Driving new business value
At their best, regulatory change initiatives allow financial services organisations to rethink how they deliver their mission from first principles. The downsides of such projects are normally easy to quantify. However, emphasising the revenue and growth potential, Worthington says, is “when you start to get people’s ears pricking up to do more than just compliance”.
For example, new CDR obligations provide an opportunity to create new ways to impress customers with tailored financial products. Such proactive management of regulatory burdens offers a way to restructure the business – and in Batten’s words, “get ahead of the curve”.
“It’s hard to move into that proactive space because of shareholder and market pressure, but it’s the best way to ensure regulatory issues are addressed before they become more serious,” Batten says.
Proactively reshaping the organisation is the only actual solution, but a really hard one.”
Investing in technology to do it better
Among the financial services organisations planning to invest in new technology, 57% of respondents to our survey said their aim was to create easier or streamlined compliance. Many businesses are investing in governance, risk and compliance systems to centralise the management of their regulatory obligations, reporting requirements, and internal policies and procedures. This can help unite information strewn across different spreadsheets or locked away in various silos.
Other regulatory technology (regtech) applications can help businesses satisfy know-your-customer obligations, such as verifying income and identity.
Of course, any use of external technology creates its own financial, privacy and integrity risks requiring due diligence. “You can’t use it as a solution without considering the prudential management implications of relying on a regtech company that is a third-party supplier,” says Ian Lockhart, MinterEllison Partner.
How to manage obligations
The demands on the financial services industry are only likely to grow. This is due to changing public expectations, and an increasingly populist political and media culture. Upcoming areas of regulation will include cybersecurity, management of customer data and payments and cryptocurrency regulation. Financial services organisations accordingly face high stakes in a fast-changing area. Regulatory breaches can incur heavy fines or embarrassing reputational damage.
Some key challenges for organisations include:
- having clear accountabilities and role clarity across the organisation for compliance leadership
- aligning strategy, products and services to regulatory change
- managing the volume of the regulatory reform pipeline and regulatory compliance requirements, whilst balancing business-as-usual activities
- implementing new ways of working
- having access to external regulator feeds and systems, which then need to operationalise and integrated into risk and compliance frameworks.
For any organisation managing regulatory change, the more planning they do upfront to understand the original requirement, the easier the process will be further down the line if they run into breaches or remediation issues.
Guiding cultural change
Building more resilient organisations and focusing on culture is a priority. The industry has never been static, and so organisations need to be in a position where they can evolve as needed. Having a culture that encourages staff to proactively identify and prepare for change will help organisations build resilience.
Organisations need to take a sustainable approach to change through building capability and a system that is flexible.
Batten encourages financial services organisations to look honestly at the "friction points" that can drive problematic behaviour, with remuneration incentives or unclear accountabilities being two obvious examples. It’s also important, he says, that businesses don’t fall into a pattern of jumping into line, only to drift back into discredited patterns when regulators are no longer focusing on the issue.
A true commitment to change needs to be permanent. "Often there are cultural drivers that cause issues not to be identified or confronted," he says. “There are barriers around raising issues with senior executives to avoid looking bad or being seen to raise difficult issues without easy solutions. These dynamics can require an external eye to work with an organisation to identify and change how these issues are addressed.”
Organisations should seek to build a culture that looks to implement regulatory change holistically, rather than tactically. Taking a holistic approach will, in the long term, decrease change load that organisations need to manage, and improve staff engagement and motivation to make the changes. Worthington gives the example of the numerous customer protection changes that commenced in October 2021. "Organisations that did not take a holistic approach to the introduction of the design and distribution obligations, anti-hawking measures, deferred sales model for add on insurance and internal dispute resolution changes, would have placed unnecessary change burdens on their teams who were likely already suffering from change fatigue".
MinterEllison's legal and consulting experts can help organisations proactively plan and build a framework to reduce the potential for risk events. Key is working with organisations when things go wrong to learn from them, finding ways to improve the control environment, and grow as an organisation.
Contact us to discover more.