Displaying search results for ""

How are Banks Turning Regulatory Compliance into An Opportunity?

How are Banks Turning Regulatory Compliance into An Opportunity?

Risk management in banking has changed significantly over the past ten years, primarily because of the rules that came out of the global financial crisis and the fines that were given after it. But significant trends suggest risk management will change even more in the next ten years.

Three changes are significant for banks and how they work:

  1. The digital revolution is making a massive difference in the available data, how it is used, and how quickly decisions are made.
  2. Technological progress speeds up changes in how customers and competitors do business.
  3. Hyper-connectivity makes information flow faster and changes how people think and act.

The Landscape of Regulatory Compliance Today

A recent E&Y survey of 21 European banks found that most want to switch to a more effective model that uses technology. At the moment, though, traditional compliance practices are still the norm.

EY’s survey shows that, for the most part, banks’ compliance functions still follow conventional monitoring, surveillance, and advisory models, with a secondary split based on geography. Even though new products come into the market and a considerable rise in digital engagement has happened in the last few years, professional compliance staff are less likely to specialize in or be assigned to specific channels or products.

Problems FIs have to deal with

  1. Governments are constantly adding more rules about capital or amending existing regulations around the capital.
  2. High overhead costs for deploying solutions to meet these regulations. The penalties for rule violations are high.
  3. Constraints of legacy systems include not enough automation and digitization to keep up with the speed of regulatory changes.
  4. Last is the non-standardized approach, where systems don’t work well together because of sub-optimal systems integration.

Enter Reg-Tech.

Changes to rules in the financial sector are happening quickly worldwide. The sheer number of new regulations means financial institutions must deal with complexity and tight deadlines. Many FI’s have had trouble making the changes regulators have asked them to make.

In this context, RegTech has built a strong foundation within the ecosystem to help solve this problem and construct solutions for new and complex regulations and regulatory remediation. RegTech has also lowered the overall compliance cost for financial institutions (FI).

Turning Regulatory Compliance into Opportunity.

Financial institutions that get ahead of regulations and use them to drive organizational change, economy, efficiency, and effectiveness could gain a competitive edge that could help them grow or speed up. This is how:

Use the rules to create new ways to do business.

When figuring out how new rules will affect your business, they consider what might need to be cut back or stopped and what might now be allowed. For instance, understanding the implications better than competitors helps the company outperform through new products and ideas.

Focus on capital efficiency, not just on having enough capital.

Much regulation in recent years has been about ensuring FI’s set aside enough capital to prevent sudden failures or near-failures. Leading FIs seek methods for extracting higher value from the available non-regulatory amounts of money. One way is to stop doing activities that require much capital and instead focus on fee-based businesses (example: wealth management) that bring in stable, predictable income without burdening up scarce capital.

Make regulatory compliance a daily part of the business.

This step improves overall compliance and frees up resources so that it can be used to determine how new regulations will affect customers, products, and even business models and devise ways to deal with them before the rules go into effect.

Partner with regulators.

In countries like Canada, FI’s and regulators work well with joint degrees of respect. In such arrangements, where FIs share their knowledge and ideas about problem-solving, the regulators can help them find robust solutions. This partnership approach helps avoid cumbersome and expensive aspects of regulation altogether.

Conclusion

Look at the big picture. As the pain of the global financial crisis lessens, financial institutions shouldn’t hold their breath and hope that regulations will be eased. Shortly, governments and regulatory bodies will have a more prominent role in financial services, not a smaller one.

The best thing for FIs is to look at new rules as possible ways to get better, not as a burden to be carried. Talking to regulators proactively helps shape a joint beneficial agenda, which over time translates into business benefits and a competitive edge for FIs.

View

Risk & Compliance in Banking & Financial Services 

Risk & Compliance in Banking & Financial Services 

The current climate (especially post-COVID) is creating a new challenge for bank leaders. The new reality of compliance is putting enhanced pressure on what is a must-do and what is a good-to-do? After this crucial point, secondary considerations arise – How do organizations decide the shape and size of their compliance departments? What about the associated risk processes and compliance technology? Ultimately the focus on risk and compliance pivots around the extent of financial penalties and reputational risks to which the banks are responsible.

