De-risking the Risk-Based Approach

In today’s hyper-regulated Banking and Capital Markets landscape, institutions transacting business in key regions have aggressively implemented (albeit cautiously) intricate enterprise-wide control frameworks aimed at counteracting adverse effects arising from potential at-risk operations across all Lines-of-Business. A shortlist of these impacted areas include:

• Front Office Operations | Middle Office Operations
• Traded Products | New Products
• Order Entry | Order Execution
• Trade Clearing | Deal Settlement 
• Bank Book | Trade Book
• Market Risk Analytics | Credit Risk Valuation
• Bank Holding Company (BHC) | Intermediate Holding Company (IHC)
• Client On-Boarding KYC | OFAC PEP
• Customer Screening | Transaction Monitoring
• Data Reporting | Data Retention

Moreover, the majority of institutions in-scope of what is discussed above have all, to some degree or another, and in some manner or form, actively participated in long-term strategic cost take-out efforts centered on reducing inherent Balance Sheet risks, ranging from shutting down trading desks, or more severe, eliminating entire trading floors with legacy relationships with global counterparties. Layer upon layer, the totality of holistic adversity lies behind each institution’s unique blend of qualitative and quantitative risk factors that which, if left unmonitored or completely ignored, poses exponentially material downside management pressures. 

Additionally, business continuity is overshadowed by transactional restrictions especially when considering uber-levels of scrutiny placed onto institutions per the multitude of profile-sensitive client list identifiers, for example:

• Politically Exposed Persons (PEP) List
• International Organization of Securities Commissions (IOSCO) Data Submitter List
• OFAC Foreign Sanctions Evaders (FSE) List
• OFAC Specially Designated Nationals (SDN) List
• Non-SDN Iranian Sanctions Act (NS-ISA) List
• OFAC Blocked Persons List
• FinCEN 314(a) Information Sharing List
• FinCEN 314(b) Participants List

Given the amount of attention over what may be potentially adverse in terms of operational impacts over systemic stability, business profitability, as well as reputational security, major financial institutions continue to face heightened standards grounded in four key decision areas:

1. Can we De-Risk anywhere?
2. Do we have a Risk-Based Approach?
3. Do we understand Risk Tolerance?
4. Are we prepared to execute?

On a high-level, how can banks truly sustain global double-digit growth by traditional risk taking vs. contemporary De-Risking is on top of mind amongst key executives. There is no method in the world nor any guarantee that taking such measures, whether reactive or pro-active, will eliminate 100% of all risk categories. It is virtually impossible to warrant that shedding Business Units as a ‘quick win’, hedging against ‘low-hanging fruit’, or re-shuffling teams to remote locations are proven theories on management strategy. In the past, the instantaneous response was to Offshore or CoLo. However, now that Inshoring and Nearshoring has returned those outdated ‘band-aid’ methods will no longer suffice under current quality KPI metrics.

It is abundantly clear that a journey to the modern Banking and Capital Markets enterprise of the future will rely on not only regulatory risk mitigation via a so-called Risk-Based Approach (or lack thereof in many instances). Nor does riding along this journey involve only additional Congressional level legal mandates putting new regulatory pressures onto Management – which by the way history has proven such events often only follow any new and unprecedented adverse business activity in the past tense vs. being an active component of a broader actual-to-forecast model framework. This, of course, is a shame.

Banks, Holding Companies, Subsidiaries, Branches must incorporate Business Intelligence with Human Intelligence and Artificial Intelligence in order to become truly Risk Intelligent. Simple baby steps along the way could socialize positive Change Management on today’s Compliance culture:

• Establishing bank-wide monitoring of Learning and Development for all levels and ranks.
• Developing organizational effectiveness using time saving measures could be better established with transparent top-down communication via internal Social Media, followed by execution through Horizontal Delayering.
• Having periodic pulse checks to ensure Policies and Procedures are sound during team touchpoints.
• Ensuring employees from all divisions own and drive towards establishing innovative and interactive content that is internalized rather than simply memorized to be tested.
• Establishing appropriate incentives to incorporate Compliance objectives across the organization

In parallel, while soft-skills are working its way into the company culture, hard-skills are actively matured alongside technological advancements in workforce optimization; smart content management: real-time trigger mechanisms; future risk detection engines; or perhaps even Robotics. Being that this is a future journey towards modern operations, the vision on “De-risking the Risk-Based Approach” should not just stop here.