Risk & Regulatory Consulting

Our PwC Risk and Regulatory professionals have an all-rounded industry, regulatory, and consulting experience to help you in navigating today's challenging global landscape. We create, preserve, and realise value from the risks undertaken by the businesses.

Our capabilities

Strengthening data governance (BCBS 239)

Harnessing the power of properly managed data

To help banks achieve full compliance, we will help operationalise a data governance framework that is aligned to industry best practices based on BCBS 239, the global standard for risk data governance, aggregation, and reporting. We have successfully assisted global systemically important banks worldwide to achieve compliance by using our PwC BCBS 239 Capability Model that is fully mapped to the Principles, and allows the thinking and planning to be performed in a business context. Our unique model makes us the only external consultant in Singapore to support banks through to completion in the BCBS 239 compliance process, from strategy to execution.

We have a suite of offerings for each of the high level phases as shown above, in order to help you to perform a gap analysis, design a roadmap, assist in the implementation, set up an independent validation function, and to derive business benefits from the data by doing analytics and reporting to support desired business outcomes.

Operational risk management automation

A holistic approach for ORM automation

Once a minor consideration, operational risk management (ORM) has become an imperative for many banks. Financial institutions are now investing more in ORM systems and dedicating more resources to operational risk disclosures. This is a stark contrast to a decade ago, during which ad-hoc and reactive approaches to operational risk were more common.

Banks will need to adopt a holistic approach to fully unlock the benefits of ORM automation, and that is where PwC comes in. Just like building a house, we advise on the right foundation, building blocks, tools, and people needed to implement a strong automated operational risk system.

In view of the fast-changing business environment, we believe that banks should consider automating their ORM function to achieve the following outcomes:

Our framework is one that banks can use as a starting point in their automation journey. We guide banks to success and advise on how to best execute the automation drive.

Risk-Finance Alignment

Over the years, the Risk and Finance functions of financial institutions have evolved separately, and largely exist on their own. The separate evolution of the Risk and Finance functions brought about distinct data definitions, operating models, and systems and processes that cause a fragmentation in the data. There are also overlaps in work that result in inefficient processes and disparate outcomes.

What is it? Risk-Finance alignment is the alignment of Risk and/or Finance activities, that when done collectively, can result in a more efficient and effective operation through harmonising of processes, systems and skillsets. This is often done by eliminating duplication or reducing the amount of time for manual reconciliation.

What is it not? Risk-Finance alignment does not entail merging both functions into a single unit. Each function has distinct mandates related to the first and second lines of defense that have a degree of separation and independence.

How will Risk-Finance alignment create value for my organisation?

Risk and Finance alignment can be a strategic initiative that can alleviate the identified key pressures and help banks gain value, namely in the following areas:

Data Management
Reporting Accuracy
Capital Planning
Decision Making
Human Capital

When Risk and Finance functions interact with each other more frequently, organisations should start to centralise sources and develop a single source of truth (data management). The centralisation of data can improve overall accuracy of reporting, while still maintaining the integrity and accountability of the quality of the data (reporting accuracy).

Your organisation can then execute better capital planning as a result of the improved data quality (capital planning). With an accurate and aligned assessment of Risk Weighted Assets, liquidity buffers, account/credit ratings, you can quickly make informed decisions (decision making), produce attractive products for your clients, and identify opportunities for profits or overall cost savings.

With a more streamlined data management process shared by both Risk and Finance, you can better plan for your human capital needs and train certain teams within both functions. This prevents the duplication of roles and responsibilities in the functions, and allows staff to have a clearer career path in your organisation, developing skills that would keep them relevant (human capital).

PwC can help you in every step of the process

To help achieve real alignment, we will perform a Gap Assessment on opportunities for alignment of the processes and systems, and provide recommendations and options on how to close these gaps. This will then lead us to design an efficient Target Operating Model. At the Implementation stage, we will identify opportunities that will deliver immediate value quickly and prioritise them.

Other solutions that require a longer period of time like systems enhancements, or those that are more sensitive in nature (e.g. affecting job skills and resources in each department), will be deliberated in further detail and implemented after careful consideration.

Driving a strong Risk Culture

What do you do when no one is watching?

The culture of each organisation is unique and cannot be legislated. Each organisation is responsible for its culture and Boards are called to assess and oversee. More importantly, Boards need to manage their culture to reduce exposure to risks. This means taking action to address risk culture and continuously monitor it. Our expertise will guide your organisation in reaching your ultimate goal of minimising enterprise risks.

Our PwC model recommends that Boards and Management take steps to shift behaviour. You can do this in many ways, like creating visible signals such as symbols for employees in order to “nudge” them towards the desired culture.

The various components of a Risk Culture

Although difficult to measure actual culture, it is possible to measure:

Espoused values, focusing on attributes commonly associated with good customer/community outcomes
Some actual behaviours that the organisation tracks like whistleblowing or grievance (willingness to speak up)
An increasing ability to track actual behaviours in situ via technology, e.g. using machine learning to track behaviour through natural language analysis of emails, or call centre monitoring, for instance
Qualitative observation of behaviours

Risk and Finance Transformation

Maximising value with minimal waste

We can support you on your journey to streamline your Risk and Finance processes, leveraging our experience and methodologies, and our understanding of common pain points through a six-step roadmap.

Beginning with Scoping, we align the project scope with a wider business agenda and strategic direction. We also undertake cost-benefit analysis to prioritise scope areas, and assess customer value. The second stage is where we independently conduct value stream mapping to understand the current business layout, and critically assess existing processes and manual control points.

In the model development stage, we provide globally accredited best practices and tap on experienced professionals to guide you. We then analyse the current and desired states of the critical-to-quality areas and deep-dive into the assessment of Risk and Finance processes through root-cause analysis.

We proceed to implement technological solutions like robotic process automation, and design metrics that are measurable, realistic, and time-bound to measure performance before, during, and after implementation. At the final stage, we independently assess the processes after the project, effectiveness of new controls implemented, and the performance dashboard to ensure that it provides timely and accurate management information. We also identify areas for continuous improvement.

Thought Leadership

31/03/20

Singapore Banking Heads Discuss Independent Validation Function

The BCBS 239 framework issued in 2013 sets the global industry standard for risk data governance, aggregation, and reporting.

BCBS 239 – What lies ahead?

On a global basis the BCBS 239 framework was issued in 2013 after the Global Financial Crisis of 2008 showed that banks’ ability to manage risks during times of stress and crisis was inadequate.

Beyond Data Governance: Developing a Data Culture in Asia’s Financial Institutions

To create a truly competitive advantage and achieve their commercial goals, Asia’s financial institutions need to integrate strong data culture into their data governance approaches

From Data Governance to Data Culture: BCBS 239 and Beyond

Asian firms need to look beyond regulatory compliance with respect to data to ensure the most effective use of their data resources.

The rise of a 2.5 lines of defence function in Asia

If you work for a bank, common jargon you may have been heard is “three lines of defence” or “3LoD.” The three lines of defence is not a new concept; it is an industry practice that has its history dating back to as early as 2003.