Point of view
Throughout the pandemic, central banks and regulators shifted their priorities away from compliance in the financial services to focus on maintaining financial stability and operational excellence.
Many regulatory deadlines were shifted to support changes in priorities to allow institutions to ‘focus resources on governance, cyber security, and conduct’.
The world is now returning to normal.
Regulatory compliance is back on the agenda, with additional challenges to accommodate working from home, staff turnover, loss of key personnel, and changed social expectations.
Recent changes in social views about working from home, the systemic risk of further lockdowns, and possibility of staff shortages combine to create a new urgency to review how automation is used in the business.
The ever-evolving Financial Services marketplace and Pandemic (Covid19) experience has shown us that companies with a balanced use of physical and online presence are best placed to survive and grow.
The Financial Services industry is uniquely placed to deliver many of its services remotely or in a virtual format. It is used to being highly regulated, and as an industry, its use of technology is for strategic advantage rather than having a purely supporting role.
Compliance in the Financial Services
Responsiv consider the top candidates for deliver compliance in the financial sector to be:
- Deliver compliance to accommodate new risks and business models
- Improve oversight of customer facing processes to assure quality
- Automate tasks with historically slow or error prone delivery
- Mitigate for loss of skills, capacity, and experience
- Improve efficiency of repetitive, mundane tasks that take staff time.
Ensuring that you are compliant with regulation and making yourself compliant takes time and money. Compliance projects often do not contribute to strategic growth, or new business.
Banks and other service providers have always been challenged with the task of providing for clients’ raising expectations. Whether it be to do with the services and products they deliver or things such as security and efficiency, organisations must provide. On top of this, organisations – especially banks and the financial services – must adhere to regulation.
Many financial organisations are challenged with delivering regulatory projects to a deadline while maintaining momentum of regular business initiatives.
Compliance projects are disruptive to operations and take resources away from where they can deliver the real commercial value. Disruptions to business will occur; you will have to find the resources, places to do the work, find and procure the right software, and still run every other business process and project as normal.
Responsiv can provide everything you need to understand the impact of a compliance demand, what the options may be, and then build and operate a solution. We will work with your team to deliver to your needs, while all the time reducing the time and disruption on their daily schedules.
We know that every company has different imperatives and reasons for action, from regulatory box ticking to creating strategic platforms for growth. In all cases it is important to match cost to benefits and deliver solutions that do not block changes of direction.
Whatever your motivation, Responsiv can offer advice and provide solutions – contact us to find out more.
To find out about regulatory initiatives over the next few years, look at this FCA initiatives grid. Regulatory Initiatives Grid – May 2021 (fca.org.uk)
Responsiv recently delivered a regulatory project to implement eIDAS compliance in an Open Banking gateway.
eIDAS (Electronic Identification Authentication and Trust Services) is the UK and EU regulation regarding electronic transactions. It establishes a legal framework for the provision and effect of electronic signatures; seals; time stamps; documents; registered delivery services, and certificates for web authentication.
By authenticating the identity of individuals and online businesses, trust services increase their confidence in electronic transactions. This means that transactions made online or electronically are made secure and genuine, thus improving cyber security. All in all, eIDAS makes information transactions secure and legally compliant across borders and organisations.
The UK version of eIDAS is a modification of the EU eIDAS regulation. Due to this, EU authorised services are still recognised in the UK, but not vice versa (UK in EU).
According to the European Commission, the eIDAS regulation:
- ‘Ensures that people and businesses can use their own national electronic identification schemes (eIDs) to access public services available online in other EU countries;’
- ‘Creates a European internal market for trust services by ensuring that they will work across borders and have the same legal status as their traditional paper-based equivalents.’
Responsiv delivered an Enterprise Connectivity Solution to support an ISO20022 migration project.
ISO20022 is the global standard for payment messaging using common language for payment data.
This standard has several benefits to it, including increasing efficiency and reducing costs and exposure to risk. By creating a standard for how payments data is transferred, you create better, more enriched data concerning payments. This means that benefits from ISO20022 go beyond just getting the correct data, going into long-term benefits for the economy.
Having access to data enriched with formatted payment information, allows better insight into buying and spending trends, as well as into fraud detection. This ability to analyse data knowing that it is standardised and therefore accurately reported, further allows for more informed decision making and product innovation (among other things).
