The regulatory change landscape continues to shift faster than manual processes in financial services can cope with and increases the risk of non-compliance, or missing important strategic opportunities.
Our regulatory change assurance review and enhancement programme is designed to enhance your regulatory change framework. The aim is to enable you to understand weaknesses and plan a strategic change programme to meet the ever-evolving and complex regulatory landscape. In a practical example of this we outline how we supported a multinational investment bank, in providing assurance over their regulatory change framework and ultimately assessing if it was fit for purpose.
The chief operating officer of a global, tier-one investment bank asked us to conduct an end-to-end assurance exercise on its regulatory change framework. Known issues in its regulatory change management lifecycle ranged from:
The client wanted to understand how effective or inefficient it was at delivering regulatory change and asked us to highlight any weaknesses within its framework.
We reviewed the client’s existing methodology against industry best practice to assess how robust and fit for purpose the framework and associated sub-processes were, and how well it met the client’s complex global footprint. Steps included:
The first step in the review was to gain a clear understanding of the client’s relevant business, activities and services. We reviewed the relevant policies, procedures, processes, governance structure (including committees’ terms of reference), held interviews with stakeholders, and reviewed previous and live regulatory changes.
Using our regulatory change framework as a baseline comparison, we assessed the efficiency and effectiveness of the client’s regulatory change framework in six areas:
Each area was scored to identify the maturity of the process and technology on a scale of immature to good practice.
The scorecard measured:
The assessment was undertaken through our regulatory change maturity matrix, which sets out the maturity level of each of the six areas.
The client was given detailed rationale for each score, with observations and recommendations. Implementing these would bring a number of potential improvements to the regulatory change process, such as:
In one example, we identified that the governance of the client’s regulatory framework had a low score due to lack of documentation, no clear ownership in terms of who should be responsible, accountable, consulted, and informed (RACI framework). The agenda of the regulatory change committee meetings were also not well structured and there was a lack of accountability.
We provided details around these recommendations, as well as a timeframe for resolving the gaps, including a best-in-class design and high-level process for regulatory change, and recommending first and second line accountabilities.
For the regulatory change framework, the client now better understands how it benchmarks against best practice, providing stakeholders with a more tangible overview of baseline expectations. They are now able to clearly see the gaps in their framework and can act on recommendations of how to address those gaps to achieve a more robust process.
Through close collaboration and clear communication with our client, we foresee a streamlined regulatory change management process to support operations and ensure compliance as regulations continue to evolve over time.
In reality no regulatory firm or advisory firm has created a one-size-fits-all approach to using regulatory technology (regtech) to strengthen compliance processes. Internal factors, external factors and business-specific variables hugely affect the decision on whether or not to implement tech-enabled processes.
It's clear, however, that technology does play a significant role in reducing complexity for firms with global and complex regulatory footprints. The newer crop of regtechs or regtech 2.0 have established a sound workflow to cater to firms with intricate legal entity and product line structures.
The leap forward in best practice has been a mindset change in terms of acknowledging that technology has a part to play. But firms are still catching up on implementing this change in both process and behaviour. The best place to start is to know where your firm stands: by reviewing your processes and identifying the practices that demand manual work and are resource-intensive.
Designing a solution can be complex and requires implementing strong governance frameworks alongside the technology. Firms need to understand that horizon scanning and regulatory change span the business, and therefore require a range of expertise. This includes professionals who understand regulatory and business problems, data and technical requirements, and others who can interpret that information and deliver a robust technological solution.
We understand the importance of having the right framework to support compliance, performance, and achieve strategic goals.