Risk, regulatory, and compliance functions should evolve to generate value for the business.
The multitude of compliance, risk, and regulatory requirements for financial institutions will continue to increase on several fronts, leading to additional cost and complexity. At the same time, current market and economic conditions continue to make it challenging to drive revenue and reach other strategic goals. In our view, financial institutions can leverage the results generated by risk, regulatory, and compliance activities to drive profitable growth.
Consider the following example. In response to regulatory feedback, the compliance department of a major financial institution enhanced its Know Your Customer (KYC) program. As part of this effort, a dedicated team spent months analyzing accounts to identify suspicious transaction patterns. The results helped demonstrate to the regulators that the accounts were compliant with anti-money-laundering (AML) regulations. Rather than stop there, however, the financial institution took advantage of insights from this KYC analysis to generate additional value for the business: the financial institution used its insights on customer travel patterns and foreign transactions to make targeted travel insurance and credit card offers.
Meeting risk, regulatory, and compliance requirements is a significant expense for today's financial institutions. New regulations stemming from the financial crisis had cost the six largest US banks $70.2 billion as of the end of 2013, and the costs continue to rise.1
Understandably, leading financial institutions are beginning to explore the strategic possibilities of using the risk, regulatory, and compliance data they already own to drive operational efficiencies, lower costs, and increase revenues.
This is not an easy goal, however. Risk, regulatory, and compliance teams do not traditionally collaborate with sales and marketing. In addition, unique product lines and varying business types drive natural divisions and siloed behavior, making it difficult to reuse data across the organization.
We recognize that integrating risk, regulatory, and compliance information with business operations cannot realistically be implemented overnight. However, we propose an incremental approach to sharing data and analytical results across the organization to help drive profitable growth. As shown below, financial institutions that leverage their risk, regulatory, and compliance data for business purposes can realize a number of benefits.
1 Federal Financial Analytics, "The Regulatory Price-Tag: Cost Implications of Post-Crisis Regulatory Reform," July, 2014.
PwC has developed a five-step approach to repurposing risk, regulatory, and compliance data to generate business value. Following these steps positions financial institutions to capitalize on information assets they already collect and analyze:
1. Gain leadership buy-in.
Executives need to understand that this data, used effectively, represents a strategic asset, not just a substantial cost. Without leadership buy-in, functional units will not take project ownership through fear of increased costs to the business unit and a lack of support from management. In addition, functional units may become concerned over data ownership, further driving siloed behavior.
2. Establish a chief data officer (CDO) role or assign a similar interim role.
A chief data officer (CDO) can serve as a bridge between the risk, regulatory, compliance, and IT functions and the business. To be effective in this role, the CDO should have an enterprise view of data as well as a mandate from senior leadership. In addition, the CDO’s role should not be viewed by the C-suite as a cost center. Rather, the CDO should be viewed as a position that can help generate measurable business value. Financial institutions may also start by creating a CDO role at the business-unit level.
3. Develop an enterprise-wide information management strategy.
The information management strategy should be driven by the CDO (or equivalent) to help ensure that it meets the financial institution’s key business objectives. The CDO should determine which information assets can be shared, how to share those assets, and with whom they should be shared. The strategy should also address how the security and privacy of data will be managed when distributed more broadly.
4. Establish a working group.
The CDO (or equivalent) should work closely with functional leaders and the chief strategy officer (CSO), chief risk officer (CRO), and/or chief compliance officer (CCO) as part of a working group. The mission of the group should be to define a sustainable engagement model, to ensure the objectives of all parties are aligned, and to determine funding procedures.
5. Align individual projects with strategic business priorities.
The working group should review and assess what data can be leveraged to support project objectives on an ongoing basis. For each potential project, we recommend the business leaders identify the associated strategic business priority and then work with the working group to determine what risk, regulatory, and compliance data and insights can be reused for that particular initiative.
By reusing data derived from risk, regulatory, and compliance activities, financial institutions can fulfill their business objectives and create or maintain a competitive advantage.
PwC’s Retail Banking 2020 report cited customer centricity as a top priority for retail banks in the coming years. We've developed several case studies to highlight how data derived from risk, regulatory, and compliance activities can be reused to drive customer centricity.