Under Pressure: Risk, Compliance and the New Wave of Regulations

By Shagun Bali, TABB Group

Originally published on TABB Forum 

Intensifying regulatory demands are forcing financial institutions to streamline application portfolios, standardize and normalize data more effectively, and ensure the rapid integration and sharing of data across systems. But many banks simply do not have the systems or control of data they need to make complex analytics an integral part of workflow.

The institutional capital markets are dealing with the aftermath of one of the most aggressive periods of regulatory intervention since the Great Depression. Not only have new governance, risk and compliance (GRC) rules forced institutions to manage more data than ever, they are forcing many of these institutions to do so in increasingly shorter timeframes. 

Across the board, regulators want more and more information from financial institutions and, consequently, institutions and banks are mandated to store, manage, analyze, and produce (whenever required) data needed to address regulatory challenges/requirements and mitigate risk. And the pressure to get it right is dramatically increasing, as fines are becoming increasingly harsh.

Anyone who doesn’t believe these new rules are changing the way that banks think about their businesses need only look at the front page of virtually any major newspaper’s financial section. Just this past week, 10 banks were fined for commodities trading practices, and one global bank announced it is returning $100 billion in customers’ deposits because new capital rules make just holding this money problematic.

In response to many of the challenges, senior industry members gathered this past week for a Cognizant-sponsored roundtable discussion on GRC, hosted by TABB Group CEO Larry Tabb. Reflecting the urgency of the industry response, it was a full house, with 20 very senior industry professionals eager to share ideas and discuss the impact and complexity of new GRC rules, including macro-prudential rules such as Basel III, Volcker, EMIR and MiFID2, as well as traditional regulatory initiatives such as the Consolidate Audit Trail (CAT) and the FINRA proposed Comprehensive Automated Risk Data System, or CARDS.

GRC regulations have made it imperative for all functions and businesses within financial institutions to share information more readily and rapidly in order to meet regulatory requirements and support and improve investment decision-making as a whole. For the effective aggregation of data, institutions need to streamline their application portfolios, standardize and normalize data more effectively, and ensure the rapid integration and sharing of data across systems. However, the consensus among attendees was that many banks simply do not have the systems or control of data they need to make complex analytics an integral part of workflow or enable information to be passed back and forth within different functions.

Rather, most institutions have monolithic legacy and proprietary IT systems that operate as silos and impede the 360-degree view needed to gather and aggregate enterprise information. Aggregating data from various businesses and functions in a central repository or data warehouse is almost impossible in today’s world, as the typical financial institution can have as many as 1,100 data elements from more than 60 different systems and data formats ranging from one-year-old standards to 30-year-old standards.

In addition, institutions have to place a great deal of emphasis on the quality of data that is required to drive new reporting and risk analytics, as problematic outcomes could causes banks to have problematic stress-test results. And the importance of getting this right can’t be downplayed, as getting it wrong means very harsh scrutiny from management, regulators and investors.

On the other hand, new regulations are pushing banks to streamline internal operations and upgrade systems. As banks evolve their compliance strategies to collaborate across business units, they wish to move toward simplified workflows and automated solutions that are flexible enough to keep pace with changing regulatory demands and integrated to maintain a comprehensive view of the business. With the right investments, banks will be in better shape to achieve not only compliance but also higher standards of efficiency and risk management in the future. And that makes regulation an opportunity as well as a challenge, roundtable participants agreed.

Rome wasn’t built in a day; nor will all the IT problems of financial firms be solved overnight. Yes, financial institutions are struggling with the implementation of these new regulations; however, TABB Group advises institutions to reach out and seek help and advice from the vendors – they understand the IT challenges and can offer expert advice going forward. Today, institutions are very averse to working with vendors on their GRC deployments; we suggest this needs to change.

The bottom line is that more than ever, institutions need sophisticated systems and tools to assess and manage data of all classes, from the start of every trade or order, and to incorporate analytics and regulatory constraints into all their workflows. Those that make the real-time analysis and exchange of data part of their everyday workflow across the front, middle and back office functions will be primed for both compliance and profitable growth.