Connect with us

Top Stories

DODD-FRANK AT 3: ACCEPTING UNCERTAINTY

Published

on

DODD-FRANK AT 3: ACCEPTING UNCERTAINTY 1

by Carol M. Beaumier, Executive Vice President, Global Strategic Planning, Protiviti

10373_20090426
July 21, 2013 marked the third anniversary of the enactment of the Dodd-Frank Wall Street Reform and Consumer Protection Act (DFA). This anniversary sparked the same question we heard at the two prior anniversaries: “What is taking so long?”

We have often answered that question by noting that the law’s timetable was not realistic to start with given the extensive burden it placed on regulators to promulgate hundreds of complex rules. This time, however, media stories seemed to express a bit more outrage: “But now that deadlines appear to have little meaning, it’s very hard for the financial industry to know when anything is happening, which creates a damaging sense of uncertainty.”i

Uncertainty frustrates planning efforts and some believe that “ … the persistent wave of political attacks on global universal banks” has a direct impact on stock prices of financial institutions and that this, in turn, affects banks’ abilities to help the economy grow.ii Yet, as time has passed, those in the industry have become more willing to speak up about troubling issues – and equally willing not to push aggressively for answers that may not be to their liking. Instead, they seem ready to accept the continuing uncertainty, and to focus on myriad other regulatory and business challenges.

The Uncertainties
Although those who track the DFA’s progress may not be in complete agreement on the status of rulemaking, the consensus is that approximately half of the required DFA rules have yet to be finalized. A few of the unfinished rules are:

  • The Volcker Rule, which would prohibit banking organizations from conducting proprietary trading and investing, except for a de minimis amount, in private equity and hedge funds; it remains mired in the challenge of distinguishing between legitimate market making, which would be permissible under the rule, and proprietary trading.
  • Regulation of the cross-border swaps market, which has been stalled due to lack of an international framework.
  • The so-called “Swaps Push-Out” provision, which would require banking organizations to spin off some derivatives trading operations to separate units not eligible for Federal Deposit Insurance Corporation (FDIC) insurance or Federal Reserve discount window borrowing. Institutions supervised by the Federal Reserve and Office of the Comptroller of the Currency (OCC) have been given a two-year reprieve on complying with this rule. There are industry concerns that the rule is unclear, given overlapping rules relating to swaps. There is also lack of understanding as to which activities must be pushed out.
  • The highly debated Uniform Fiduciary Standard, which could require broker-dealers to act in their clients’ best interests and not simply recommend “suitable” products; or, depending on how the cards fall, it might allow registered investment advisers to operate under the suitability standards currently imposed on broker-dealers.
  • Enhanced Prudential Standards, which would impose a host of new requirements (e.g., capital, liquidity, stress testing, single counterparty limits, risk committees, recovery and resolution frameworks) on large domestic and foreign banking organizations operating in the United States and nonbank systemically important financial institutions (SIFIs).
  • The Executive Pay Ratio Rule, a relatively straightforward, industry-agnostic requirement, which would require that the ratio of CEO pay to the median of the pay of all other employees be disclosed in a public company’s proxy statement. This rule has been met with tremendous backlash by the business community.
Carol Beaumier

Carol Beaumier

The debate even continues about rules that have been finalized. The best example is “too big to fail” (TBTF). While few would admit to being certain that we have solved TBTF (and no one likely wants to test it), supporters argue that the DFA at least has the “tools” to end TBIF, while critics say the DFA doesn’t solve the problem at all.iii

Industry Activism
With the continued delays and passage of time since the financial crisis, the financial services industry, initially humbled by criticism of its role in causing the crisis, has become more active in lobbying against provisions it does not like and in challenging the rulemaking process itself – and it is scoring some victories. Some of these have involved a willingness on the part of the U.S. Congress to reconsider certain provisions of the law; others have resulted in the courts voiding rules for perceived flaws in the rulemaking process.

Another recent development that nonbank financial services companies are likely to follow with keen interest is the decision by Prudential Insurance to challenge its proposed designation as a nonbank SIFI on the basis that it doesn’t meet the quantitative standards in the rule, and does not pose a systemic risk to the financial system. This is the first test of the nonbank SIFI designation process. While some industry observers think it will be an uphill battle, many others are cheering Prudential for taking this step.

Uncertainty Drives Congress Back into the Game
While even the staunchest opponents of the DFA say its repeal “ain’t gonna happen,”iv there seem to be more and more bills being introduced to try to improve the law and address provisions that may have unintended consequences, particularly for smaller community banks and end users in the derivatives market. For many, the willingness of Congress to redress onerous provisions of a hastily passed law is viewed as a positive development, though some will correlate an increase in lobbying spending with a more engaged Congress. Of course, not all of the legislation being introduced is viewed positively by the industry – the McCain-Warren Glass-Steagall bill, for example.