Risk and Compliance Mandate for Banking and Financial Services

Leading banks understand that there must be a clear assignment of responsibilities and accountabilities that prevents role confusions, activity duplications, and clarity over risk ownership. To that extent, there is an increased focus on redefining the compliance function mandate, which is listed under.

  • Monitoring whether the business regularly meets regulatory obligations.
  • Independent oversight over all aspects of business activity.
  • Creating first, second and third lines of defense for regulatory changes.
  • Assessing the continual impacts of changing risk profiles as businesses evolve.
  • Management of conflicts of interests and issues of whistleblowing.
  • Design, document, and disseminate compliance frameworks.
  • Provide regulatory risk training

In the backdrop of these aspects, leading banks are experimenting with new compliance frameworks and cadences. Below we discuss the major components as applicable to banks.

Crucial components of a Bank’s regulatory compliance & risk management program. 

  • Risk assessment programs– mapping defined laws and regulations that apply to various lines of business and establishing a consistent risk language, thresholds, and tolerances.
  • Compliance technology– Document tech platforms used by compliance and leverage automation possibilities for risk assessment, testing, reporting, and issue management.
  • Policies and procedures– Develop formalized compliance and risk policies, procedures, and controls documentation. After that, establish and socialize business operating principles.
  • Compliance monitoring and testing– Agree on scope, frequency, and schedule for monitoring and testing. After that, align on corrective actions and remediation plans.
  • Governance– Set and communicate the ‘culture of compliance’ by establishing clear roles and responsibilities. Then define governance processes and manage compliance risk committees.
  • Regulatory interaction and coordination– Enterprise-wide rigor for risk examinations, determining communication protocols, and standard responses for regulator inquiries.

Understanding the risk and compliance mandate and exploring the program components is prudent to check how technology is transforming the function. While these initiatives entail significant investments in time and money, the gains are noteworthy. Data is continually enhanced by automating and improving operational and reporting processes and simplifying and standardizing processes. This supports the development and adoption of AI models and superior-tech cadences.

Use of Technology and Data – lessons from the future

1.) Capacity Building

Top banks are increasingly using technology to increase or enhance surveillance and monitoring activities. Additional investments in robust reporting allow compliance teams to focus quickly on specific risks and help them visualize the risk burden and the extent of reputational damage.

2.) Robotic Process Automation

Automating existing manual processes (chatbots for queries and, say, conflict of interest’s situations) have longer-term efficiency gains, not to mention the number of personnel freed for other key deliverables. Next, investments in AI software (along with the advances in Natural language processing, ML, and Semantic Analytics) cut down the sheer volume of noncomplex and non-advisory compliance-related questions.

3.) Responding to Regulatory change

Continually scanning and deciphering new regulatory updates is complex and labor-intensive. Leading banks create automation libraries of a vast inventory of regulations, laws, and obligations gathered from global sources. The teams then exploit AI tools to match and contrast the proposed or incoming rule changes. Such quick impact analysis yields significant efficiency gains.

4.) Preventing Financial Crimes

Every other month, financial crime is being foiled through data mining and advanced analytics. With advanced eDiscovery tools today, compliance teams monitor communications and identify word patterns and sentiment by splits (values across wholesale and retail firms). After that, creative solutions anchored by data and technology allow more excellent coverage, faster feedback, improved effectiveness, and lower costs.

5.) Innovating training approaches

With fast advancements in Ed-Tech sectors, risk and compliance teams employ agile training approaches. By designing and delivering digital micro-learning modules with robust assessment practices, top banks can disseminate a much better understanding of regulatory requirements across their lines of business.

Conclusion 

What does the future hold for risk and compliance teams in banks?

Successful banking teams ensure their task automation levels are aligned with their compliance strategy and the organization’s risk culture and tolerance. Moreover, identifying compliance processes, data, and analytics allows for an overall risk assessment.

