We hear often about the digital divide -- the gap between those who have access to state-of-the-art information technologies and those who do not, and the economic and social limitations that such a gap imposes on the have-nots. There are similar divides in banking -- institutions that have tons of resources and big budgets and those that must make do with significantly less. It's not just big bank/small bank --these divides can be created by management priorities and shaped by corporate cultures.
Risk management and compliance with risk management-related regulations is another area in which we see divides. It's not just about which kinds of banks must comply with capital adequacy and stress testing directives -- the topic of the cover story in this Bank Systems & Technology issue about enterprise risk management. It's also about attitudes and vision. The management at some banks resists any changes or new regulations, no matter the context or history behind them. They are viewed as unfair and costly burdens to be challenged.
There's no question that regulatory compliance, particularly as it involves risk management, is costly and difficult. The most recent Banking Compliance Index (BCI), a quarterly index compiled and analyzed by vendor Continuity Control that measures the regulatory burden on financial institutions, highlights the potential financial impact of increased regulation on community banks. The index found what it calls a "staggering" 117% growth in regulatory burden in the past 12 months. The average institution, according to the BCI, had to commit 2.3 full-time employee equivalents to manage this burden. The index reports the time it takes to comply has increased more than 50% in the past year.
[The Risks And Rewards Of Cloud-Based Security Services]
That's terrible ... but so are the implications of ignoring the increased complexity of risk. And it's irresponsible to avoid investments in the kinds of technologies -- such as analytics, dashboards, modeling capabilities and high-performance computing -- that are the basis of effective risk management (and, as a corollary, compliance with much of the new banking regulation). Skimping on such technology also ignores the potential to leverage those investments for insights into performance, products and customers. Again, it's more about priorities than budgets. Analytics and data management no longer are things that only big banks can afford. At the same time, I'm sure there are community banks that value risk management prowess more than some big banks do.
Risk management is perhaps not the sexiest area of banking right now, compared with digital engagement or mobile transactions, but we all know that without the practice of risk management at its highest level the industry cannot survive. Banks should be united on that.