Looking Ahead to DFA Year 4
As we contemplate what might happen in Year 4 of the DFA, we know that predicting what will happen within the Beltway is a fool’s errand. Nonetheless, our best guess is that rules that affect the domestic financial services industry only, or primarily, and can be issued by a single agency will be finalized, but many other requirements will continue to be mired in international debate and disagreements among multiple regulators  and a year from now, we will still be talking about the status of DFA rulemaking.

Top Stories

Securing Information Throughout the Supply Chain – Preventing Supplier Vulnerabilities 

Published

on

Securing Information Throughout the Supply Chain – Preventing Supplier Vulnerabilities  2

By Adam Strange, Data Classification Specialist, HelpSystems 

The financial services sector is experiencing extreme disruption coupled with rapid innovation as established institutions strive to become more agile and meet evolving customer demand. At the same time, new market entrants compete fiercely for customers. Increasing operational flexibility, through the deployment of cloud infrastructure or via digital transformation initiatives, is critical for future competitiveness but it has also driven regulatory and security challenges, particularly around working with suppliers.

That said, the benefits of a diverse, interconnected supply chain are compelling: agility, speed, and cost reduction all weigh on the positive side of the equation, prompting financial institutions to pursue close, collaborative relationships with suppliers, often numbering in the hundreds or thousands.

Weakness in the supply chain

On the negative side is the increased cyber threat when enterprises expose their networks to their supply chain. In our modern interconnected digital ecosystems, most financial organisations have many supply chain dependencies and it only takes one of these to have cybersecurity vulnerabilities to bring a business to its knees.

As a result, breaches originating in third parties are common and costly – a Ponemon Institute/IBM study found that breaches being caused by a third party was the top factor that amplified the cost of a breach, adding an average of $370,000 to the breach cost.

Concern around the supply chain was also evidenced in a recent report we have just issued, whereby we interviewed 250 CISOs and CIOs from financial institutions about the cybersecurity challenges they face and nearly half (46%) said that cybersecurity weaknesses in the supply chain had the biggest potential to cause the most damage in the next 12 months.

But sharing information with suppliers is essential for the supply chain to function. Most financial services organisations go to great lengths to secure intellectual property, personally identifiable information (PII) and other sensitive data internally, yet when this information is shared across the supply chain, does it get the same robust attention?

Further amplified by COVID-19

Financial service organisations have always been a key target for cyber attacks.  Our research showed that since COVID-19 hit, the risk has elevated further, with 45% of the respondents seeing increased cybersecurity attacks during this period. Likewise, hackers are rejecting frontal assaults on well-defended walls in favour of infiltrating networks via vulnerabilities in suppliers.

But financial services organisations must maintain reputations and ensure customer trust. Firms are keen to demonstrate that they are protecting customer assets, providing an ultra-reliable service and working with trustworthy partners. So, what can they do to better protect their supplier ecosystem?

At the very least, they need to ensure basic controls are implemented around their suppliers’ IT infrastructure.  For example, they must ensure suppliers maintain a secure infrastructure with a minimum of Cyber Essentials or the equivalent US CIS certification controls. Cyber Essentials defines a set of controls which, when implemented, provide organisations with basic protection from the most prevalent forms of threats, focusing on threats which require low levels of attacker skill, and which are widely available online.

Likewise, they need to ensure good information management controls are in place and this begins with accurate information/data classification. After all, how can you apply appropriate controls to your information unless you know what it is and where it is?

How ISO27001 helps organisations put in place a data classification process

The international standard on information security, ISO27001, describes the basic ingredients for data classification to ensure the data receives the appropriate level of protection in accordance with its importance to the organisation. It comprises three basic elements:

  • Classification of data – in terms of legal requirements, value, criticality and sensitivity to unauthorised disclosure or modification.
  • Labelling of data – an appropriate set of procedures for information labelling should be developed and implemented in accordance with the organisation’s information classification scheme.
  • Handling of assets – procedures for the handling of assets developed and implemented in accordance with the organisation’s information classification scheme.

Adoption of this methodology will help financial services organisations and their supply chain take a more data-centric information security approach. However, there are essentially four key stages for implementing a data risk assurance supply chain approach and these are:

 1. Approval – in organisations with complex supply chains senior management, vendor management, procurement and information security will all need to support a robust risk-based information management approach. Details of previous incidents and their impact alongside the business benefits will be essential to gain stakeholder buy in.

 2. Preparation – Organisations should start with Tier 1 suppliers and initially identify the contracts with the highest business impact/risk. They should identify and record information repositories and the data that they contain together with the responsible business owners. Define a business taxonomy based on information categories of that data and include supply chain factors such as what information categories are shared.

