Best Practices for Operational Compliance Transformation

By John Rodgers, Senior Managing Director and COO &

Sachin Sachdeva, Vice President, SSA & Company

Intro/Abstract

Faced with a tightening regulatory environment in recent years, banks and other financial services companies have reacted by adding resources to Compliance teams as a signal to regulators that serious work is being done to ensure the bank is compliant with all relevant laws. Increasingly, however, questions are being raised about whether those dollars are being well spent – and on the right functions. Spending money on Compliance functions, while short-changing Operations and Technology, is like buying a very elaborate roadmap for a trip, but neglecting to gas up the car. 

The relative abundance of resources provided to Compliance contrasts directly with budget cuts faced by the Operations groups responsible for implementing responses to regulations. This creates an environment of scarcity, where it is difficult for Operational implementation to keep up with the pace at which Compliance guidance is being provided.

Investors have started to question the efficacy of the money spent. Unsurprisingly, the high cost of compliance is being weighed against continued growth demands and margin pressures. Many companies have failed to find a balance between investing in growth and investing in compliance–often creating greater risk and missing the opportunity to address compliance concerns through improving operations and leveraging data. 

Through recent experience, we’ve helped companies create more efficient, effective organizations while reducing regulatory risk by leveraging both: (1) operational improvements and (2) data analytics and technology solutions. Below are four takeaways for Financial Services leaders on how to drive these efficiencies while reducing risk.

Drive collaboration across Compliance and implementation groups (Ops-Tech)

Siloed teams won’t work; business teams must partner with Compliance and technology for holistic solutions.

To effectively reduce regulatory risk and execute on operational processes, financial services companies must enable all involved teams (Compliance, Operations, and Technology) to manage risk collaboratively. Too often, policy interpretation and risk decisions are made in siloes. We’ve found that a collaborative approach from the onset, including all three stakeholder groups, reduces the communication gaps as well as inefficiencies that come from different interpretations of new regulations. 

Compliance departments must interpret a substantial volume of regulations and identify the most appropriate way for their organizations to meet those requirements.  Collaboration minimizes costly operational and technical re-work by ensuring that new or updated regulations are interpreted and executed in a way that makes sense for the business—striking the right balance between risk control and operational needs.

While we’re not advocating that operational teams should dictate the approach to meet regulatory requirements, we do believe that operations should be invited into the process early for two key purposes:

1. To support the process by providing the appropriate data and analytics for proper insight and decision making
2. To identify the operational impact of the decisions and help prepare the organization to efficiently and effectively operationalize the decision

Invest in implementation groups

Financial services companies must redirect spend and allocate resources for operational execution. Without adequate investments, companies weaken their initial line of defense and create inefficiencies and rework.

 To ensure that new or updated regulations are interpreted and implemented in a way that makes sense for the business, the lion’s share of spend should not be concentrated on Compliance alone. Operations and Technology teams must also have adequate resources—again, striking the right balance between risk control and operational needs.

Firms must rebalance overall Compliance spend and allocate sufficient resources for operational execution. This could require using more cost efficient approaches such as relocating Compliance departments to lower cost locations (e.g. moving away from New York and London). For example, one large bank moved its second-largest American office to Salt Lake City which is also home to its surveillance operations, and another large bank monitors its employees and clients from Nashville.

Tap the potential of advanced analytics and new technologies to improve operations and reduce costs

As monitoring costs soar, financial services companies can use advanced analytics and new tech to improve compliance operations.

Advanced analytics and new technologies and software can help financial services companies improve fraud detection audits, anti-money laundering protocol, and telematics to better gauge consumer risk. When companies use data and tech to automate routine tasks, they can increase operational efficiency and better utilize the skills and expertise of human personnel. 

Some companies, like Nasdaq Inc. and SafeScribe, use digital reasoning to monitor and analyze trader chats and messaging to alert the company of important trends or information. Other companies, like Fonetic Solutions, use machine learning to reassemble and analyze every piece of a transaction, including any instant messages, e-mails or mobile phone calls involved in the trade. At a large financial services client, SSA & Company utilized natural language processing and machine learning to reduce the time spent by operations teams reading client-submitted information and populating forms.

Financial Institutions can also apply analytics tools and software to prioritize implementation of regulation, highlight ineffective controls, reclaim efficiencies lost through testing regulatory controls, and ultimately reduce risk exposure.

Attempting to implement every word of a policy in one technical solution may lead to costly delays, regression testing issues, and increased risk exposure. Using data and analytics, Operations teams can identify critical implementation areas and thereby focus resources on training, implementing, and testing solutions for the most relevant and highest priority scenarios. For less likely or unforeseen scenarios, Operations teams can use advanced statistical methods to escalate emerging cases for manual processing.

As regulatory requirements grow, the management of each control point requires increased company resources. These controls can reduce the risk of a process but cannot completely eliminate it, leaving financial institutions with residual risk. Compliance and Operations teams can collaboratively monitor residual risks at key process points using analytics tools and software. Additionally, when financial institutions shift their focus from testing controls within a regulatory process to monitoring a few tech-enabled Key Risk Indicators (KRIs), they not only reduce time and costs, but also improve the assessment of control “effectiveness.” 

Leverage external partnerships for competitive advantage

Partnerships can drive efficiencies and allow financial institutions to get ahead of potential risk and enhance customer experience.

As regulations evolve in emerging markets, partnerships between financial institutions can benefit both customers and the firms themselves. Sharing of customer information (where allowed) as well as best practices in risk control can allow for:           

• Faster implementation of regulatory controls through best practices and solutions sharing
• Improved availability and depth of customer information
• Reduced cycle times in regulatory approvals and account openings for customers

One example is KYC.com–a partnership between BNP Paribas, Morgan Stanley, UBS, Deutsche Bank, HSBC, and Citi, among others–which will standardize Know Your Customer (KYC) processes and operations that address KYC financial regulation, tax, and counterparty requirements. KYC.com benefits customers by minimizing redundant documentation requests and benefits participating banks by reducing time and cost to collect client documents. Financial services firms who have partnered to create the KYC.com database and standardized documentation enjoy a central repository for standardized client onboarding and documentation, and reduced costs in Operations and Client Onboarding teams through simplified processes and reduced client outreach. By leveraging the experience of all participating companies, the partners are better able to “take the pulse” of emerging KYC processes–enabling them to know and react to risks faster than firms who are not part of similar partnerships.

Conclusion

The pace of regulatory change is not slowing—69% of financial services firms expect regulators to publish increased guidance in the coming year^[1]. To meet these changing regulatory demands, firms must direct resources not only toward Compliance teams but also toward Operations and Technology teams. Investing in these implementation teams, as well as analytics tools and advanced technologies to support their activities, will allow Operations groups to effectively implement regulatory guidance and continuously improve risk controls. 

References

^[1] Thomson Reuters Cost of Compliance Survey, 2016