Compliance with confidence: Why it’s time to infuse cognitive into your risk model
To say regulatory compliance is challenging for financial institutions is a massive understatement. As it stands today, regulations are stifling the ability of a majority of financial institutions to return to value with a whole spectrum of considerations that are singularly and extraordinarily complicated, and even more so when aggregated.
Facing the challenges of heavy regulation
Firms are facing problems from many angles that challenge their margins and business models.
Banks have to take into consideration a staggering number of regulations. In the US alone, hundreds of national regulations exist that mandate a wide array of rules. Regulations can range from deployed soldiers’ interest rates on their mortgages in the Servicemembers Civil Relief Act to the need to file Bank Secrecy Act (BSAR) forms within 30 days after uncovering unusual activity. Furthermore, these regulations are rather encompassing; the US supervisor Consumer Financial Protection Bureau issued an update to its mortgage servicing rules that is 901 pages long and sits atop the underlying 1,180-page rule. And, apparently no relief will be in sight, according to London, UK–based advisory firm JWG that estimates the average, midsize UK sell-side firm will have to comply with more than 300 million pages of regulations by 2020.
Multi-jurisdictions regulatory landscape
The multi-jurisdictional nature of regulatory supervisors is also increasing pressure on global firms as they have to manage overlapping requirements, handle multi-governmental agencies (and their respective inefficiencies), and fine-tune their compliance for distinct mandates from different supervisory agencies. The plethora of regulatory regimes across jurisdictions include state, regional, national and international entities that make unraveling the regulatory spaghetti challenging, to say the least. And, these multiple bodies have different agendas that drive their requirements—whether they protect consumers or ensure macro-prudential standards are met. Capital and liquidity rules dictated by multiple bodies offer an example in which multiple jurisdictions overlap. These bodies include Basel III, Basel Committee on Banking Supervision (BCBS)’s revisions to the securitization framework, Capital Requirements Regulation and Directive (CRR/CRD IV), the Dodd-Frank Act and Collins Amendment, the Guidelines on Common Reporting (COREP) and Financial Reporting (FINREP), and IFRS 9. Managing these constituencies and their respective requirements is a rather tall order, and clearly compliance teams have their hands full with a lot of checkers doing the checking.
Regulatory scope enterprise-wide
The extent of regulatory stipulations spans and consumes the enterprise with great depth. New rules impact the entire business from wholesale, retail and mortgage to the IT organization. For example, the tentacles of BCBS 239 touch all the business because it’s about the organization’s data management practice. And for most firms, BCBS 239 has required a massive infrastructure overhaul. Another rule, the EU Data Protection Reform also leaves untouched no business unit or function within a firm. Culturally, regulations ingrained into the entire organization, and not just the compliance department, have upended how things are done, both process-wise and operations-wise.
Ever-changing regulatory goal posts
Financial institutions also face a formidable challenge in that they need to simultaneously catch up with rules that should have previously been implemented, keep abreast of current changes and attempt to plan for future developments. In addition, new regulations coming down the pipe are sometimes drastically different from their drafts, rendering being prepared in advance a challenge for organizations. And this regulatory hamster wheel is nonstop. A recent example of the incessant quest to comply with regulations in the US is how firms had to implement the Volcker Rule, which was then followed by the Home Mortgage Disclosure Act (HMDA) and the Department of Labor (DOL)’s Rule to Address Conflicts of Interest in Retirement Advice. Clearly, compliance is an ongoing journey, not a destination with an end point.
The enormous challenge to IT
As people transact with their banks in a digital fashion and the days of brick-and-mortar institutions are on the wane, firms need to consider additional regulations that include digital privacy laws and data loss provisions—and avoid data breaches. Increasingly, outside of a physical breach, multiple areas of access exist that firms need to secure in this era of personal laptops, smartphones, tablets, branches and data centers. And the pressure on IT won’t relent. In Europe, the Reform of EU Data Protection Rules calls for significant penalties in the event of a breach, and clearly the financial services industry will be a top target for regulators once the directive goes into effect.
Cooperative spirit and organizational integrity
Banks need to make sure that they not only meet the letter of law, but also abide by the spirit of the regulation. This requirement is very much the case with stress testing and why supervisors switch out the scenarios required—to ensure that banks are gaming the tests and in good spirit. The function of maintaining compliance is a continuous review process and needs to be ingrained into every process and every employee.
Costly regulatory compliance impact on the bottom line
According to a recent IDC financial press release, companies spend an estimated $480 billion on regulatory compliance. Undoubtedly, compliance is costly and doesn’t help with competitive differentiation.
Bringing cognitive technology into the mix
To achieve compliance with this deluge of regulatory-driven challenges, banks currently employ a highly manual approach to address the spectrum and processes by throwing people, consultants and lawyers at the problem. However, manual is not scalable. And more importantly, it doesn’t allow for sustainable execution as humans manually read through the copious and unstructured regulatory documents. The process is arguably extremely inefficient, but is mission critical nonetheless. Not enough people are available to address these challenges successfully as it is, and hiring more resources isn’t going to ensure compliance.
To win in this dynamic age, organizations need to become all knowing. And the only way to be that way, is through cognitive technology. Cognitive is a game changer for this industry because it delivers the exacta that financial firms need to bet on to achieve compliance and business transformation for competitive advantage.
IBM has been at the forefront of leveraging the cognitive bank technologies in financial services risk management by helping its customers with integrating cognitive into qualitative, big data technologies quantitatively and everywhere in between. What this solution gives clients is compliance and insights to gain transformation—not just more infrastructure. This transformation is a result of enabling compliance staff to shift their focus from information gathering to information analysis and insights. Staff can leverage the latest machine learning techniques on dynamic market events and a wide range of real-world data to achieve compliance, as well as amplify performance and return to innovation.
Cognitive can give you confidence in compliance programs, but it is also potentially a real force multiplier for your business. Learn more by registering for Smarter Risk Summit 2016 in London, UK, 8 November 2016.