For example, they need to understand the business impact of compromise against each of the information categories. Have any suppliers suffered security incidents? What assurance mechanisms are in place? Once all this information is collated the organisation can create a data classification policy and define a set of controls for each data category.

 3. Discovery – Select each data category and identify the associated contracts. Then prioritise the data category based on the risk assessment and verify that the data security controls and arrangements for each data category and contract meet the overall requirements. Once complete, hand over the contract for inclusion in the vendor management cycle.

4. Embed process – the overall objective is to embed information risk management into the procurement lifecycle from start to finish. Therefore, whenever a new contract is created there are a number of actions required which embed data risk at each stage of the bid, tender, procurement, evaluation, implementation and termination phases of the contract.

To summarise, organisations should start by researching the information risk and security frameworks such as ISO27001 and others. They should then focus on defining their business taxonomy and data categories together with the business impact of compromise to help develop a data classification scheme. Finally, they should implement the data classification scheme and embed data risk management into the procurement lifecycle processes from start to finish. By effectively embedding data risk management and categorisation into their procurement and vendor management processes, they are preventing their suppliers’ vulnerabilities becoming their own and are more effectively securing data in the supply chain.

Continue Reading

Top Stories

Deloitte: Middle East organizations need to rethink their workforce in the wake of COVID-19

Published

on

Deloitte: Middle East organizations need to rethink their workforce in the wake of COVID-19 3

Organizations in the Middle East have had to take immediate actions in reaction to the COVID-19 pandemic, such as shifting to remote and virtual work, implementing new ways of working and redirecting the workforce on critical activities. According to Deloitte’s 10th annual 2020 Middle East Human Capital Trends report, “The social enterprise at work: Paradox as a path forward,” organizations now need to think about how to sustain these actions by embedding them into their organizational culture.

“COVID-19 has created a clarifying moment for work and the workforce. Organizations that expand their focus on worker well-being, from programs adjacent to work to designing well-being into the work itself, will help their workers not only feel their best but perform at their best. Doing so will strengthen the tie between well-being and organizational outcomes, drive meaningful work, and foster a greater sense of belonging overall,” said Ghassan Turqieh, Consulting Partner, Human Capital, Deloitte Middle East.

According to the Deloitte report, many organizations in the Middle East made quick arrangements to engage with employees in the wake of the pandemic through frequent communications, multiple webinars where senior leaders addressed employee concerns, virtual employee events, manager check-ins, periodic calls and other targeted interactions with the workforce.

The report also discussed how UAE and KSA governments have reexamined work policies and practices, amended regulations and introduced COVID-19 initiatives to support companies and the workforce in the public and private sectors. Flexible and remote working, team-building and engagement activities, well-ness programs, recognition awards and modern workspaces are among the many things that are now adding to the employee experience.

Key findings from the Deloitte global report include:

  • Only 17% of respondents are making significant investments in reskilling to support their AI strategy with only 12% using AI primarily to replace workers;
  • 27% of respondents have clear policies and practices to manage the ethical challenges resulting from the future of work despite 85% of respondents saying the future of work raises ethical challenges;
  • Three-quarters of leaders are expecting to source new skills and capabilities through reskilling, but only 45% are rewarding workers for the development of new skills; and
  • Only 45% of respondents are prepared or very prepared to take advantage of the alternative workforce to access key capabilities despite gig workers being likely to comprise 43% of the U.S. workforce this year according to the Bureau of Labor Statistics.

“Worker well-being is a top priority today, and similarly to the rest of the world, companies in the Middle East are focusing their efforts to redesign work around well-being by understanding workforce well-being needs,” said Rania Abu Shukur, Director, Human Capital, Consulting, Deloitte Middle East.

Continue Reading

Top Stories

One in five insurance customers saw an improvement in customer service over lockdown, research shows

Published

on

One in five insurance customers saw an improvement in customer service over lockdown, research shows 4

SAS research reveals that insurers improved their customer experience during lockdown

One in five insurance customers noted an improvement in their customer experience over lockdown, according to research conducted by SAS, the leader in analytics. This far outweighed the 11% of customers who felt it had deteriorated over the same period.

This is positive news for insurers during such challenging times, with 59% of customers also saying that they would pay more to buy or use products and services from any company that provided them with a good customer experience over lockdown.

The improvement in customer experience also coincides with a rise in the number of digital customers. Since the pandemic started, the number of insurance customers using a digital service or app has grown by 10%. Three-fifths (60%) of new users plan to continue using these digital services moving forward.

However, while the number of digital users grew over lockdown, half of the insurance customer base has not yet chosen to move to digital insurance apps or services.

