During the financial crisis, the federal government took unprecedented equity stakes in a variety of financial institutions, causing the pendulum of financial regulation to swing to proactive from its laissez-faire position of the past several years. The regulatory issues are swirling around increased safety and soundness, consumer protection, and institutions that have become very large as a result of financial services deregulation.
Legislation is well under way for reforming pricing and product practices on mortgages and credit cards as well as pending ideas around forming an incremental regulator for consumer credit protection. To effectively lay out a compliance road map or strategy, however, a bank must wait until there is a concrete regulatory change in place. A compliance strategy can then require changes to data, business policies and analytics to become compliant.
But banks are skittish about proactively initiating data- and analytics-oriented compliance projects without knowing exactly what the regulatory requirements are going to be. Recent survey feedback indicates that while banks universally report that enterprise risk management has regular board-level involvement, only about half of banks surveyed said they will increase their spending on risk technologies this year. The two underlying drivers of this finding are that many banks made heavy investments in risk detection and compliance before the financial crisis, and that many other banks are still under very tight cost constraints.
Banks routinely report that empowered examiners are inconsistent in their requests for analysis of risk and processes. Therefore, banks feel that when it comes to intellectual property around safety and soundness, the expertise mainly lies within the institution and secondarily with regulators and outside vendors.
CLOSING THE GAP
So where does the industry head from here? For the most part, banks have been steadily improving quality in their risk management data sources, business analytics and risk managers. For quite some time, banks have been in an increasingly competitive marketplace where being more sophisticated in risk assessment, account management, collections and proactive marketing have been mandates for survival. To survive in a tighter regulatory environment, banks will have to find a way to close the gap between regulatory change and the ability to fulfill new analytic and reporting processes.
To do this, banks report that they will continue to evolve their data models and work to more quickly digest institutional and portfolio acquisitions. Aside from a timing mismatch of regulatory request and ability to fulfill, there is a mismatch between a bank's historical portfolio and a newly acquired portfolio of loans it did not originate. There have been many calls for a flight to simplicity with regard to the complexity of financial products as well as more pragmatic analytical techniques to understand the basic risk tenants of a loan, portfolio or line of business.
But the industry believes advances in analytics need to take place. Evolving risk issues for banks include ever-more-complex fraud, systems intrusions and the need to stress test classes of assets against external macroeconomic factors. All of these analytic needs beckon for an evolution of improved network analytics and pattern matching to root out potential risks while not introducing the operational risks of negatively impacting existing customers.
As the state of regulation remains in flux, financial institutions will continue to focus on the quality of their data, analytics and portfolio management techniques. Forward-thinking executives will make key investments in enterprise risk mapping tools while looking to efficiently close the gap between regulatory demand and ability to comply with incoming requests to survive in this new normal of banking and regulation.
Dana Wiklund is a research director for IDC Financial Insights' risk management advisory service, specializing in predictive modeling.