In the final assessment, these steps help banks set priorities for measuring benefits and limitations in line with their budgets, resourcing, timelines, governance structure, change management approaches, and communication strategy and training plans.

 

View

All You Need to Know about Banking Compliance Regulation

All You Need to Know about Banking Compliance Regulation

Compliance broadly covers internal or external adherence to rules, policies, or governance mechanisms. From deterrence, prevention, and detection to any deviations that are agreed to, compliance is a vital instrument across information processing, security, risk management, and ethical conduct. Compliance assists in efficient decision-making, applying risk management practices, and, most importantly, showcases a company’s brand and image promise. In a complex financial market system, compliance brings the checks and balances required to legislate the sector.  

Compliance in today’s banking world

Compliance as a concept and practice needs to be understood and adhered to before any fiscal negligence or oversights. This assumes even greater significance given the interconnected nature of global banking businesses today, where organizations spread across borders are subject to various ethical and moral implications.

Due to the latest consumer credit crisis and high-profile compliance breakdowns (like three leading Belgian banks – ING Belgium, KBC, and BNP Paribas Fortis alleged to be money laundering sums around $2T), various state and central regulatory agencies have increased their watch across consumer practices and regulatory reporting. Even the general public today is more aware of the standard concepts of litigation, financial penalties, and regulatory constraints. 

Basel Standards

After the financial crisis of 2007-09, an internationally agreed set of measures was developed by the Basel Committee on banking supervision. The Basel framework was brought into action to protect the sector from recession and insulate the financial system and real economy from adverse effects.

  • Pillar I – Enhanced minimum capital requirements (governs calculations for Credit, market, and operational risk)
  • ­Pillar II – Supervisory review process (controls capital for all risks associated with the business)
  • ­Pillar III – Disclosure and discipline (regulates the disclosure of risk, capital, & risk management)

Fundamental compliance dynamics for the banking industry 

  1. Continuously changing international and European level regulations. This puts a severe strain on the limited number of staff in the compliance department for small and mid-size financial institutions.
  2. Risk management. Most risk functions are pressed to be open to enable innovation and maintain optimal costs. Basel III framework brings detection, measurement, and risk reporting under the scanner.
  3. Money laundering.  Given the rise of cyber terrorism and large-scale geo-conflicts, the menace of money laundering is active and pernicious. The liabilities of banks are at a continual high.
  4. Risk Reporting. Depending on business and geography, every bank (basis jurisdiction) has different reporting standards, making the entire scenario complex.
  5. GDPR requirements. Data storage, personal information, and management are pertinent debates to today’s risk and compliance narrative. Consequently, matters of trust and customer engagement have a direct implication.
  6. Regulatory perimeter. As the name suggests, banking activities outside the federal bank regulatory perimeter are addressed at the state and local levels. The model faces pressure with the latest advances in decentralized finance like cryptos.
  7. Third-party risk management (TPRM). Third-party risk management is a bedrock of non-financial risk for banks. Regulators understand that with the expansion of the banking ecosystem, various parameters (agility and responsiveness, consolidation, and growth) need to be understood differently.
  8. Data infrastructure and technology resilience. There is nothing more vital than data to identify and manage emerging risks. The development of risk mitigation responses depends on the robustness of integrating data and legacy systems, analytics abilities, and overall resilience.
  9. Governance and core risk management. With the WFH and hybrid work scenario increasing, foundational risk management, governance expectations, and strong internal controls must be implemented and operationalized.

Conclusion

Compliance is today a core business for banks. Top management must provide role models for the functions and present perspectives for the rest of the company. Awareness, training, and regular conversations across the C-Suite and entry-level workforce on emerging compliance scenarios are vital to the smoother integration of theory to practice in the workplace.

