Since the 2008 economic crisis the regulatory landscape in the financial services sector has changed drastically. Today, financial institutions are facing a whole host of new, stringent regulatory reporting and disclosure requirements - FACTA, OFAC and Basel II/III to name but a few. The £128 million fine recently imposed on BNY Mellon by the FCA gave us a sobering reminder of the very real penalties for those who fail to comply with these regulations. The key challenge is that the scope and nature of compliance has evolved into a very different beast than what it once was, as it is no longer limited to rules-based banking regulations. Operational and compliance risks have become far more complex, increasing the potential for failed processes that cause customer confusion and compliance breakdowns.
For global financial institutions there isn’t a ‘silver bullet’ that will address these risk and compliance challenges, as geographic differences mean bespoke solutions are often required for different regions. As a result, global financial institutions suffer from the lack of an enterprise-wide view of compliance because of siloed and insulated risk programs. With the emergence of new technologies and increasingly complex policies, governance structures have reduced organisational efficiency and increased the cost of operations significantly.
The ongoing operational and technological challenges facing financial institutions are huge. For instance they need to be able to link compliance regulations and policy settings to support workflow and systems; they need to create complex regulatory reports for multiple regions; and they need to consolidate their know-your-customer (KYC), anti-money laundering (AML), and anti-fraud operations and technology across silos and regions. These and other challenges are affecting financial institutions’ top and bottom lines and are an unwelcome distraction to getting on with running their core business.
Reduce financial and reputational risk
If there is a positive to come from these pressures and the burden to comply with more stringent regulations, it is that financial institutions are being forced to become more proactive when it comes to risk and compliance. Historically, financial institutions have adhered to a culture of reactive damage control, but this is no longer sustainable considering the financial and reputational risks involved.
Commercially, it makes a lot more sense for a financial institution to proactively invest in managing risk and regulatory compliance. The rapidly rising cost of non-compliance is now measured in billions of pounds as a result of litigation, penalties and the cost of remediation. This increasing cost is also reflected in increased staffing in first, second and third lines of defence. From a reputational perspective, financial institutions also need to be more wary of who they do business with – does the short-term value of a customer supersede their potential long-term risk? For instance, if a new potentially high-value customer has links to crime, is it a risk a financial institution should be taking considering the potential long-term PR damage? Knowing your customer is essential in today’s financial environment!
Clearly risk and regulatory compliance plays a key role in customer satisfaction as it mitigates against the financial sector becoming the Wild West. In an environment where banks are having to deal with cash, wire and online payments, keeping track of the movement of currency can be extremely complex. Imagine a situation whereby you give your account details to a friend and they simply withdraw all your funds. How can the bank tell it was your friend rather than yourself who withdrew the funds? With the right checks and balances, such a scenario is avoidable, and this is the regulatory environment that financial institutions face today.
Financial institutions need to have a clear long-term plan in place for developing an appropriate risk and compliance strategy with the tools, data, skills and processes to support it. This requires a significant element of transformational change, which is often easier said than done when you have IT departments that speak ‘red’ and operations departments that speak ‘black’. As such, it is imperative that financial institutions work with technology partners that have the IT process and domain expertise that can bridge the gap. The changes in the regulatory environment won’t wait for anybody, so it is up to financial organisations to get on the front foot. In a risk and regulatory environment that is constantly evolving, to stand still is to move backwards.
By Rahul Singh, President of Financial Services, HCL Technologies