Driving Efficiencies in OpRisk Regulatory Compliance

Article excerpt

BITS, a nonprofit industry consortium of 100 of the largest financial institutions in the U.S., recently published a study that identifies and evaluates different approaches to dealing with overlapping and redundant regulatory requirements in the financial services industry. BITS commissioned KPMG LLP to complete the study with research funding from The Financial Services Roundtable's Anthony T. Cluff Fund. This article provides insight into the regulatory trends that motivated the study, the research findings, and recommendations for changes in the regulatory process.

CEOs of financial services firms view overlapping regulation as a critical and growing concern. Recent and prospective additions to existing regulations such as Sarbanes-Oxley and Basel II have sharpened the industry's focus on compliance and escalated efforts to make the regulatory requirements and the associated examination process more efficient.

Every layer of regulation compounds the challenges faced by a financial services firm in maintaining efficient and integrated compliance operations. At the same time, bank regulatory agencies are equally taxed in their efforts to manage an expanding, and at times redundant, array of regulations. Financial institutions and their regulators need to work together for the industry as a whole to benefit from this study's findings.

A Cross-Industry Effort

While understanding and appreciating the forces driving increased regulation, BITS recognized the danger inherent in a failure to manage an unprecedented growth in overlapping compliance requirements. In October 2005, BITS (1) released its study

Reconciliation of Regulatory Overlap for the Management and Supervision of Operational Risk in U.S. Financial Institutions: Improving Compliance Efficiencies by Minimizing Redundancy. (2)

The first of its kind, this reconciliation study identifies and suggests approaches to dealing with the overlapping regulatory requirements of the Federal

Deposit Insurance Corporation Improvement Act of 1991 (FDICIA); the Gramm-Leach-Bliley Act of 1999 (GLBA); the Sarbanes-Oxley Act of 2002 (SOX); and the proposed Supervisory Guidance on Operational Risk Advanced Measurement Approaches (AMA) for Regulatory Capital, also referred to as Basel II. This relatively narrow scope allowed BITS and KPMG LLP, whose Regulatory Risk Advisory Services team wrote the study, to create a template for identifying regulatory overlap and one that the industry can apply to additional sets of regulation--domestic and international. The opportunity--and the goal of the study--was to better structure compliance processes, cut expenses, and preserve the industry's ability to protect safety and soundness.

How Regulatory Reconciliation Became a Hot Topic

Overlap among regulatory requirements has been a fact for decades. Compliance professionals have known, at least those at a high level, that areas of regulatory inquiry weren't always separate and discrete. Until the complexity and cost of managing overlapping regulatory processes rose to a tipping point, the incentive to drive a resource-conserving change was lacking. The regulations under review are relatively new to the industry, with the first, FDICIA, passed in 1991 and the last, Basel II, still in the planning phase. Within this time frame, the compliance burden of financial institutions has burgeoned to record levels.

Basel II, although still in the proposal stage and mandated for the eight largest U.S. banks, is nonetheless a key driver. In practice, Basel II will apply to a wider cohort on an opt-in basis. Beyond this group, smaller institutions expect their examination process to be influenced by standards emanating from Basel II enforcement guidelines and through the simultaneous development of Basel IA.

Industry lobbyists continue discussions on regulatory relief, and efforts to limit the consequences of increased regulation are ongoing. …