It’s Halloween tomorrow so no doubt you have some ghostly and ghastly creatures adorning your living room windows.
You might even have the Grim Reaper there, the human personification of death, and someone you most certainly want to avoid.
We often joke that the banking regulator is a bit like the Grim Reaper (in the nicest possible way!) – someone you also don’t want knocking on your front door.
Financial organisations today face an increasingly complex regulatory environment, where failures can result in serious repercussions.
According to the Basel Committee, these include, “the risk of legal or regulatory sanctions, material financial loss, or loss to reputation…as a result of failure to comply with laws, regulations, rules, related self-regulatory organisation standards, and codes of conduct applicable to its banking activities.”
In fact, at the time of writing, fines by the FCA alone during this calendar year have so far amounted to £153,899,118.
Of course, it wasn’t long ago that we also heard that a US banking regulator issued a $400 million penalty to one global financial powerhouse over serious compliance failures.
So, how do you keep the Grim Reaper of the regulation world from coming-a-knocking this year?
We think there are four important steps financial organisations can take:
Ensure you can identify compliance risks quickly and easily
Being able to identify the type of risks and where they are are part and parcel of an effective compliance program. But there’s much more than that to consider. Can you identify why they exist, the source of the risks, and the effect the risks might have? For FSOs being able to detect risk easily means things like a quick identification of over-retained data, identification of personal data, and identification of card data within your organisation’s unstructured information.
Manage your risks through automation
Once you have identified where your risk is, you need to manage it on an ongoing basis. Automating this process makes it easier to govern data as required by your first line of defence. Ways to ensure this is fulfilled include automated classification of data retention and disposition policies, automatic classification of data against your Information Governance Strategy, and appropriate policies and classifications being applied to new data as it is being created.
Enhance your reporting capability
Manual compliance reporting requires extensive time, resource, money and expertise. In fact, it’s been estimated that banks spend 50% of their time preparing regulatory reports when they should be spending around 20%. Financial organisations can speed up this process with an automation solution. Our platform AI.DATALIFT provides evidence of compliance over time with a full audit trail – allowing for more regular risk reporting.
Emphasise compliance across the organisation
Financial organisations need to transform compliance roles from one single person or team, to ensure a larger emphasis on risk management and monitoring. In the recent $400 million case we mentioned above, the finger was also pointed at the bank’s Board of Directors for not having the right oversight and insight into compliance. Make compliance information accessible to required stakeholders across the organisation in an open and transparent way.
While the above might seem like a to-do list, compliance should not just be seen as a tick-box exercise. Expectations from regulators has increased but so too have expectations from customers. Unlocking the potential of data through RegTech solutions also means that FSOs can do more with their information, enhancing user confidence and user experience. Or as all financial organisations want today, customer centricity.
So, as you put away your Grim Reaper figurine for another year, why not call us to find out how you can ensure you don’t have any unwanted visitors in the form of a regulator this Autumn.