Anti-money laundering and management of change in financial services places burden on regulators
We are at a turning point in the way that the financial services industry is viewed across the globe. The crisis and recurring reputational shocks to the industry have significantly affected the way banks and financial institutions are perceived. Rather than a powerhouse of commerce, they are increasingly regarded as sources of great economic risk in need of careful monitoring.
With this shift it is no surprise that regulators, in the face of increasing political pressure and backed by public outrage over certain behaviour within financial institutions, have begun to take increasingly aggressive action. They are clearly not satisfied with the conditions at some of the world’s largest financial institutions. They are enforcing compliance with regulatory requirements that are becoming ever more complex and difficult to deliver against.
As a case in point, the recent revelations about HSBC’s inappropriate Anti-Money Laundering (AML) compliance procedures look to be the tip of a much larger iceberg. The strong reaction of the regulator clearly indicates their desire to send a powerful message to the industry, with the final punitive fine looking likely to be in excess of $1bn. Inevitably the first senior executives have already been removed. As regulators become increasingly forceful in addressing non-compliance, fines like these will have far reaching consequences on the attitude to compliance and risk within financial services.
In short, it’s obvious that our financial institutions are being asked to cope with a lot more change, while they have access to lot less resource
The situation at HSBC, a name thus far untouched by previous scandals, highlights the size of the challenge organisations face in terms of applying regulatory rubric on a global scale.
Banks must be able to do a number of things to remain compliant. First, accurately identify the legislation under which they must operate and then apply this effectively. They must also identity whether an individual or organisation presents an increased risk and treat that entity accordingly. In the majority of cases a risk based approach needs to be applied, for this to be acceptable all criteria selected must meet the expectations of the local regulator, which of course will certainly differ on a regional basis. Finally, they also need need to monitor the situation and circumstances of any entity with which they do business on a regular basis. This demonstrates that AML compliance cannot be solved simply with a “fire and forget” approach; there is an ongoing requirement to ensure that at all times banks are aware of the risk profile of their business and the businesses they’re working with.
As the perceived need to increase regulation within the industry takes on a global perspective, banks and financial institutions face an ever-increasing volume of relevant regulatory requirements and growing regulatory complexity. Each government will take action to reduce risk within their own financial services industry, resulting in varying global requirements. And all this against a backdrop of increased cost pressure within the industry and a fall in headcount as cost reduction programmes take hold.
In this light, any compliance solution must ensure that all AML and “know your customer” due diligence procedures are documented and regularly reviewed. Any gaps must be addressed through targeted work or projects, and all errors highlighted and remediated, without ignoring the underlying issue that caused them. Continuous improvement techniques will also help ensure all relevant staff are adequately prepared to perform their role in light of relevant regulation.
In short, it’s obvious that our financial institutions are being asked to cope with a lot more change, while they have access to lot less resource.
But organisations are rightfully realising that effective controls must be invested in. Immediately post announcement of their issues, HSBC recently announced an increase in their investment in compliance from $200m to $400m to support the transformation of this function. Others must see this as a product of the times.
Simply throwing money at the problem will of course never be enough. The right balance of funds to improve Business As Usual work and also to target specific areas of weakness will ensure that banks are adequately prepared to face the regulatory challenge ahead. Tactical solutions to the compliance issue only result in inadequate temporary solutions that over time become exposed and can lead to critical process failure and fines. A strong strategic approach to regulation and compliance will allow organisations to be ready for the regulator at any moment. The knock on the door is inevitable.
This won’t be easy. Moorhouse recently explored the ability of major institutions to deliver change in its 2012 Barometer on Change, which found that leading change for all organisations has never been more challenging. Institutions that are serious about change must be proactive and agile and be very clear about the end goal, setting scope accordingly. Benefits and outcomes need to be tracked and measured, and solutions delivered via a phased approach to deliver benefits as frequently as possible. Despite the temptation to cut costs, investing in the appropriate training and skills is vital, and will encourage success.
The ability to manage well is critical to ensuring regulatory and legislative compliance. But the very best organisations take this to the next level and actively promote their ability to foster the capability to deliver change as a key market differentiator.
In today’s deadline driven world, regulators are not interested in excuses or costs to the industry, if change is required, it must be delivered, on time and within budget. The approaches outlined here may appear costly, but in light of the current regulatory environment and the scale of fines that are being proposed, it is safe to say that the future benefits far outweigh the costs.