New digital business models depend on agile and adaptive compliance processes
In the wake of the new coronavirus outbreak, the financial services industry has experienced an unprecedented level of disruption. The industry-wide unpreparedness to this sudden shift has lefts firms scrambling to pivot and respond appropriately. Practices relating to risk management and due diligence, in particular, have been widely affected by the “contactless” reality we are currently facing.
According to our customers and our market observations, the industry must now address the following critical challenges:
- Unforeseen risks as criminal activities morph and proliferate, crossing over from the physical to the online world, in unusual schemes and patterns that fraud detection tools were neither prepared nor equipped to red-flag.
- Difficulty keeping up with the unprecedented amount of amendments to legislations and rules made due to the global emergency, and consequent obstacles in granting compliance.
- Lack of seamless remote access to many of the systems that compliance officers need to log in to in order to screen customers (e.g. for AML and EDD) and their ongoing activities (e.g. transactions monitoring, SAR, etc) or to perform recurring regulatory reviews (KYC & KYB, suitability, FATCA, CRS and more).
- An overload of new requests for certain lines of business, like access loans or financial planning services, all of which require a thorough due diligence, an activity that is typically highly time-consuming – potentially taking even longer under current circumstances – despite the extraordinary urgency of these requests.
At the very least, all this translates into massive backlogs and workload peaks, exposing firms to fraud and security issues as risks are not being properly identified and addressed.
In short, a huge burden is weighing on compliance and risk management functions.
Flexibility, rhythm, and simplification are vital in helping institutions survive and thrive in this riskier world.
Flexibility. When in-person meetings are not possible and teams are dispersed as they work remotely, it is critical to enable seamless collaboration among all participants in a process. While a one-size-fits-all approach with a strict sequence of pre-defined activities is suited to clerical work, compliance and risk staff have to handle exceptions and outliers that require substantial flexibility and ad hoc steps to adequately respond to the specific nature of an occurrence.
Today more than ever, the knowledge workers (compliance and risk professionals) need tools that help them perform tasks quickly by self-constructing the series of activities that must be performed and to collaborate in parallel with other stakeholders over a same client dossier. This allows for virtual proximity with experts across the firm, a key element to risk handling.
Rhythm. Financial firms have accelerate the adoption of innovative technologies allowing for fast, automated, data-driven risk assessment; they can do that by shifting from a “build” approach to a “buy and configure” approach, taking a well-known lesson from the automotive space, as McKinsey pointed out in its Global Banking Annual Review 2019.
In the 1990s, German car manufacturers started integrating pre-built modules in their value chain, provided by highly specialised providers. This modularisation significantly improved productivity.
By leveraging today’s mature regtech ecosystem, and on multiple and alternative data sources thanks to API-based and cloud-ready architectures, financial services firms can intelligently configure and orchestrate these technologies, making them accessible through a single entry point for users, thereby reducing response time, manual activities, and friction for both clients and employees.
Simplification. On a given day, compliance officers have to log in and out from up to 16 different systems. Firms now need to lighten the workload on their compliance and risk officers as much as possible. Whatever tasks can be automated by technology must be.
Ideally, this looks like digital orchestration of activities, automated checks, instant KYC, cross-jurisdictional rules embedded in CLM workflows, all of which ensure to dynamically assess which action to take: straight-through processing, or triggering the right action to mitigate risk, or escalating dossiers for quicker, more intelligent decision-making. This will eliminate unnecessary bureaucratic back-and-forth, giving time back to experts to focus on what really matters, like detecting new fraud patterns, clearing true positives and so on.
A shift in perception of risk
Before COVID-19 financial firms followed a “risk elimination” strategy with IT security, as well as in governance and compliance. This is now seen as presenting a massive business risk. Financial institutions have had to relax many policies with near immediate effect to turn risk management into adaptive due diligence to support customers and employees more flexibly, rather than forcing them to interact in a pre-defined way. Although policy relaxation will surely be short-lived, adaptive and outcome-based regulatory compliance is going be a theme for quite a while.
It is clear that operational agility and an acceleration of investments in digital tools have taken a new level of significance across the financial services industry; the realm of regulatory compliance and risk management is by no means excluded in this.
Indeed, the right technology represents a great opportunity for firms to take a factual step into the future of compliance agility by design.
Sponsored insights by Appway