The risk and compliance functions at financial institutions are in need of change in a technology-driven era, but the transformation process is beset with challenges because of regulatory backlog, new regulations and cost pressures, an official said.
Using regulatory technology (regtech) in risk and compliance processes was an initiative which began at many large financial institutions a few years ago. While the process of exploring innovative ways to enhance risk and compliance functions has continued unabated, financial institutions remain beset with difficulties in rolling out new technology in a live environment with thousands of employees.
A combination of factors explains these challenges, said Kevin Nixon, senior adviser at Deloitte in Sydney and co-lead for its Centre for Regulatory Strategy.
“It is the cost, the ability and willingness of the workforce to change, the investment of time and resources to make it work, and the risk of implementation. It is a combination of things that slows down financial institutions in their adoption of technology,” he said.
Tired workforce; dealing with backlog and new regulations
But an immediate problem that needs addressing is the well-being of the workforce at some financial institutions. Some chief risk officers are dealing with a very tired and unwell workforce that is stressed and is expected to do more with less, according to sources.
“The pressure to deal with all these regulatory issues is on the institutions. A chief risk officer has to deal with people who are on sick leave or stressed-out leave,” said a source who declined to be named.
And so instead of having the time to develop new, innovative way of working, chief risk officers have to manage an existing workload that is stretching the existing workforce to the limit. Financial institutions are still dealing with backlog, new regulations continue to emerge or are being written, while regulatory actions are still being taken against financial institutions for breaches.
This does not leave them with a lot of investment funds for investing in innovations nor the time to think about changing the way of working, adapting the workforce and introducing new emerging technology, Nixon said.
“However, it is critical that they [chief risk officers] absolutely do, and so the challenge for CROs is to find enough time to deal with the needs of the future, while managing the pressure of the present. The backlog of work, the new regulations and the increasing regulatory burden, all of this needs to change. This gets to the heart of the question. If you are overseeing the risk and compliance functions, you want to be using more innovative technology and changing the way you operate. You want to embrace that,” he said.
But risk and compliance costs, the largest cost factor to any financial institutions, will certainly increase if firms are still dealing with existing regulatory burden while exploring new ways to do things better, Nixon said.
Difficult to put new technology in a live environment
While the proof-of-concept for any new technology often appears promising, implementing the technology in a production environment such that it becomes a key component of the risk management of banks requires significant testing and consideration of issues that may arise, Nixon said.
“You have to find time to explore new technology and [have] the money to invest. That’s the first thing and financial institutions are doing that. The second issue is scaling the technology and making it a reality. It is a matter of time [before the new technology gets implemented], but you are dealing with legacy infrastructure, among other things. You need to make sure it is robust from a prudential perspective,” he said.
An evolving workforce, marked by changes in the characteristics of employees, is another challenge with which financial institutions have to contend.
The onset of technology now demands risk and compliance professionals to be more aware of how technology can be used and adapted, as well as understand the opportunities that technology brings, Nixon said. Having a workforce that is able to embrace a new way of thinking is important as the objective is to use the new technology to be proactive rather than reactive, he said.
“Employees certainly don’t need to be technology experts. Not everyone has to be able to code or write an app, but everyone has to be able to understand what the technology can do, and how the landscape is changing. That is especially true in risk and compliance… There is a need for risk and compliance functions to become more adaptive, there is a need for them to use innovative technology which will produce better risk outcomes,” he said.
The changing workforce is already evident in the talent that compliance functions now hire, particularly in financial institutions which have begun to adopt new forms of technology such as artificial intelligence, robotics automation process, machine learning and data analytics in their internal processes. Compliance functions now look for candidates beyond a legal or compliance background, in favour of those with knowledge of both technology and compliance. Such candidates play an instrumental role in liaising with the IT team that oversees banks’ digital transformation and those in compliance advisory.
The evolving workforce has also meant changes in how working at financial institutions is now being viewed; it is no longer an attractive offering. The new generation, which prefers flexibility, co-working space and a more dynamic and socially approachable environment, may prefer to work for fintech start-ups rather than being put in a compliance environment at banks, said Kyle Blockley, founder of KS Consulting, a search firm based in Singapore.
“In the old days, banks offered a long-term career, a stable job, good pay and bonuses. Those days are gone now. You can join an organisation and be made redundant in a short period of time. Now if start-ups have funds, they might be able to offer attractive pay compared to some of the banks. There is a lot of venture firms out there backing start-ups. My view on the whole banking world is that they need to change. Many of the banks have been established for a very long time,” he said.
Change needs time
The adoption of technology in risk and compliance processes and the process for the workforce to adapt to new ways of doing things will take time, Nixon said.
“The ability to make changes is something that will impact the future but it is not something that will happen on a comprehensive scale right now. But it will change once we can solve it. Then we will be in a better place. Future regulatory issues will be caught earlier, potential problems will be caught earlier. And risk will respond in real-time to changing business conditions,” he said.
Patricia Lee is chief correspondent, banking and securities regulation, Asia
Copyright © Thomson Reuters 2019. All rights reserved.