Experts: Nothing simple about meeting regulatory requirements
By Ravi Chari, Director of Regulatory Risk Solutions, SAS
CCAR, BCBS 239, Basel III, FRTB, Dodd-Frank – the list of regulations goes on. Analyzing, enforcing and implementing such an array of regulations (oftentimes competing regulations) is complex. How do data and analytics help risk teams improve their strategic vision and risk appetite while complying with regulatory demands?
Several experts spoke with SAS about trends and technologies that affect how financial institutions handle the growing number of regulations and regulatory agency demands.
They answered questions about:
- Integrating, governing and analyzing data effectively.
- Addressing competing priorities – growth and innovation, regulatory compliance, shareholder expectations, customer satisfaction and data transparency at the executive and board levels.
The most current regulatory hurdles for US bankers are CCAR, Dodd-Frank, FRTB and Basel III. “The good news,” says Donna Howe, GARP board member and former CRO for Santander US, “is that Basel II, Dodd-Frank and Basel III tend to converge in philosophical areas. The problem is that they’re not converged enough, so implementing these – given the nuances – is especially challenging.”
Look at this as a process. If you want to be successful, you have to continually evolve.
Howe asked both Lawrence Mielnicki, former Executive Vice President of Analytics and Portfolio Management at PNC Bank, and Vic Warnement, Executive Vice President and Chief Compliance and Ethics Officer at American Express, to answer a couple of questions about these hurdles.
Howe noted that financial services firms often adapt their strategic plans to accommodate the tight deadlines and resource drain of compliance. She asked both men to give some examples of how the core business processes have changed in response to the regulatory requirements.
Both Warnement and Mielnicki agree that data and documentation are very challenging, so that is a key area they focus on:
Everybody wins. Marketing, operations, risk management – all areas of the business can benefit from the firm’s data, and the analytics to fully exploit that data. Management is driving toward a data-driven business, largely prompted by the regulators. “Over and over again, regulators ask the same question: How do you know?” says Warnement. “Many firms still don’t have the ability to provide those answers – because they aren’t fully relying on analytics, and they aren’t documenting the processes that led to their outcomes.”
Silos are deadly. Data from risk appetite statements, stress-testing methodologies, business strategies, strategic plans, etc., need to be thought of as interrelated. When the walls are down, you can look at your data from the big picture perspective.
Documentation is huge. “If it isn’t written down, it doesn’t exist,” said Howe. “If you have 600 people all talking to regulators, it would be nice to be consistent.” How do you keep your story straight?
She says, “The same skills and technologies that your firm is using to glean information from unstructured data, such as social media posts, call center notes and emails, can be used to mine communications and contacts: emails, notes and even the minutes you captured during your last meeting with regulators!”
The balancing act
Howe asked the gentlemen how they balance the new governance requirements with the need to protect client data. “How do you prioritize things? What’s the most important thing to do to get the most from your data?” prompts Howe.
“Data ownership – who owns the data – might seem like a simple concept but it is very important,” says Mielnicki. He gets this insight from his own experience: His team was developing some Basel models. They believed they had robust data and a current data dictionary. But when they ran the models, the results were “klugey.” “We did some digging and found out that the space that the data was occupying was previously used by another definition,” he said. “But no one updated the dictionary … we needed to know that four years ago the definition changed.”
A data steward or chief data scientist – someone – needs to own the data at the enterprise level. Warnement agreed that good data governance is extremely difficult for every organization to get to, but it is hugely important. His answer is buy-in. “You want to have a data strategy that everyone can rally around,” he said. “I would encourage you not to lose sight of that as you work on the detailed processes."
Risk versus innovation
If data governance and data ownership are this important, will it mean that the industry as a whole will be more and more risk averse? Less innovative? Mielnicki and Warnement are not in complete agreement on their views of the future.
Mielnicki takes the less innovative road: “It will be easier, and less risky, to copy the models you already have than to develop something new.”
He also predicts that firms will get smarter; they’ll recognize their limitations and work to overcome them. For example, a modeler’s strong suit is usually the analytical side of things. “I tried to teach modelers to take minutes during meetings and create documentation that even the business person can understand,” Mielnicki said. “It was impossible. I threw up my hands and decided to hire technical writers and project managers. The project managers take meeting minutes, and the technical writers sit with the modelers and translate what they are doing on a real-time basis into the documentation. Now, when the model is done, the documentation is done.”
Warnement said that the regulations might negatively affect risk taking. But he saw innovation in the future of the industry. “I think we live in a very creative world. We’re seeing a lot of innovation in the non-banking sector, particularly from individuals and small businesses – crowd funding and those kinds of things,” he explained. “The question I have for regulators is, ‘Is that the outcome we want?’”
Warnement warns that there will be more and more of these types of innovative solutions by organizations outside of the banking industry – an industry that he says is stifled by an over-baked regulatory response. “They’re asking you to look like your peer institutions,” he said. “That sends the message that you can’t move far afield from what you do now – including products offered.”
The gap in offerings will be filled by non-bank agencies with the ability to deliver on innovation and the courage to take the risk.
“It seems that you are saying that creativity will have a big impact on this space in the future,” said Howe. “What skills do you think will be important over the next five years?”
- Go to college and study what you like, but learn to code!
- Higher education – change your courses to allow students to pursue a humanities path while getting a strong statistical and marketplace background. Everyone benefits.
- Learn to network and collaborate. It’s hugely important to know how to work with others to provide creative ideas; don’t come from a competitive point of view.
- Get an understanding of global economics. The next generation needs to be deeply aware of the global economy.
All of the ideas the gentlemen shared seem so intuitive. But they are difficult challenges to overcome. From my perspective, their best advice was actually given early in the day: “Look at this as a process. If you want to be successful, you have to continually evolve.”
The new regulations may force you to rethink your strategy and redesign you modeling, data infrastructure and technology components - even integrate the risk and finance departments. Learn how you can do that successfully and gain business benefits.