May 23, 2016 | Written by: Mina Wallace
Categorized: Banking | IBM RegTech Innovations
Share this post:
It’s no secret that the volume and depth of regulations have positioned regulators as the top “customer segment” for many global financial services organizations, that’s why financial services risk management is so important.
Many organizations I speak with talk about how they have to juggle the need to revisit traditional business models, driven by demands to meet shareholder expectations and keeping FinTechs at bay with daunting regularity, all the while in an environment where agencies such as the OCC, SEC, FCA, BoE, APRA, and the FRB issue a litany of requirements, reports, tests, enforcements, and warnings. The regulatory list is exhaustive with a goal post that’s always moving – it seems you can’t throw enough bodies at staying compliant.
Further challenging organizations is the disparity as to where regulations affect a business unit, which was recently illuminated by a handful of enforcement actions ranging from the Consumer Financial Protection Board, in the US, fining a payments company for misrepresenting how it protects customer data (IT) to Habib Bank (IT and Risk Management) receiving an enforcement action for AML . It’s clear the scope of regulatory requirements and scrutiny are rather all encompassing across an organization and no department is spared.
Instilling compliance into an organization from a cultural, functional, and infrastructure perspective is no easy feat. Out of necessity to tackle the problem and provide an infrastructure to manage what promises to be a continual onslaught of regulations, organizations are turning to a combination of technology and thought leaders to provide the most painless and “cost conscious” solution as possible. Given the complexity of the regulations and how organizations have traditionally tackled this problem, compliance executives know that there is no guaranteed elixir. Further, compliance is pervasive as it touches every element of an organization from IT to sales to the CEO and of course, CCO. What I have observed in working with our clients, is that moving to a holistic view of compliance and leveraging contemporary technology to support the compliance program is a giant step from what often is a silo-ed, manual, and business line / functional focus that is policed by an overworked compliance function.
Due to this overwhelming and ever-changing nature of the regulatory beast, many financial services organizations I meet with recognize the value of implementing a regulatory compliance framework and how it has the potential to pivot banking organizations to simultaneously manage risk proactively and create value through risk management. Rather than throw budget at “one off” projects that help organizations with compliance, top performing organizations are using compliance spend as a catalyst into a new level of transformation for their business.
Banks that achieve results at pace tend to also focus on the “why” part of compliance first, by looking to solve, improve, or transform a risk and compliance business problem such as business transformation or aligning risk and Finance. And, these banks typically focus on either a portfolio of assets, a geography, or a line of business. They establish a clear business outcome and work backward through the “how”(i.e. such as improved analytics and velocity of risk data as it moves from the back office to the front office where decisions are made) and “what” (e.g. governance, data quality, glossary, lineage, etc.). These organizations constrain the effort to only those activities that contribute to the outcome. This allows banks to develop the necessary strategy, process, and technology pieces to solve today’s risk problems and anticipate those in the future. As a result, they not only do what the regulators are asking them to do, but they are also transforming their business to focus on developing a competitive advantage.
Financial institutions have been investing and focusing on building out the common data capabilities including MDM/RDM, metadata management, data quality, and governance for years and are now finally linking these data capabilities into enterprise-wide GRC solutions. These GRC solutions capture the data at the source and in the field by “non-risk” people and make it available to address a multitude of business and regulatory requirements. Having this enterprise capability reach the boundaries of the organization and leveraging this data as required is basically table stakes for addressing compliance. However, this just is the mechanics of the problem – but rather, it’s how organizations approach compliance that either keeps the regulators at bay or positions the firm for economic benefits or even business advantage. What transforms a compliance-only capability to a cost avoidance/reduction, value creation capability is how you leverage the enterprise view of data to derive insight.
Financial services risk management
How you can leverage data to gain insight is being revolutionized. There are some capabilities through cognitive tools that are game- changing enough that one can call them silver bullets, offering the promise to move an organization’s infrastructure from a mechanical data repository to an agile, compliance fit-for-purpose environment. Today’s cognitive technology is able to help with financial services risk management. The automatic mapping of the regulation to the control infrastructure of an organization in order to illustrate that a regulation itself is aligned with an organizations control infrastructure, policies and procedures, is the secret sauce.
In today’s age, hiring more people isn’t going to pass muster to achieve compliance and business transformation. There is clear mandate to achieve compliance and transform– and that’s through cognitive technology. We at IBM have been at the forefront of leveraging cognitive technologies in financial services risk management by helping our customers with integrating cognitive with qualitative, big data technologies with quantitative and everywhere in between.
The mandate is clear during conversations with customers – those organizations who transform their undercarriage both comply (i.e. run) and catalyze (grow) simultaneously.