Paul Ridge, Head of Insurance at SAS UK & Ireland, said:

“It’s impressive that there was a net improvement in customer experience during lockdown, despite the challenges the industry was facing with a transition to remote working and increased claims for things like cancelled holidays. While many were forced to wait on customer help lines for long periods, part of the improvement may be explained by even a small (10%) increase in the number of digital users.

“However, it’s clear that a huge number of customers are still yet to make the move online. It’s vital that insurers provide the most accurate, timely and relevant offerings to customers, and this is best achieved by having additional insight into online customer journeys so they can understand them better. Using analytics and AI, insurers can seize this opportunity to digitalise their customer experience and offer a more personalised approach.”

Meanwhile, for insurers that fail to offer a consistently satisfactory customer experience, the price could be severe. A third (33%) of customers claimed that they would ditch a company after just one poor experience. This number jumps to 90% for between one and five poor examples of customer service.

For more insight into how other industries across EMEA performed during lockdown, download the full report: Experience 2030: Has COVID-19 created a new kind of customer? 

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

Securing Information Throughout the Supply Chain – Preventing Supplier Vulnerabilities  5 Securing Information Throughout the Supply Chain – Preventing Supplier Vulnerabilities  6
Top Stories2 mins ago

Securing Information Throughout the Supply Chain – Preventing Supplier Vulnerabilities 

By Adam Strange, Data Classification Specialist, HelpSystems  The financial services sector is experiencing extreme disruption coupled with rapid innovation as...

RegTech 2020: The rise of Open Banking 7 RegTech 2020: The rise of Open Banking 8
Banking1 hour ago

RegTech 2020: The rise of Open Banking

This month on the RegTech 20:20 podcast, host Alex Ford is joined by industry experts Gavin Littlejohn, Chairman of The...

The case for AI technology adoption in financial back-office roles to improve efficiency 9 The case for AI technology adoption in financial back-office roles to improve efficiency 10
Technology3 hours ago

The case for AI technology adoption in financial back-office roles to improve efficiency

By Tomas Gogar, AI CEO, Rossum In this era, digital transformation isn’t anything new. Nonetheless, it can still cause a...

Gain financial regulation qualification online 11 Gain financial regulation qualification online 12
Finance3 hours ago

Gain financial regulation qualification online

Gain financial regulation qualification online   Warwick Business School in partnership with the Bank of England are delighted to offer...

COVID-19: Dealing with fraudulent applications for the Bounce Back Loan Scheme 14 COVID-19: Dealing with fraudulent applications for the Bounce Back Loan Scheme 15
Finance7 hours ago

COVID-19: Dealing with fraudulent applications for the Bounce Back Loan Scheme

By Ed Lloyd, EVP Global Head of Sales, Encompass The COVID-19 pandemic is still having a devastating impact on businesses...

EU Commission sets out new intellectual property action plan affecting SEPs, patent pooling and EU design protection 16 EU Commission sets out new intellectual property action plan affecting SEPs, patent pooling and EU design protection 17
Business8 hours ago

EU Commission sets out new intellectual property action plan affecting SEPs, patent pooling and EU design protection

By Andrew White, Partner and UK & European patent attorney at intellectual property firm, Mathys & Squire The EU Commission...

InsurTech is helping to drive the digital evolution of the UK motor retail industry 18 InsurTech is helping to drive the digital evolution of the UK motor retail industry 19
Technology8 hours ago

InsurTech is helping to drive the digital evolution of the UK motor retail industry

By Alan Inskip, Tempcover CEO & Founder If the last nine months have made anything clear, it is that the...

Five ways enterprises are using the public cloud 20 Five ways enterprises are using the public cloud 21
Technology8 hours ago

Five ways enterprises are using the public cloud

By Michael Chalmers, MD EMEA at Contino The public cloud is the most significant enabler in a generation. It’s causing a...

Another ‘new normal’? Five challenges CTOs will face in 2021 22 Another ‘new normal’? Five challenges CTOs will face in 2021 23
Technology9 hours ago

Another ‘new normal’? Five challenges CTOs will face in 2021

By Amit Dattani, Director of Technology at Conosco We’re one year into the new decade, and arguably technology has guided...

An inside look at how both the global pandemic and the March and November 5th National Lockdowns are affecting mental health within the workforce 24 An inside look at how both the global pandemic and the March and November 5th National Lockdowns are affecting mental health within the workforce 25
Interviews10 hours ago

An inside look at how both the global pandemic and the March and November 5th National Lockdowns are affecting mental health within the workforce

By Lianne Harrington, Director SMP Healthcare Ltd     Part One: Real life insights into the deteriorating mental health of three employees...

Newsletters with Secrets & Analysis. Subscribe Now