Whilst ISO20022 is beneficial for the financial industries, it comes with some challenges. First, for a payment message to be sent and authorised, all characters must be 100% accurate and in line with the specifications. If there is just one figure incorrect then the payment can be rejected or delayed – and depending on the context of the payment, this could cause major issues.
Second, is the infrastructure on which ISO20022 can be implemented. A lot of legacy technology is unsuitable for the standard and a complete overhaul of an organisation’s tech infrastructure is on the cards.
Often customer facing processes weave their way through an organisation without any end-to-end oversight. They complete in their own time and reporting or catching problems is often triggered by the subject of the process complaining that nothing has happened.
Important processes, for example disputes, are sometimes reconciled, but often happen in an ad-hoc manner.
Compliance is impossible without measures and effective oversight. Effective oversight begins with Automation and accurate Measures that can be used to prioritise investment.
The ability to collect, mine, analyse and report on data is incredibly valuable in limiting compliance risk.
Removing human error and increasing the efficiency of these processes and analyses is a benefit only technology can provide and should not be ignored.
Automated business processes ensure that procedures are followed accurately and in a timely manner. Organisations keep up to date with regulatory and policy changes so that further action can be made to maintain compliance.
Concerns over data breaches and privacy have intensified, and so compliance requirements have restricted to combat these fears.
Security and data protection have increased in urgency since the introduction of GDPR in 2018 and yet breaches and system hacking still occurs. IT Governance found that seven months into 2021 (January-July), 815 security incidents accounting for 3,980,757,735 breached records took place.
This just highlights the need to secure confidential data to avoid incidents that could cost companies not just financially, but customers confidence too. Ensuring that organisations are not at risk of data breaches and that customer information stays safe is a priority.
IBM Guardium can be used to deliver data access oversight
IBM Guardium is software capable of preventing leaks from databases, data warehouses, and Big Data environments whilst ensuring the integrity of information and automating compliance controls. Put simply, IBM Guardium protects your data.
The problem with this is that it is a simple description, and the capabilities go beyond just data protection.
The extended benefits of IBM Guardium include:
- Vulnerability assessments
- Data discovery and classification
- Monitoring and analytics
- Threat prevention
- Access management
- Audit and compliance
- Performance and scalability
IBM Guardium therefore can help with risk and compliance as well as security. It automates and enables the opportunity to manage data efficiently and minimises the associated risks.
Due to its capabilities, IBM Guardium is the perfect solution to the security concerns associated with remote working. These concerns include accessing sensitive information remotely, and ensuring that compliance is maintained (ISO20022, GDPR).
For the financial services, IBM Guardium could streamline many existing inefficiencies. These inefficiencies mainly concern risk and regulation compliance. It enables continuous monitoring of databases and the enforcement of policies, as well as automating compliance controls. This makes the implementation and maintenance of compliance in regard to data security, management and movement a lot more efficient as software is always on the job.
To find out more about IBM Guardium, read here.
Mitigate for loss of skills, capacity, and experience
The pandemic brought about major changes to work habits and structure.
Research by NFON (interviewing 500 SMEs) found that prior to the pandemic just under 50% of organisations encouraged remote work. 50% felt remote work would hinder teamwork, 32% felt they lacked the IT capabilities necessary to support remote work, and 17% lacked trust in their employees.
How will you assure compliance when 99% of staff expect to work remotely at least part time for the rest of their careers?
Despite the distrust for remote working, it became a necessity and thus change had to occur. In a world that was constantly and quickly evolving over a short period of time, those who adapted and engaged with digital transformation were the ones to succeed.
Digital transformation provides the means for advancement and compliance adherence in the 21st century
The loss of skills, capacity, and experience is something that technology won’t necessarily be able to make up for, but it can start to bridge the gap.
A key approach to mitigating this loss being automating business processes. Business processes needed for the day-to-day running of an organisation can be automated to run either as an attended or unattended bot (will they need human intervention or not?).
This means that the remaining and new skilled and experienced staff are able to focus on more important work. They are no longer bogged down with the mundane tasks that take up so much of the day. By utilising skilled employees and automation together, you can defer the need to find staff to fill a gap.
