Regulatory pressure across the financial services industry is increasing. Fragmented internal communication and control has resulted in big fines for institutions, with one recent high-profile example being UBS, which has been forced to pay $3 billion in fines since the start of the financial crisis for failing to comply with various banking regulations. Consequently, the firm plans to employ up to 350 new staff to monitor regulatory compliance and avoid further fines.
The case of UBS highlights the need for financial services institutions to focus more efforts on compliance and regulatory reporting. In order to do this, they need to centralize processes and communication with regulators around the world to ensure consistency of reporting, and control over how this information is compiled through workflow approval, and how it is distributed and monitored to give control back to financial services firms on what is sent and how.
In order to help them do this, here are a few best practices that will help financial services firms to be more efficient and gain back control whether for Basel, SOX, Recovery and Resolution Planning (RRP) or other regulatory reporting processes.
1. Automate processes and reduce operational risks
UBS is typical of many financial institutions which are hiring more and more people in compliance and regulatory roles to meet the growing demands of oversight across the financial markets. However, this is a resource-heavy, expensive way to manage regulatory reporting and with the right tools, financial services firms can be smarter about how they manage compliance.
It is possible to automate many elements of the regulatory reporting process, which not only saves on time and resources of having to undertake these processes manually, but it can be a much more reliable and consistent way to mitigate operational risks.
To streamline the process, financial services institutions should look to communicate within a single platform that allows them to manage multiple regulatory reporting requirements. This ensures that there are controls in place to manage the compilation, reporting and monitoring of communication with regulators all in one platform, giving control back to financial services institutions.
Implementing a rules-based engine, an automated review and approval process enables smooth creation of documents such as CCAR reports. Compliance teams are able to centrally control how information is collected from different teams internally, across departments, with managed user permissioning to restrict errors. Document automation tools provide firms with the ability to generate reports from this pre-approved information to ensure consistent and compliant reports to the regulatory authorities, minimising human error.
2. Store and share information in one secure space
Financial services firms will find it beneficial to centrally control how information is collected and distributed, rather than gathering documents from several different repositories and sharing them ad-hoc with regulators. It is helpful for firms to have their own portals, or data rooms, where regulators can securely access, view and download documents and reports.
In this type of environment, the financial services firm will have the ability to control when and where they share this information and who can see it, as well as being able to track which regulators have viewed which documents and when.
It’s also important that there is visibility across teams as to the location of documentation related to compliance and regulations, and that all this documentation remains in one place and is easy to find, with an intuitive file structure that allows for quick access. This helps avoid business continuity challenges including wasted time hunting in email inboxes when team members depart their role. Having the relevant documents that are version controlled, audited and time stamped and visibility of communication around the content in one place throughout time is critical.
Essential processes can be managed through a secure online hub too, such as KYC screening and AML (anti-money laundering) regulations. Firms can invite clients to provide their information for these purposes in an automated fashion and in the knowledge that their information and relevant documentation is being directly collected securely. Once this has been received, internal teams are notified and can proceed to validate and use this information as needed.
3. Enforce transparency with audit trails
Throughout the reporting process, it is vital to register key stages of communication, approvals and to ensure that everything is consistent and nothing has been missed. This includes documentation that assists with the preparation of any reports, which may be fully available for reference by users that are granted access to them across the firm. This includes supporting models, methodology and notations.
It’s vital to prevent inconsistencies; it’s easier to do this when all information is stored in one system with auditing capabilities. All data, reports and information should be stored through time, so that at any stage of the process audit trails can assist the audit and regulatory review process. An auditable trail of uploaded documentation, version history and user activity is crucial to automatically police the sharing of highly sensitive information without relying on emails that can be forwarded on anywhere.
4. Facilitate controlled communication
It’s essential to centralise communication with regulators in one place, in order to keep a historical record of all feedback and responses, but more importantly to maintain consistent responses to specific questions. Use a controlled communications tool, such as a Q&A tool or secure enterprise cloud, to ensure communications are monitored and best managed between the relevant team and regulators.
A controlled communications tool allows financial services firms to ensure that the subject matter expert is in place to answer a specific question posted by regulators and to ensue that one authorized response is provided. This helps as having a centralised process for collecting questions and providing answers means that there is no duplication or conflicting answers which could lead to potential further probing and far worse, additional fines.
Communicating in this way allows for global coordination too, vital for financial services organisations that operate across countries. Information needs to be consistent across all jurisdictions even though certain regulations apply to different jurisdictions. There is a great need for clear communication and visibility across the business and around the world.
Regulation is only increasing, centralising processes is key to cultivating trust
Key to regulatory reporting is consistency, communication and secure transparency. It’s important that financial services firms manage their regulatory reporting processes in one centralised space which can be accessed by everyone across the organization, but maintain permissioned access based on each user’s specific involvement. Ultimately, employing the right tool to help manage the regulatory reporting process will improve communication internally and with regulators. Furthermore, adopting strong tools to help will streamline processes, increase consistency and ultimately help firms to comply with regulations without the need to massively ramp up resources and risk human error.
As the demands of regulators increase, efficient processes, controls and secure communication with both clients and regulators will be imperative to cultivating an open dialogue and trust.
To find out more about how HighQ’s regulatory reporting solutions could help you, contact us today.
