Last week KPMG published a rather hefty report entitled Evolving Banking Regulation – Is the end in sight?
Well, the first point to make of course is, no, no it is not; but that rather obvious answer does not make a nice 52 page report allowing KPMG to promote its consultancy services, so will not do at all. Banking regulation has always continuously evolved, and will continue to do so. The only real variable is the pace of change and it does not take a great deal of research to realise that the pace of regulatory change always increases in the aftermath of economic difficulties and/or industry scandals. And the global credit crisis has provided the very best example to date of how a combination of these two catalysts can really shake up the system.
The report strikes a rather gloomy, and in parts perhaps a little sensationalist, tone, for example introducing a theoretical ‘Basel 4’ of even more stringent capital requirements. Of course part of the rationale behind such a report is to generate future business for KPMG themselves and there are plenty of examples of these. However taking my rather cynical head off for a moment KPMG have undoubtedly brought together a number of very pertinent points within the report that do require further consideration by compliance officers and I have tried to summarise a few of these here.
Conduct, markets and culture (governance)
There is a fundamental need for firms to become more customer centric. Of course this is not new, just think back to the whole Treating Customer’s Fairly agenda, but the regulators focus has intensified. The FCA’s new product intervention powers are a clear demonstration of this. A shift from ‘product push’ to ‘customer pull’ is deemed desirable, particularly in light of the consistent and on-going mis-selling scandals we have seen in the UK.
Retail firms might express the desire and intent to become customer centric, but actually putting it into practise is very difficult given legacy systems and existing corporate cultures.
Conduct risk, market risk and the firm’s strategy are expected to be underpinned by effective governance systems and controls that demonstrate to the regulator that the firm understands these risks and the impact that they have upon strategic objectives.
All of this means that many firms are undergoing significant change programmes, and this has to take place within the existing regulatory environment (and the developing changes) and the compliance function has a key role to play in this change management process. For example remuneration and hiring procedures will need to be considered as key tools in changing behaviours, and eventually, culture.
Still in the spotlight, the financial stability of major European banks will be the subject of a detailed assessment by the European Central Bank. Coming on the back of the on-going implementation of Basel III via the 4th Credit Requirements Directive, this is likely to further increase the costs of compliance through more prescriptive demands once the review is completed. What price a 5th CRD by the end of 2015?
Structure - business and operating models
Driven by a certain degree to the financial stability concerns, it is possible that new regulatory requirements will be introduced to force radical structural change, including for example the splitting up of very large entities into smaller locally and separately regulated subsidiaries. This may significantly increase the cost of doing business as economies of scale are lost and of course could create a much more complex regulatory environment for the firm’s compliance function to manage. Understanding the regulatory implications of this fundamental structural change should be high on the Compliance function’s early warning agenda, not only for compliance reasons, but also for the fact that effective planning for such change will significantly reduce the costs.
Governance and risk
All of the points discussed above require most firms to significantly upgrade their governance and risk management systems and controls. They must understand their how their business strategy, risk appetite and risk culture are interdependent, and consequently most will need to make significant investments in both people and critical systems.
So this report is useful in identifying a lot of potential new and increasing risk, but a little light in providing any guidance on how to deal with these. This obviously comes back to the fact that KPMG can’t give you everything for free and will be more than happy to assist in managing the risks under normal commercial terms. But we should thank them for helping us with the first stage of the risk management process, identification, whilst being very cautious as to what is and is not applicable to your own firm and remembering that no two organisations are exactly the same and consequently will face exactly the same emerging risks.