Aaron Tanner

Aaron Tanner 

Posted Thursday March 12, 2015

Seeing the wood from the trees: Re-taking control of banking risk and regulation

Seeing the wood from the trees: Re-taking control of banking risk and regulation

Header Photo CC Flickr User Aurelien Guichard

Last month Arachnys held an exclusive roundtable event in London attended by over 20 high-level executives from financial crime departments as well as current and former senior figures from British regulators and banking associations. With approximately $65 billion being paid out in FCPA-related penalties and fines in 2014 alone, we wanted to discuss how the industry could make sense of growing compliance regulation whilst establishing best-practice teams and processes to prove due diligence to regulatory bodies. The event was held under Chatham House rule, so quotes below have not been attributed.

Compliance fatigue is driving a risk-averse culture which is bad for business

Our panel agreed that expanding regulation coupled with the politicisation of the topic had significantly increased the potential financial and reputational downsides to non-compliance. This is compounding the pressure faced by banks in meeting their increased capitalisation requirements following the financial crisis and driving “wholesale reassessments” of attitudes towards risk and investment.

With all institutions competing for skilled compliance staff, the pool of human resources is insufficient to deal with existing regulatory needs and, as a result, many institutions are instead choosing to ‘de-risk’ their client base: in some cases pulling out entirely from business in challenging markets.

Ultimately the holy grail is to deliver a successful and efficient preventive approach to regulatory compliance. This builds on what Arachnys CEO David Buxton explained was the key issue: trust. Trust must be rebuilt in consumer confidence, and with regulatory bodies and customers of financial institutions. With this in mind, it was broadly agreed that institutions had to solve three main challenges.

Three key challenges to implement a preventive approach to regulatory compliance

  • Building the right teams: not only do compliance teams need large numbers of talented and motivated professionals to help their firms fulfil complex regulatory requirements. Increasingly, senior management need to be prepared to be in the firing line as regulators are more often holding individuals personally responsible for corporate failures. Our speakers felt that a strong corporate compliance culture would allow this type of bravery to flourish and discussed how structures could be developed to positively reward individuals that highlight risky behaviour.

    Although institutions are currently struggling to recruit the “armies of people” to deal with due diligence backlogs, this shortage can be partly mitigated by building robust processes (including automation) to standardise the gathering and analysis of requirements as well as intelligence data and to reduce the space for human error.
  • Solving the intelligence gap: regulatory requirements are feeding a “data-rush”, to better understand internal and third-party risks. A key need is not only the ability to obtain information, but to build an auditable trail demonstrating the provenance and process behind data collection. This requires appropriate tooling and training for compliance teams, as well as building the ability to deal with diverse markets and regulatory regimes.

    Technology for instance should be used, not only to gather and analyse internal and third party data, but also to help businesses explain what they are doing in terms of due diligence activity. This traceability is key to building the trust that is currently lacking in many compliance departments. The more open an institution can be in how it both addresses and mitigates risk, the better trust can be rebuilt with regulatory bodies and other stakeholders.
  • Dealing with multiple regulatory frameworks: in the increasingly global market that financial institutions need to thrive in to regain their competitive edge, firms must build the capacity to satisfy compliance requirements in multiple jurisdictions. One participant noted that looking to “tick a specific compliance box created with one vendor” is no longer acceptable as different regulators will have different due diligence requirements.

    The participants discussed the extent to which regulatory authorities were becoming more integrated and delivering more “joined up” regulation. While initiatives such as automatic sharing of information under FATCA, regional regulations such as the EU’s Fourth AML Directive and proposed pooled resource platforms for regulators were reducing redundancy, there was scepticism that great progress would be made on this front. Until then, maintaining in-house capacity to operate in multiple geographies and jurisdiction would remain essential.

Tech tooling can bridge gaps in capacity

New challenges that arise in the ever-changing compliance landscape will broadly be connected to these three issues. As the limited size of the available pool of top compliance professionals will be difficult to change in the short term, the panel agreed that greater adoption of appropriate tech tooling was essential to boost efficiency, transparency and scalability. In addition to streamlining intelligence gathering, technical solutions should support firms in defining standardised and repeatable processes to reduce human error.

Keeping up with variation in regulations from jurisdiction to jurisdiction will continue to be a thorny challenge for financial institutions in the near to medium term and it is likely that many institutions will continue to resort to “de-risking” their client base. However, harmonisation of standards across borders and pooling of resources, where appropriate, may begin to lessen the burden. Ultimately, though, banks will need to regain their confidence operating worldwide, which will require a step change in the capacity of compliance and Financial Intelligence Units. This will require a larger and more mature workforce with the resources and confidence to conduct due diligence at a consistent standard and at scale across hundreds of markets.

Topics: / Arachnys in the News

Stay current with the latest from Arachnys

Subscribe today