Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

HEIGHTENED REGULATORY DEMANDS TO DRIVE TECHNOLOGY-LED RISK MANAGEMENT INITIATIVES IN 2018

Success of risk management initiatives will be underpinned by best practice-led spreadsheet management 

Henry Umney, CEO of ClusterSeven, offers his views on regulatory and risk management trends in the insurance, banking and financial services sectors for 2018:

  • Model risk management will become a top priority

With regulators demanding that organizations adopt an all-inclusive model risk management and governance strategy, many regulations (e.g. SR11-7, ECB TRIM, OCC 2011-12 and more) are now becoming ‘business as usual’ in the banking and financial services sectors. Such a broad sweeping mandate is demanding a robustness around model governance and therefore calling into question the integrity of the data sources that feed the models as well as the effectiveness of controls that currently exist to ensure accuracy.  Organizations will need to pull back the ‘governance lens’ in 2018 to take a more holistic view of their model risk management programme. This will allow them to gain visibility and understand the entire ecosystem of applications that surround each and every governance model – as well as the data lineages across the landscape.

  • Sarbanes Oxley (SOX) will make a comeback

With the introduction of rules on mandatory audit rotation last year, which require public entities and listed companies to put their audit out to tender every 10 years, and change the auditor at least every 20 years – the emphasis on SOX compliance will make a comeback. This will be an easy win for external auditors looking to make their mark in new client organizations. Additionally, regulators such as the Public Company Accounting Oversight Board (PCAOB) are coming down hard on auditors for audit failures and violation of the Board’s quality standards to enforce SOX compliance by organizations. Faced with potential fines in the region of millions of dollars, auditors will increase their scrutiny of organizations’ internal audit controls over financial reporting, assessing and responding to risks of material misstatement, and measurements.

With many of these processes undertaken in spreadsheets, external auditors will look for ways to deliver against regulators’ demands of more evidence of auditability and control of these applications. Without the adoption of technology-led spreadsheet management of internal audit controls by organizations, they will find it almost impossible to meet the demands of the auditors and regulators alike.

  • Regulation will drive data ownership, organizations will realize the value of data for competitive advantage 

Most regulations, be they General Data Protection Regulation (GDPR), IFRS 9, BCBS 23,9 SOX, SM & CR, Dodd-Frank or any other, ultimately aim to enforce data ownership and governance to ensure accuracy of financial models, minimize financial risk and protect consumers. While simple in concept, due to the widespread types of data sources and complexity of models, it’s incredibly difficult to get right. It requires a streamlined approach to people, processes and technology. However, those that make headway, will begin to recognize and realize the value of data for informed decision-making and competitive advantage. Due to the extensive use of spreadsheets for data manipulation-related processes, their control and management will be key to such initiatives.

  • Organizations will set up temporary business processes to deal with Brexit 

While the uncertainty around Brexit continues, organizations will start preparing to deal with Brexit, regardless of the shape or form it takes. Organizations have enterprise systems of course, but they aren’t as flexible and nimble to change, and more so in the current uncertain environment. Spreadsheets will become the default tool that they will resort to quickly respond to changing business requirements for reporting and compliance by setting up temporary business processes/solutions as they plan for every eventuality. An automated approach to spreadsheet management will be essential to ensuring the accuracy and integrity of these critical processes to minimise financial, operational and regulatory risk.

  • Major IT-led transformation in the insurance sector is on the cards

As the Prudential Regulation Authority (PRA) increases scrutiny on the insurance sector, insurance firms will need to continue to ensure their Solvency II compliance is embedded into ‘business as usual’. Simultaneously, the introduction of IFRS 17 represents the biggest accounting change for insurers in recent times. Compliance with these regulations will drive IT-led transformation of processes and standardization of modelling platforms will become a major focus for insurers in 2018. As firms set up new enterprise systems and data warehouses as part of their technology transformation initiatives – in the interim – spreadsheets will provide the much-needed flexibility to help quickly establish processes and models for compliance, which will ultimately remain in use for the foreseeable future. Consequently, adoption of automated spreadsheet management will form a key part of the IT transformation initiatives.

  • Cloud adoption of risk management solutions will gather momentum

With many regulatory bodies globally, such as FedRAMP, European Union Model Clause, SOC 1 and 2, among others, having recognised Microsoft Azure as a secure platform, the cloud ecosystem for risk management solutions will gather momentum, which will encourage their adoption among organizations. Risk management cloud solution providers will innovatively leverage this ecosystem to expand their offering and delivery options to beyond traditional areas including internal audit, and risk and compliance.