exact scenario, website monitoring tools like ChangeTower can save organizations a great deal of time (and legal costs) while providing an automated means of ensuring that companies in heavily regulated industries remain in compliance.
Pingdom – for a business in any industry relying exclusively on web-based sales or payment interfaces, an outage or server crash can make or break a company’s reputation, as well as frighten away customers who may view the company as unreliable. This issue can be compounded by search engines that penalize a company’s site for unreliability – outages like these can cost your company dearly by driving your site down Google’s search rankings, for example. To avoid these issues, Pingdom ‘hits’ your website at regular intervals, and can alert you (and your team) the moment their systems detect that your website is unavailable. You can be alerted to server outages or server performance issues right away by email or text. This allows you to constantly ensure your site is performing well, and address any issues immediately.
UpTrends – another monitoring tool, but in this case, specific to transactions. UpTrends allows you to ensure that transactions are being processed efficiently and securely – especially if your business is mostly or entirely reliant on online transactions processed through your online platform. As is the case with server monitoring above, failures of transaction processing can be a major (sometimes fatal) issue for digitally-based companies.
Sucuri – while internal issues are at the heart of what these aforementioned services monitor, malware and malicious attacks on servers and content management systems are equally important for companies with digital platforms to avoid. A service like Sucuri scans and monitors your site for instances of malware, and immediately sends notifications to you if a threat is identified. Sucuri also offers a variety of proactive monitoring tools, including cloud-based DDOS (Denial of Service) detecting firewalls, database security tools, and plugin monitors (plugins can carry malware along with the functionality they offer).