Relieving the pain and expense of compliance data management
Jon Asprey, vice president strategic consulting, Trillium Software
Financial institutions are being swamped with compliance demands. IDC predicts that financial services IT spending pertaining to risk functions will reach more than $80 billion by 2017.
The data management aspects alone can run into tens of thousands of man-hours per institution, each year. Firms have to adapt and find new techniques to manage the increasing burden, writes Jon Asprey.
European banks should be watching the innovative self-service data assurance approach their US colleagues are taking to the Dodd-Frank Comprehensive Capital Analysis and Review. This regulation requires regular data submissions and the provision of detailed reports (at individual loan-level) to the Federal Reserve Board for economic stress testing. Meeting the requirements demands that banks vastly increase their focus on data management. The CCAR submission process requires a great many data elements to be reported to the FRB in a strict format defined by the regulator. Any deviations from the specified format or any gaps must be documented and explained by the bank as part of the submission process. To satisfy the increase in regulatory scrutiny, banks have had to empower business users in Risk and Finance to better understand their data. The solution several have adopted is to provide these teams with “self-service” data assurance capabilities.
While traditional compliance approaches required risk teams to rely heavily on expertise from IT and operations for data management, a number of US banks have been able to significantly reduce this reliance, improving team effectiveness and increasing speed to delivery. Self-service data assurance, supported by business friendly data analysis tools, is empowering CCAR compliance teams to access, validate, analyse and monitor compliance and risk data themselves, without extended reliance on technical resources. As well as speeding up work and reducing costs, self-service is enabling compliance teams to be more dynamic; able to cope with frequent changes to data rules prescribed by the FRB and also to better cope with demands for high frequency reporting (monthly). A further benefit is that data transparency is improved, resulting in more satisfied regulatory authorities.
According to one US institution, the introduction of self-service capabilities has been as transformative to data assurance at the firm as the introduction of Microsoft Word was to word processing. Self-service is delivering significant manpower cost savings and minimising the upheaval that new compliance demands place upon the bank.
“Data rules, of which there are thousands under CCAR, can be processed and applied at least ten times faster than before,” said an executive at the US institution. “For example, rule modifications from the FRB can now be applied in minutes as opposed to the previous turnaround time of days or weeks.”
In Europe, teams faced with the data management demands of a raft of regulatory requirements could benefit from leveraging a self-service approach. With FATCA and related inter-governmental agreements adding to the data assurance and reporting burden, pressure on compliance teams is high. In just the last few weeks, IGAs for tax information exchange with the UK have been entered into by Gibraltar, Bermuda, the Isle of Man, Jersey and Guernsey. The Bank of England too could soon add to the strain, having outlined a framework for stress tests of the UK banking system which could mirror aspects of the US CCAR regime.
It is clear that adopting a self-service approach can transform compliance operations by connecting business users directly with their data. Those banks that are still relying on complex IT infrastructures to provide access to data and insight could win great advantage by understanding how some leading US institutions are empowering risk and finance teams to deliver against the particularly detailed demands of CCAR. Not only might insight into self-service tools and techniques better enable Europe’s banks deliver against current regulatory requirements, it may also help ensure they are prepared in the event of more detailed scrutiny in the future.