 

View

2022 Banking Regulatory and Compliance Outlook

2022 Banking Regulatory and Compliance Outlook

For banking compliance, a lot is expected to change in 2022. Super apps will dominate, ESG concerns will be prominent in Banks’ annual vision(s), and more use cases for digital currencies will emerge. AI and ML applications will create examples of zero-waste operations, the BNPL payments industry will thrive, and cross-border players will progress.

These are all powerful post-pandemic forces shaping the post-digital era for banking evolution.

Regulatory and Compliance Outlook – Balancing Innovation and Consumer Protection

Central regulators are rethinking and reorganizing their regulatory services with the influx of “digital” in banking operations. Like always, the goal is to ensure a clean and high trusted financial system, which protects end customers and facilitates market competition through product and service innovation.

In 2022, more than ever, the banking regulatory and compliance outlook will encompass the following agendas for action.

  1. Promoting new entrants. Today, more governmental financial authorities are optimistic about data innovation hubs and regulatory cells that help new businesses better interpret regulatory nuances. Along with adopting cashless approaches, regulators encourage economic ecosystems to favor digitization for transparency and convenience. As fiscal operations receive more robust governance, the marketplace will be faster and more cost-effective with high-convenience services. The stage is thus set for the platform giants – Facebook, Apple, and Alibaba.
  2. Reducing the cost and complexity. Simplifying the reporting and fast-tracking complex regulatory requirements is high on the task list. Digitizing reporting rules brings down the overall cost, not to mention the benefits of transparency and customer omnichannel experience.
  3. A case for innovation and higher security preparedness. Emerging technologies – decentralized finance, AI, Robotics, 5G, and APIs – will accelerate new products and services developments and support regulators in their supervision mandates. Additionally, such technological options will boost business continuity plans, risk mitigation, and disaster recovery plans for volatility threats.
  4. Harness the power of data. With mass-scale digitization efforts underway, regulators would benefit from having granular data (and metadata), robust storage mechanisms, and flexible accessibility. This arrangement will likely offer next-level agility that supports diverse business functions and enhances financial insights that improve future research and progressive measures when synced with source systems.
  5. Drive efficiency. By leveraging cloud and AI, forward-looking regulators and central agencies rearrange their clearing and settlement infrastructure. This increases both internal and external efficiencies. A step in that direction is the new ISO20022 messaging standard for richer data and interoperability and a second initiative is the increased usage of APIs.
  6. Effective Communication. In 2022, the steps to merge the vital data element to create a higher degree of transparency will continue. Open communication protocols for regulators are a top priority. The systems must be systematic, consistent, and easily interpretable to preserve bidirectionality.

Conclusion

From PSD2 in the EU, CMA open banking in the UK, HKMA Open API in Hong Kong, and Australia Treasury Open banking, to other countries deliberating open banking in multiple shapes (like Japan, Malaysia, US, Brazil, and Mexico), the banking compliance regulatory authorities are at the vanguard of meaningful industry change. All of these pose some degree of threat to banks’ business models and revenues. Still, they are focused on increasing competition, fostering innovation, reducing costs, and bringing higher-end consumer protection in the long run.

 
View

Use of Machine Learning to Eliminate “False Positives” in AML Drive

Use of Machine Learning to Eliminate “False Positives” in AML Drive

With the increase in regulatory demands, and screening volumes spiking through the ceiling, ML is seen as the only viable option to accurately detect suspicious transactions.

Over the past several years, the instances of international money laundering have increased manifold, driving enforcement agencies in various countries to update their AML rules and regulations to curb illegal means of generating income. Globally, financial institutions are racing to deploy heightened screening systems and pushing their existing technologies to cope with the new rush. Events such as the Deutsche Bank’s alleged failings in securities trades, originating from Russia between 2011 and 2015, have led enforcement agencies to make formidable AML regulations.

Almost all FIs and banks are now deploying enhanced identify verification systems. They have come up with more stringent standards for accepting new customers. PEP (Politically Exposed People) screenings have increased. Scrutiny of public records of customers are gaining momentum, so much so that FIs and banks are not hesitating to add negative news as a factor.

