The opportunity behind risk and compliance
August 08, 2023
The rate of regulatory change is accelerating again, especially in risk management given recent events in the U.S. banking market. But the overall spend dedicated to compliance is still significant in every corner of any business. Optimizing that investment remains a critical question from the boardroom on down.
When looking at regulatory compliance problems, it’s easy and tempting to jump directly to system and regulation-specific solutions: “How do I forecast my liquidity risk?” or “How do I score transactions for money-laundering risk?” This will check the box for one mandate and one system at a time but often isn’t the best use of your budget.
If you are managing multiple systems that need to comply with an array of constantly evolving regulations and mandates, a point solution approach is likely to be expensive and inflexible.
This is when it can help to look beyond the specific regulations to take the technology dimension of RegTech seriously. Don’t worry – the steps will be familiar from solving other problems.
First, look at which regulations apply to your business. But more importantly, what types of compliance ecosystems they’re in. For example, two typical ecosystems are:
- Trading and transactions: mandates such as EMIR, MiFID, MAS, Dodd-Frank, etc., which cover know your customer, trade surveillance, financial crime, anti-money laundering, SARS reporting and so on
- Risk management: requirements such as Basel III/IV, including IRRBB, ICAAP and U.S. regs, which encompass liquidity, balance sheet, counterparty, market risk and more
Assess your systems portfolio with those patterns and priorities in mind. Each of these has a set of technology solutions. Start with the overall architecture, and then dig deeper:
- What data do you need?
- Do you have the connectivity to access it and the platform to manage, analyze and report on it?
- Are your systems API-enabled so that you can encapsulate and share functionality easily across systems?
- Can you orchestrate necessary workflows across multiple systems?
- How easily can you track these processes and replay the results if a regulator required an audit?
- Which mandates are changing – or getting increased enforcement – right now?
- Where do you expect regulators to turn next?
These fundamental questions can help you see how to leverage the capabilities that you already have more effectively as well as show you the gaps. Then look for the best technology solutions to fill any gaps. A little root-cause analysis sometimes is helpful. If the fundamental problem is data management, you may want to look at APIs, data management platforms and cloud strategy.
If you’re addressing a narrower problem, you can choose technology that’s optimized to solve it, whether that is shared functionality or a more targeted solution. For instance, you may discover that you actually need a risk calculation tool rather than a full-blown data management and analytics engine. Plus, focused technology solutions are generally cheaper to begin with and may even be reusable.
Now you’re well-positioned to comply with today’s mandates efficiently and adjust to tomorrow’s requirements more easily – all while optimizing your technology spend and making the board happy.