Flexing to meet demand is another advantage of using automation to cope with loss of capacity. This is due to the ability to scale up or down as demand changes with accuracy you cannot apply to hiring staff. You cannot just hire and fire people as you need – both because of legal conditions and costs.
Automation does not have the same cost as people and enables existing staff to be more productive and cost-effective in the tasks they can now perform. The ability to maintain a quality of service and meet demand at a sustainable cost just adds to the benefits of automation.
To learn more about the post-pandemic workplace, read here.
Improve efficiency of repetitive, mundane tasks and Automate tasks with slow or error prone delivery
Repetitive and mundane tasks reduce attention to detail and can lead to increased error and re-work rates – further reducing quality, increasing costs, and undermining compliance.
Without automation how will you know? More important, how will you demonstrate compliance?
An example of where Responsiv can help increase efficiency, cost-effectiveness, and improve customer and employee experience, is by implementation of Robotic Process Automation (RPA).
Remove the need to do repetitive, data-heavy processes that take up staff time
Robotic Process Automation is the use of software bots to automate business processes. RPA operates by programming bots to mimic human interactions on interfaces intended for humans. By automating repetitive, data-heavy processes, employees and resources are made available for more valuable and productive work.
For the financial services, RPA can be used in a variety of beneficial ways. These include a large amount of business processes found in any organisation across industries such as HR functions or governance and oversight, as well as more industry specific use cases.
Specific use cases include approving mortgage applications, onboarding customers and accounts, or even generating reports across the organisation.
In practice, RPA has been used by building societies throughout the pandemic to manage mortgage deferrals. One building society managed to decrease their response time to 21 seconds, and reduced traffic to the call centre by 75%. Not only have they managed to improve customer responses but have saved staff time to work on more important work.
RPA can improve the running of business processes disrupted through remote working. As a software bot is doing the work, humans do not have to interact to gather information. This is further aided by the creation of master data that can be accessed by the bots and used by humans. This database ensures that information is not splintered across systems, so that when it is needed it is easy to access.
Find out more about specific uses of RPA in the financial services, read here. Find out how Responsiv can help you get the most out of RPA, contact us!
Where do I start?
Responsiv has the technical expertise and understanding of the Financial Services marketplace to help you discover the areas that can benefit from automation, and to deliver outcomes to a defined budget and schedule. We have an enviable track record for delivery of regulatory projects on time, and for delivering fixed price technology projects.
Our unique combination of skills enables fast and efficient delivery of online solutions in response to specific challenges facing the financial services. These challenges range from compliance solutions and time sensitive projects or implementing automation to improve business efficiency.
Responsiv will lead a project to understand a specific regulation and its impact on your organisation. We will document the problem and solution requirements before generating a set of candidate solutions with budgetary pricing. You will provide company and specialist insights in short meetings that allow us to correlate and research to minimise disruption.
We can provide secure and reliable hosting services, and managed services, or provide a light-weight remote support to fill gaps in capacity and/or experience.
Responsiv take responsibility for delivering projects and solutions to an agreed specification and deadline. Our experience working with large, regulated companies allows us to become part of the organisation while driving a maniacal focus on delivery of a single project.
You will select a candidate solution to be built or otherwise implemented. Responsiv will perform a detailed design and further research to confirm overall pricing and project schedule. After review we will then build and deliver the solution.
We can accelerate delivery by developing specific parts of a project, working as part of your team, or taking full responsibility for delivery.
Responsiv has an impressive track record for delivering projects on time. For any customer this is an advantage, but when you bring the added external pressure from regulatory bodies, this timeliness becomes more alluring. Remove the fear of being caught out by the regulator by implementing fully realised solutions or just checking the right boxes.
Our team are experienced with working to tight deadlines, have no other “day job” to distract them, and understand how to develop to a standard.
Responsiv offer Solutions as a Service (SolaaS) to improve solution uptake. This means that all aspects of a solution are included in a price bundle: hosting, software licensing, construction of the solution, and support.
We can provide secure and reliable hosting services, and managed services, or provide a light-weight remote support to fill gaps in capacity and/or experience.
By choosing to procure a SolaaS you can limit disruptions to day-to-day business running caused by reallocation of resources, as well as saving money by avoiding the need to buy software and hardware.
Contact Responsiv today to find out how we can help you become regulation compliant.