This is a double-edged sword for FIs and banks. As they scrutinize more closely, they also have to tread carefully so as not to cross the thin line of violating customer privacy. The customers, on their part, are becoming edgy with their banks asking far too many questions.

The Spectre of “False Positives”

There is an overload of data but data accuracy is becoming a concern. The common element of complaint amongst the financial institutions is the credibility of data procured. The factor of “false positives” where a legal transaction is often flagged as suspect is increasing.

Call out

It is clear that the old ways of rule-based filtering are proving to be inadequate, moreover, existing technologies are not flexible enough for real time interventions. Since the existing system depends on old rule based analytical methods and expert judgment, there is a higher chance of missing valid alerts.

Adoption of ML

There is now widespread belief that the adoption of analytics-led approach and machine learning (ML) will help overcome the false positive challenge. ML based risk assessment scoring and alert generation and adaptive and predictive modeling are now being seriously considered.

One of the biggest roadblocks faced with mostly manual checks and screening is the amount of triage that the personnel must do when alerts are flagged. As this load increases, personnel will set aside triaging or put it in hibernation. Most of it may get auto closed post a time period and the opportunity to action is lost forever. By deploying ML, computers can now be trained to check, screen and do triages, hibernate and close without manual intervention.

With ML, FIs and banks can now draw up a holistic view of the customer from static KYC documents and dynamic data from transactions. ML can also help build the social graphs of customers and can deal with big data effectively to create behavioural models (predictive) for individual customers. The automated system can trigger checks, screenings and triages. What more, an ML engine can be deployed orthogonal to an existing infrastructure running independently without disturbing current operations. Until the organizations gain enough confidence in their ML systems, they can effecively operate both manual and automated systems.

There are a number of solutions put forth by researchers working with real time data for clients across the world. One such solution [6] involves using advanced Data Mining techniques with Neural Network and Transaction Analysis to detect money laundering instances. This solution uses traditional data mining approach involving data gathering, clustering and classification to build a knowledge base about a customer and then watching each transaction for its frequency and quantum of funds involved in those transactions.

Artificial Intelligence (AI) AI and ML are now being deployed right from the CDD (Customer Due Diligence) stage. Called Customer Onboarding, the CDD process ensures that an automated agent provides real-time, dynamic features to the onboarding human agents to detect fraud more accurately and easily. In the next stage, called the Link Analysis, the AI/ML agents help link KYC data with other sources of structured and unstructured data and also real time transactions. This leads to faster customer segmentation where a customer behavioural map can be drawn and can be benchmarked. Once the data is generated, linked and segmented, other features like screening transactions and alerting on suspicious activities are driven through AI/ML automatically with least intervention from human agents.

ML & AI

ML Deployment in real world

Many FIs and banks are using ML for non AML operations such as building the customer transaction profile, offering AI chatbots – mostly for upselling products to customers or for better customer service.  There is a gradual acceptance of ML in fraud detection and AML regulations.

Citibank has made a strategic investment in Feedzai, an data science company that works in real time fraud detection. However, an example of a direct application of ML to detect fraudulent transactions across the globe is that of AUSTRAC (Australian Transaction Record Analysis Center) in collaboration with the RMIT University in Melbourne.

While FIs and banks and national agencies know the power of ML and its benefits, they are looking at ML as a human augmentation tool rather than a fully automated system. They are using ML without much ado to detect suspicious activities and flag it for experts to jump in and screen. However, this viewpoint is rapidly changing due to cost over-runs and sheer volume of alerts that are being generated. We will soon see ML taking on a more central role in AML compliance.

 

Sources:

[1] AI in banking analysis

[2] ML in AML applying data science ai to tackle international financial crime

[3] LEVERAGING MACHINE LEARNING WITHIN ANTI-MONEY LAUNDERING TRANSACTION MONITORING

[4] 5 steps AML compliance 2017

[5] Dow Jones and ACAMS Global AML survey results 2016

[6] A data mining-based solution for detecting suspicious money laundering cases in an investment bank

 

View