Acuity CTO Sridhar Damala on knowledge outsourcing and security challenges

Sridhar Damala is Acuity’s Global CTO, heading the firm’s IT function. He has over three decades of industry experience across IT, IS, compliance and corporate services, and we spoke to him about changes and challenges.

In a couple of sentences, could you summarise what Acuity does.

Acuity Knowledge Partners is a leading provider of high-value research, analytics and business intelligence to the financial services sector. We support over 400 financial institutions and consulting companies through our specialist workforce of over 4,000 analysts and delivery experts across our global delivery network.

“We have two decades of experience serving the global financial services industry. Our clients include leading financial institutions, asset managers, Fortune 100 corporations, mid-tier companies and boutique investment banks. We empower our clients to drive higher revenues. We innovate using our proprietary technology and automation solutions. Finally, we enable our clients to transform their operating model and cost base.”

With knowledge outsourcing increasing, how do you see the compliance and regulation sector growing in India?

“India is one of the leading providers of many of these KPO services, especially in the financial services sector. This sector continues to grow at a very fast pace. With a huge pool of skilled professionals, India covers over 70% of the KPO industry worldwide and provides a plethora of services.”

“Given the brisk pace at which the KPO sector is predicted to grow in India, we are seeing an additional influx of businesses setting up outsourced delivery centers in India. Given the huge talent pool available in the sub-continent, amid the skilled labor deficit, firms are looking at the levering the skilled scalable work force of India. Captive centers would face stiff competition amid margin pressure, operational challenges and regulatory compliance.  To stay abreast of the latest technology advancements, forward-looking KPOs might evaluate options of acquisitions of technology firms as a part of their transformation journey, driving efficiencies and innovation.”

To what extent have you seen terms that used to be buzzwords – namely AI and ML – become a reality in your sector and in compliance more broadly?

“Traditionally, Artifical Intelligence (AI) and Machine Learning (ML) have focused on automating costly manual work, leaving key decisions to human beings or rules-based systems. However, in compliance, AI and ML have been implemented to a certain extent in individual (retail) KYC reviews where a lot of repetitive tasks have been automated. But there are certain high judgment areas like e-communication surveillance, investment compliance, marketing literature review and forensic compliance which still need human intervention and it will take some years for AI and ML to start making a difference in these areas.”

“That said, AI and ML continues to augment monitoring and alerting especially around volume intensive data for changes, policy violations, configuration changes. Some traction is seen around the use of ML for data gathering and collation that helps increase productivity and assist human oversight on anomalies.”

Where does Acuity stand on the public v private cloud issue?

“As a strategy we have adopted cloud for delivering both internal and external services. Covid-19 accelerated the adoption as we continue to reduce our on-premise footprint.”

“Saas-based applications on the cloud have helped us deploy and scale operations quickly. We use both public and private cloud based on the business need and application or service. Choosing between public and private is driven by factors like type of application or service, type of information being handled, and control requirements to meet the compliance standards.”

“Most of the private cloud choices are driven by client posture to meet their security standards and compliance requirements.”

What are the major compliance risks with outsourcing and what sort of essential due diligence can firms perform when choosing an outsourcer?

“The major compliance risks with outsourcing are business continuity, information security and data privacy, intellectual property and un-transferred litigation risks.”

“The primary due diligence that firms need to provide while choosing an outsourcer include checking their experience in the relevant technology area and the domain knowledge, alongside the cultural fit of the company.  Knowing the communication style is also an integral part of this exercise. References and testimonials from similar players in the industry go a long way in building credibility.”

“The firm should have a robust framework around its emergency plan and risk management. Cost is an important parameter of any outsourced business, hence cost efficiency is another attribute. Consistency in quality and delivery are at the center of any outsourced job and hence continue to be a major driver of the due diligence process. Finally the business’s reputation and continuity of the vendor play a pivotal role for the seamless functioning of the business.”

What major compliance challenges do you see your clients facing in the next 12-18 months?

“After a tumultuous past two years, financial institutions continue to navigate complex regulatory requirements, risks, third-party relationships, global supply chains, and other challenges. In the current hot job market, one area around which financial services need a proactive approach is addressing the challenge of lack of skilled resources. This is often coupled with the issue of handling the increased remote workforce that the pandemic had earlier induced. Keeping up with regulatory change amid complex regulatory demands and expectations alongside the intense cyber threats requires huge resilience and advanced solutions for developing an integrated approach to compliance management.”

“Navigating through huge volumes of scattered data and bringing disparate data together to derive meaningful business insights would necessitate focused and analytics led solutions. Operational resilience would be at the center of business continuity, something that the world has witnessed in the last two years. Constant pressure on IT budgets and resources would need to be addressed with appropriate cost time and cost-saving efforts.”