CIO Insider

CIOInsider India Magazine


Five Trends In The Role Of Regulators In Banking & Financial Services

Jaya Vaidhyanathan, President, Bahwan CyberTek

Established in 1999, Bahwan CyberTek (BCT) is a provider of digital transformation solutions in the areas of Predictive Analytics, Digital Experience and Digital Supply Chain Management. The organization has delivered solutions in 20 countries across North America, the Middle East, Far East, Africa and Asia.

Financial institutions, being the custodians of public wealth, have a great deal of trust associated with them. This trust is gained over time from a combination of an external force that includes strict regulation from central bodies and internal forces like good corporate governance within the institution. In this context, the role of regulation has been steadily moving from policing towards that of guidance. Especially in the following areas:

1. Rating Approach: In the last decade, Basel norms recommended banks to move to an ‘Internal Rating Based’ (IRB) approach for credit appraisal from external rating based credit appraisal subject to checks and balances. The rationale was to help banks manage credit risk better by institutionalizing credit processes within each bank rather than depend on an external body. Similarly, as the economy and consequently the financial sector grows, it is imperative that financial institutions graduate from just compliance with watchdog-prescribed norms and put in place technology systems to control risks related to credit, liquidity, market, operations by themselves.

2. Focus on Data: The advent of technology-driven approaches to data analysis, i.e. artificial intelligence, machine learning, etc, has increased their dependence on customer data for competitiveness akin to Google or Amazon. Regulation across the world is moving towards capturing both the customer data and macroeconomic data in a machine-readable format and making it available in the form of a public registry for increased transparency. For instance, retail banks in the US have access to a public registry of the 100+ variables determining the credit worthiness of borrowers, using which they can run their own models for decision making.

3. Open Banking: Banks have traditionally been the most protective of customer information, especially transactional data, fearing customer churn by poaching.

However, today the economics of banking has changed, with banks competing with mobile wallets, FinTechs, and retailers, all of whom have e-payment systems in place. This makes it imperative for financial institutions to be ready for ‘open banking’. This means institutions participate in a FinTech-ecosystem where data is shared among participants, of course in a structured industry standard format that’s secured and encrypted.

PSD2 is a pathbreaking regulatory push in the EU mandating financial institutions to expose APIs for others to connect so that customers get a seamless payment experience. For instance, customers will, in the near future, pay their utility bills, from Twitter using funds from their bank accounts.

Financial institutions are making fresh investments in enterprise risk solutions, used for both internal control as well as regulatory reporting

4. Quantification of Risk: Finance has been a risky business from inception, with higher risk corresponding to higher pricing of credit. However, this has traditionally been viewed narrowly with pricing being linked to credit rating which in turn is mathematically linked to default probability. Regulation is now moving towards similar quantification of other aspects of risk. For instance, operational risk has generally been viewed as A field dealing with purely subjective aspects like ‘Safe IT practices’, ‘Physical Security at the workplace’ which find a passing mention in risk management conversations as they are not directly viewed as impacting credit. However, it is increasingly acknowledged that operational risk could lead to a financial and reputational loss for a financial institution if not controlled, and Basel norms have even categorized operational risk into buckets for better monitoring, control and capital allocation for operational risk. Towards this, financial institutions are making fresh investments in enterprise risk solutions, used for both internal control as well as regulatory reporting. Similarly, aspects of credit pricing beyond credit rating, including the presence of margins/guarantees, utilization levels, non-interest income, etc when quantified give bankers opportunities to price their products better by considering the total relationship value of a customer rather than viewing a credit facility in isolation.

5. Focus on Automation: Automation is frequently associated with only headcount reduction. While that was the starting point, today automation is seen by regulation more from risk management and transaction traceability point of view. The more transactions shift from manual entry to system generated events, the better is the ability to audit such activities, which in turn results in better accountability from the participants undertaking the transaction. Straight through processing (STP) is the mantra now, with manual intervention limited to verification, file uploads, etc. Another aspect of automation is the reduction, if not elimination, of erroneous decisions which can be of two types:

a. Intentional Mistakes: Personal biases can hamper decision making leading to bad credit decisions. Having a modeldriven approach can remove this from the equation and ensure consistent decision making given proper inputs, thereby ensuring McDonald's type standardization to the maximum extent possible across units/branches in the bank.

b. Unintentional Mistakes: Manual errors in data entry can be avoided by system level checks and validations, saving financial institutions from a lot of entirely avoidable pain.

The global financial system is moving away from a rigid regulatory framework to a more market-friendly approach, and this is great for business but at the same time brings in more risks on the table. As seen above, this is a problem that technology can overcome, with innovative solutions being engineered to take care of each kind of risk.

Current Issue
63SATS : Redefining Cyber Security For A Safer World