Dodd-Frank Act Puts Focus on Information Governance: as a result of the Dodd-Frank Act, many organizations should consider revising their current business and compliance practices to satisfy regulatory reporting requirements.

• Author: Pulzello, Fred
• Position: BUSINESS MATTERS

[ILLUSTRATION OMITTED]

Major financial reform legislation that was signed into law in 2010 will profoundly impact organizations' records and information management practices for years to come. The Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank) was created "to promote the financial stability of the United States by improving accountability and transparency in the financial system; to end [the creation of large firms that have such an impact on the nation's financial stability that they are] 'too big to fail'; to protect the American taxpayer by ending bailouts; to protect consumers from abusive financial services practices, and for other purposes."

As a result of Dodd-Frank, the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission, and the Federal Reserve will create more than 200 new rules. Dodd-Frank also established new agencies, including the Financial Stability Oversight Council, which defines jurisdiction of bank holding companies and non-bank financial companies and provides recommendations on setting prudential standards on reporting and disclosure, and the Consumer Financial Protection Bureau. These two agencies alone will create 80 new financial oversight and disclosure rules.

Implementing the act's reforms will take years because many of its significant provisions have extended implementation periods and delayed effective dates. In addition, financial regulators will continue making rules for the next six to 18 months.

Dodd-Frank to Reduce 'Systemic Risk'

One of the major sections of Dodd-Frank is meant to provide better oversight of systemic risk (a risk that affects the entire financial market), and, for that purpose, it established the Financial Stability Oversight Council mentioned above. The council includes 15 members from the Federal Reserve, U.S. Department of the Treasury, U.S. Commodity Futures Trading Commission, Federal Deposit Insurance Corporation, SEC, the Consumer Financial Protection Bureau, and the Office of Financial Research.

It also re-instates the "Volcker rule," which requires banking companies to implement a robust compliance regime and measure compliance effectiveness by performing quantitative analysis to detect potentially impermissible propriety trading. While most of the impact of Dodd-Frank will be felt by financial services firms, any organization doing business in the financial, capital, and credit markets will also be affected. (See sidebar "Organizations Affected by Dodd-Frank.")

Compliance with Dodd-Frank can be accomplished only by organizations that implement the appropriate management, business tools, and technology.

Focus Is on Information Governance

Dodd-Frank increases the focus on recordkeeping for all business documentation, making it essential for organizations to invest in establishing information governance programs, which include recordkeeping policies, practices, and technology tools to improve control of their ever-growing enterprise content (e.g., e-mail, files, source code, and customer account information). Those who do so will be in the best position to adapt quickly to the new rules and regulations.

Dodd-Frank Demands ECM Capabilities

It is important that enterprise content be measured based on lines of business (broker]dealer, hedge fund, commercial bank) and volume of transactions to apply SEC and Financial Industry Regulatory Agency (FINRA) supervision rules developed by SEC and FINRA. These rules, such as FINRA 10-06, FINRA 3010, and FINRA 3110 are required to meet regulatory needs, and they complement the...