According to a recent Deloitte study, banks continue to move forward with risk compliance strategies at the same time that future regulations are a bit of a mystery. To meet applicable laws and supervisory expectation, banks and financial institution need to shore up their compliance and risk management programs. There's no time to see how the current administration will act.
Banking organizations are focusing on changes that will help them reduce risk and secure data and access to data in their organizations. To learn more about how this could impact your organization, read on.
Build or Sustain
Following the financial crisis, reform was slow, and a structure for reform remained vague. Now, the most impactful components are being rolled out with just a few areas under construction. Many of the largest banks have a long way to go to reach the maturity needed to make intrinsic changes that meet the new standards. Broad areas, such as risk, compliance, and governance do not meet expectations. Other institutions are in the advanced stages of the build-phase and will soon turn a critical eye to see where further improvements can be made.
Five pivot points trigger where your organization lies along the spectrum of building and sustaining a successful financial institution that is fully compliant with federal regulations, and they are:
Once one milestone is met, it can be used as a pivot to begin the next. This dovetail method lowers costs and enhances the quality of each step of the way. This puts your organization in a flexible position, agile enough to act on market opportunities.
Divergence from the Regulatory Path
To springboard the pivot from the build to sustain phases, consider regulatory divergence, where timing and substance across the globe are reached. For the banking industry, a global landscape means complexity and a potentially stacked deck. To remain on the winning end of these challenges, your organization requires a focused approach to regulations and compliance.
Ask yourself the following questions:
Strategic: How does divergence limit or expand a sustainable cross-border business plan that facilities well-informed regulatory and financial decisions?
Operational: How does divergence increase or decrease the complexity of your regulatory plan? Are your banking controls and regulatory structures able to cope with the fragmentation of various global regulatory guidelines?
Technological: How does divergence add pressure on your data management systems and compromise your strategic IT capability?
Regulators are looking at their own guidance, rules, and supervision. Improvements are needed to reach effective outcomes. At the same time, The Federal Reserve Board (FRB) is hinting that there will be a sea of change in accountability and governance. Measurements will include how effective the board has been and rate the efficacy of controls and governance.
Your organization can improve the effectiveness of your board by analyzing the following:
- Confirm that the board sets clear, consistent guidelines on how to manage the bank’s strategic risks policy
- Revamp documentation to prevent inappropriate information sharing
- Call senior management to task over breaches
- Exhibit control as a culture in sensitive areas
- Protect the independence and importance of the CRO and CAE so that they retain constant access to board members
- Conduct self-assessments regarding your capabilities and governance structure
In recent years, the FRB and Federal Deposit Insurance Corporation (FDIC) moved regulatory focus on planning for a resolution. Now, banks must show their capability to execute a credible plan. Issued guidance and feedback letters to banks, as well as FAQs, have driven resolution planning. All of this is focused on execution rather than strategy. Sooner or later, federal regulations will change. In the interim, banks and financial organizations should review their recovery and resolution planning (RRP) policies. Do they give you the capability to accurately complete federal submission requirements? If regulations change how would that affect your operation?
Data Quality and Integrity
Data quality and integrity continue to be of paramount importance to regulatory and operational success. Increased capabilities in these areas will drive future regulations, so significant improvements can only further the interest of your organization. Across the board reviews at foreign and domestic institutions should help remedy remaining issues.
New requirements have slowed to a trickle after the flurry of legislation following the crisis. However, regulatory expectations for data controls and quality measures are now very high. The rollout of the government's planned CFO attestation process and reporting requirements based on materiality policies are just some of the work yet to be completed. Regulators have a high bar of accountability to challenge and monitor the progress of banking institutions.
When it comes to financial crimes, risk management supports objectives of national security. The focus is on maintaining the integrity of the country's financial system at home and abroad. In the past few years, there's been an uptick in criminal and civil enforcement on actions that fall under anti-money laundering (AML) regulations.
Here are some ways your organization can strengthen its AML and sanctions compliance:
- Augment AML governance
- Create robust and measurable risk assessment policies
- Leverage technologies and expertise to reduce vulnerability
- Prioritize compliance programs
Regardless of anticipated legislative changes and litigation that could lead to changes in the Consumer Financial Protection Bureau (CFPB), consumer protection remains an ongoing concern that cannot be ignored. Operational failures that lead to real or perceived harm to your clients will always damage your organization's reputation. Negative press, enforcement actions, social media attacks, and congressional inquiries can bog down your institution and take up resources better used elsewhere.
Strengthen your compliance management systems by taking these measures:
- Look at your compliance management processes and implement an end-to-end review process
- Aggregate, categorize, and evaluate customer complaints and social media comments, as well as more serious whistleblower comments and fraud investigations
- Read regulatory publications to proactively address hot-button topics
- Consider robotic process automation to improve compliance by providing consistent processing
Decisive Action is Needed
Regulatory uncertainty is still an issue in the industry, but you can't base policy on guesses or wait for new laws to be passed. Instead, focus on what's right for your banking institution and what serves the customers. If your bank is currently implementing policies that make sense, they're worth doing in any case.
Invest in Your Risk Compliance Team
While the future may be shaky, it's always best to be safe and plan ahead. If you're looking to build a risk compliance team that will produce top-notch strategies and programs, contact ICS. We'll be here to guide you through the process and even help you identify the top candidates. All you'll have to worry about is choosing between top qualified candidates. For quality hires, click below.
If you'd like to read more from the Deloitte's study, click here.