James Stewart, General Manager – Compliance APAC at Wolters Kluwer financial Services
Until recently, many banks have been able to maintain regulatory reporting processes without material investment by using Excel and/or other internally developed applications. Over the last few years, however, regulators have been upgrading their requirements for reporting in order to generate timely, detailed, and correct information to support their prudential responsibilities. In parallel, and coinciding with the global financial crisis, banks have focussed on reducing costs as they repair their balance sheets and profitability measures. These two conflicting directions are significantly increasing regulatory reporting risks.
Banks have historically considered regulatory reporting as a non-core process; a simple high-level data submission to the regulator on a monthly, quarterly or annual basis, able to be generated on a host of end-user applications that are linked to the general ledger or core banking system. Bank employees would make the required adjustments manually and transpose results into regulatory templates for onward reporting. These processes, although tedious, were able to be supported by specialized teams within the banks.
Regulators now realize the importance of regular and detailed information from their banks to support policy setting, identify structural weaknesses, and generally help to safeguard the financial system. Consequently regulators have introduced a host of new requirements including new accounting standards, upgraded capital adequacy frameworks and increased disclosure requirements in the form of more complex, frequent and detailed regulatory reporting templates. Specifically:
- In Europe, Financial Reporting (FINREP) and Common Reporting (COREP) frameworks have been rolled out to fully disclose the position and risk carried by each of the banks
- In the US, new templates such as the Federal Reserve’s FR Y-14 reporting are being rolled out, requiring large amounts of detailed information for US regulatory authorities
- In Asia, regulators have moved to International Financial Reporting Standards (IFRS) reporting and are upgrading their systems and reporting taxonomies to support new submission languages like XBRL
- Across the board, new regulatory frameworks such as Basel III, Dodd-Frank and the Foreign Account Tax Compliance Act (FATCA) are being introduced with associated reporting requirements
Across the board, regulators are looking for more accurate and timely information. In India it has recently been mandated that a single regulatory repository is established in the form of a central data warehouse, from which all reporting is automated. This reflects the concerns regulators have with current manual processes operated by banks which are inclined to data quality issues and reporting inconsistencies through the use of manually maintained spreadsheets.
The global financial crisis has led to the introduction of regulation focused on increased capital and liquidity buffers. As banks adapt to the new regulatory environment and reduce the amount of risk and balance sheet size, margins come under pressure leading to increased focus on cost reduction exercises such as reducing the size of teams and back-office costs. Unfortunately these efforts coincide directly with the increased regulatory reporting requirements, which is pushing many banks into dangerous territory as their legacy architecture and reduced teams struggle to cope.
Banks will begin to find they are operating within the ‘RED’ regulatory risk-zone (see diagram above) and will begin to face the following issues:
- Accounting framework upgrades have become more complex, but are yet, still being handled by manual processes often with error
- Key staff attrition leaving new staff performing processes that are not well understood
- Huge inefficiencies as teams are manually transposing data between manual consolidation layers and submission formats
- Defaulting data in regulatory reports because the underlying data is not available (i.e. the general ledger system often doesn’t contain the required trade and customer static)
- Inconsistencies across the bank as different teams operating from different systems submit conflicting information for the same positions (i.e. a single exposure is unlikely to match when viewed in a risk system versus a finance system)
- A large number of issues and control weaknesses are being identified both internally and externally through audits
- Greater regulatory focus either through fines, special audits, or suspension of approvals for new business requests
- An inability to upgrade current processes for regulatory changes or even internal architecture changes leading to further layers being added to manual processes, resulting in massively increasing complexity
Banks that have invested and upgraded their regulatory reporting architecture and processes will succeed in avoiding many of the above risks and will start recognizing efficiencies that allow them to maintain a low cost base by leveraging technology and automation. Banks that choose not to upgrade incumbent solutions will face a future of inefficiencies and heightened regulatory risk as their teams struggle to keep pace with the amount of regulatory change that has been issued and that is yet to come.