Regulatory Review on the Back Burner?

I am probably not the only IT lawyer that keeps an eye on the IT recruitment adverts in Computing and Computer Weekly, trying to extract indications of the state of the IT market. An active recruitment scene, means new projects, means IT lawyers’ business increasing. It is good to see the general buoyancy of the market. The check used to be rather cursory, just to see how many pages of recruitment adverts were in the magazine, but now it deserves a more detailed systematic review.

Which developer skills are short in the market place at this point in time and why? The current shortage appears to be in the financial package areas – SAP, Oracle Financials and Siebel. Demand has been reported by recruitment consultants Parity Resourcing Solutions[1] as growing rapidly. The reason for this is the current wave of technology upgrades by large public sector projects and leading firms upgrading in order to meet financial compliance regulation. Richard Barfield, chief executive at recruitment consultants Spring Group stated[2], “..regulation is driving demand, particularly in the finance sector. Projects to meet the requirements of the Basel 2 regulation in Europe and Sarbanes-Oxley in the US are creating strong demand for IT staff that understand banking processes and new technologies”. This has combined with the magic date of ‘2005’. Many firms operate a five-year upgrade cycle, and Year 2000 was for many the last major upgrade.

The driver of regulatory change is a particularly interesting one for IT lawyers in the major full service law firms that cover regulatory work, because of the advance notice of the regulation change and therefore advance notice of a key driver for IT system upgrades.

The IT lawyer’s role has developed substantially in the last five years. We are not just the last man at the end of the deal ‘moving the boilerplate around’, but are key members in the entire purchasing process; involved in understanding the deal principles, helping to produce the requirements documentation, conducting negotiations, and following on with contract management and interpretation. The IT lawyer’s role has developed into something akin to a commercial consultant. Where the driver for the technology refresh is actually regulatory change, the lawyer has the potential for an even greater role in providing training and supporting the assessment of the business benefit, or risk avoidance, to the client.

Regulatory changes are not easily understood. Such changes are often over simplified or misreported in the press. Confusion is often understandable as the legislation is not crystal clear. Experienced experts are sometimes needed to give some translation of the impact. The financial services industry is fortunate in having many such experts in-house, but even then, due to lack of time, they are often involved only in the early stages of setting the agenda for what the business needs, and cannot be involved in the whole purchasing process of the IT system. It is a generalisation, but perhaps more than any other client the finance industry expects its suppliers to understand its whole business, and that is also true for what it expects from its lawyers. This represents an opportunity for knowledgeable, rounded lawyers.

Regulatory change has a wider impact than its effect on the financial industry. It impacts on every software-house that is building compliance and finance software, and concerns every IT purchaser concerned with its own compliance needs. Dell Computers did an interesting study on this area recently, reporting that IT managers regularly default on compliance.[3] Most IT managers either did not know about or had little knowledge of nine pieces of legislation relating to IT and business. Only the Data Protection Act and the Freedom of Information Act were familiar to a majority of respondents, whilst for example the recent Companies (Audit, Investigations and Community Enterprise) Act 2004 (which came into force in April and gives auditors additional powers to obtain accounting information), the demands of the Basel II code and the potential impact of Sarbanes-Oxley are not generally understood. Is it coincidence that IT managers understand best the legislation most likely to be known by IT lawyers?

Amongst the reasons given by respondents to the study for not being compliant with regulations and new legislation and not progressing compliance-related IT projects, were: Growth in compliance regulations: 58%, Lack of awareness of legislation: 52% and Lack of understanding of legislation: 44%. By comparison ‘Lack of money: 23%’ was a relatively unimportant limitation to project progress.[4]

IT lawyers have an opportunity. Regulation is a key driver to IT projects. Awareness of regulatory change is low amongst IT managers. IT lawyers with their contacts within the IT supplier/client sector and armed with a basic understanding of the regulatory change, coupled with serious back up from their regulatory colleagues, may be able to expand awareness of the regulatory issues and help bring forward some of the IT projects currently still on the back-burner.

Review of the plans for regulatory change could be time well spent for an IT lawyer. Current sources of system change include the EU Market Abuse Directive. UK implementation is set for 1 July 2005[5] which will impact on financial services providers and entail system changes, for example, to monitor and assess signs of market manipulation and insider trading, and to comply with the new reporting requirements in relation to suspicious transactions under the new disclosure rules. Next year’s drivers may well include required changes to systems to be brought about by local implementation of the EU’s Markets in Financial Instruments Directive, which will substantially revise the existing Investment Services Directive.[6]

I see a trend for cross legal department in-house training seminars.

Hazel Randall is a Solicitor at DLA Piper Rudnick Gray Cary UK LLP