Marble vaults are not enough to de-risk banks anymore
by Andy Evans, CEO at Xactium
Recently, Barclays received a record fine of £290 million from the Financial Services Authority and US-based Commodity Futures Trading Commission (CFTC). This signals the punitive impact of Trans-Atlantic regulations and the intent of authorities to crack down on irresponsibility. In the last decade, the Western banking industry has had its reputation dented with several scandals, evidenced by catastrophes such as Enron and the last banking recession in 2007.
With more stories on bankers’ bonuses, poor governance is coming to public attention; governments can no longer adopt a ‘laissez-faire’ approach and Governments have a responsibility to look after their citizens because failures have severe consequences. As industry-changing fines are levied to ill-prepared banks, they must look into effective risk management solutions.
According to research from the American Banker, 80% of transactions from US-based bank transactions are processed in the UK, further supporting the need for Trans-Atlantic laws and governing bodies fit enough to enforce them. Banks with have multi-national subsidiaries, such as Barclays, have to be proactive in complying with local regulations, after all, shareholders or taxpayers depend on their money being responsibly managed.
Regulators are becoming more visible and stringent towards corporate malpractice. Governing bodies from both sides of the Atlantic are forming alliances to increase communication and resolve issues relating to compliance of cross-border laws. An example of this would be the partnering of the Federal Deposit Insurance Corporation (FDIC) and Bank of England in 2010.
However, banks must want to instigate internal change and adopt a new mindset aligned to a culture of compliance. New banking regulations will impact the day-to-day work. Containing risks may require increased manpower to implement new processes quickly - especially at banks with a workforce of thousands. To protect the bank, the cost of hiring new staff to monitor and implement controls will increase. These new staff could potential slow down business pace and reaction times as they come to terms with the new environment and require training in the early stages. Using Risk Management technology to quickly disseminate new practices provides a less intrusive method to deal with compliance.
In the past month, the failure of banking technology shared headlines with the failure of compliance. Events at RBS show how a lack of communication can create information black spots leading to the failure of technology, much to the embarrassment of the Chief Executive, who has refused to accept a bonus again this year.
Perhaps the proven failure to manage employees’ compliance - partly linked to technologies they were using - shows buyers are realising some technologies are not up to scratch. Solely using email as a communication can bring issues in risk tracking and monitoring critical information. The malpractice environment when Barclays manipulated LIBOR seems widespread, breaches were communicated through emails and openly spoken about, but they were not flagged.
Instead, hosted solutions such as Cloud-based risk solutions provide risk managers working across the global network of a bank the ability to comply with global regulations. The single platform provides a common view of all compliance activities across entire groups, giving risk managers and the boardroom a complete view of business operations.
Consider the use of embedded enterprise social tools such as Chatter instead of email to encourage peer review of responsible practices. All social data is available to management, and significantly, stored against the data it refers to e.g. a financial transaction. The cloud provides scalability and speed which large banks crave when discussing implementation of new technology.
There will be more penalties given to banks in months to come as authorities clean up corporate behaviour. For banks to find a way to negotiate risk, they must first look at how corporate risk is governed internally in its entirety, from the risk manager up to the boardroom.