Compliance for Free: Converging Risk and Customer Management Requirements Strengthen Shareholder Value

Article excerpt

According to a recent survey of US companies, only 38 per cent of respondents felt that they had benefited from their compliance with new risk regulations. Almost a quarter said their compliance efforts harmed them and 40 per cent saw no impact.

Also, a leading analyst recently indicated in American Banker that her research showed 30 per cent of IT spending on compliance is redundant, a cost of $US1 billion per year, because of siloed management and siloed data.

These results are not very encouraging for bank executives faced with increasing risk regulation and compliance requirements as well as ongoing obligations to strengthen shareholder value.

But what if you could convert your own bank's obligatory risk management efforts into initiatives that simultaneously improved customer relationships and value?

While one issue is about compliance and the other about value, banks are increasingly discovering that there are striking parallels between their risk-related technology requirements and the customer management systems they have developed over a number of years.

Risk and compliance

Financial institutions are currently facing a litany of risk-related laws. The Patriot Act, Sarbanes-Oxley and Basle II are driving new spending and re-engineering of jobs, processes, and technology.

Basle II 'encourages' banks to develop systems and procedures to improve the measurement, monitoring and reporting of credit, market and operational risks. This is reinforced by the regulator's promise to rely on the banks' internal systems and the potential for lower capital requirements.

But there is a much larger benefit embedded in banks' good-faith compliance efforts. The very same systems and procedures for helping banks measure and monitor risk provide significant contributions to the quantity and quality of data about customer behaviour.

With AML, it is the systems that offer the convergence benefits. When you are trying to protect your bank from money launderers, you are not just looking for the proverbial needle in the haystack. You are looking for a few specific needles in a stack of needles. The difference between the bad needle and the millions of good needles is often extremely subtle. And the bad needles are confoundingly astute about changing their colours and hiding behind the good.

That is a very different challenge from the old world of fraud detection, which relied on rules-based technology to detect fraudulent transactions. You can't write enough rules to tell a needle from a needle.

In the complex world of AML, it is important to establish behavioural norms and operate, where possible, on a real-time basis.

Ideally, behaviour norming should be based on three aspects of a transaction the 'three Vs':

* Velocity--how fast do funds move through the account?

* Volume--what number of transactions are occurring?

* Value--how big are the transactions?

Sales and revenue

For several years, many in the banking industry have focused on revenue-generation initiatives that were essentially unsustainable: mergers and acquisitions; aggressive campaigns to win customers with no-fee appeals; and the imposition of more fees and larger fees, etc.

As these approaches have failed to deliver significant growth in value for customers and shareholders, these banks have become desperate to find a new strategy.

In The Discipline of Market Leaders Fred Wiersema and Michael Treaty assert that there are only three broad strategies that any organisation can choose from, and to be successful, you must choose just one for your organisational focus.

The first is a product strategy. You can relentlessly innovate, delivering new and differentiated products that make customers willing to pay a premium for them. Nike is a good example. So is Porsche. Hewlett-Packard is not. …