For banks, compliance with the myriad of new regulations-including Sarbanes-Oxley, U.S.A. PATRIOT Act, Basel II and others-is not only a daunting task, but also an expensive one, according to survey results from InformationWeek Research.
The study shows that as banking organizations take action to ensure data integrity and retention, the majority have established a formal records retention policy and schedule. And seven out of 10 are using technology to help ensure data integrity.
The impact of the newer regulations on banking has been greater than in other industries, evident by the fact that more than half of banks have an executive tasked with supervising compliance efforts, compared with approximately a third of all other industries. Two-fifths of banks currently have a Chief Compliance Officer, and in many cases, the Chief Information Security Officer and Chief Risk Management Officer also share some the compliance burden. In other industries, the most common compliance stewards are the Chief Information Officer/VP of IT (39 percent) and the Chief Financial Officer/VP of Finance (30 percent).
And with the many regulations with which banks must comply, it's no surprise that banking firms are experiencing a drain on productivity. Almost half of the banking organizations surveyed agreed that they are less productive than they used to be. In comparison, only a third of organizations in other industries consider compliance a productivity drain.
The survey also found that employees in the banking industry are more affected by compliance regulations on a personal level, both positively and negatively, compared to other industries. On average, business-technology professionals in the banking industry spend 22 percent of a typical week complying with regulations, compared to 15 percent for other industries.
One thing is clear: compliance with regulations costs money. The majority (87 percent) of banks anticipate higher spending in 2003 compared to 2002 to ensure compliance with regulations. That compares to only 71 percent of organizations in other industries. Some of the spending will undoubtedly go into the growing market for compliance-related software. Seven out of 10 banking organizations say they are more cautious about application usage and deployment and three out of five are re-writing existing applications or creating new applications to support regulations. Finally, more than half are buying more applications.
Editor's Note: The survey was fielded in August by InformationWeek Research across the InformationWeek Media Network, which includes InformationWeek, Optimize, Bank Systems & Technology, Wall Street & Technology, Insurance & Technology and Government Enterprise. The survey garnered responses from 650 business-technology executives, nine percent of whom were at banks. Almost half of the banking industry respondents come from organizations with more than $1 billion in annual revenue.