We’re now more than a year into the COVID-19 pandemic. What lessons has the past year taught compliance professionals faced with a global health crisis, an evolving regulatory environment, and new modes of work?
To find out, Compliance.ai CEO Kayvan Alikhani recently spoke with industry experts Rick Dupree, CEO and founder of Riskliance, and Delphine Becker-Cooke, senior GRC expert at Galvanize, about the takeaways from the past year and the role of RegTech in helping firms adapt to the regulatory landscape.
Lessons Learned from Pandemic Operations
One thing that COVID-19 didn’t do was reduce the pressure on compliance teams at banks, financial services, and insurance (BFSI) firms, especially as government agencies issued constantly evolving guidance and regulations. In a recent survey by the Society of Corporate Compliance, 36% of compliance departments reported a “somewhat or large increase” in inquiries to their teams.
In our own informal poll, 57% of respondents said that their working hours had increased to meet demand, but only 4% said that they were able to hire additional staff. One-third said their budgets had actually decreased.
Lesson 1: It’s time to move away from manual processes.
For risk compliance teams asked to do more with less, the pandemic revealed the inefficiency of manual processes. For example, many compliance teams have found that tracking new regulations or changes in obligations in spreadsheets significantly slows down status updates on making the required changes and poses the risk of missing a deadline for compliance. No longer can compliance professionals depend on being able to walk down the hall to deliver documents to a colleague; even sharing documents by email has its drawbacks. The pandemic also shook up compliance teams who had previously spent much of their time on “check-the-box” tasks.
“Organizations realized they need to be more forward thinking in their risk management efforts,” Dupree said. “They need to realize efficiencies on lower-level tasks so they can better prepare for future crises.”
FinTech companies, in particular, were nimbler during the pandemic because they were already taking advantage of technology and digitization.
“The FinTech companies saw the benefits of automation right away,” added Becker-Cooke. “They saw the ROI, because they don’t have hundreds of people to throw at a task.”
Lesson 2: Compliance teams need to be able to work remotely.
Dovetailing with the inefficiency of manual processes during a global pandemic was the sudden requirement for remote work. Some BFSIs were able to adapt quickly; others that depended on physical facilities were caught off guard.
“I had a client whose operations came to a standstill for six weeks because everything was on premise and they couldn’t get access,” said Becker-Cooke. “COVID-19 was pushed European compliance functions to enable remote work, because they can no longer depend on in-person meetings to discuss new legislation.”
Lesson 3: Confidently move risk and compliance activities to the cloud.
Another side effect of the pandemic was that BFSIs became more comfortable moving operations to the cloud.
“Eight years ago, if I walked into a mid- to large-sized U.S. financial services institution and offered them an all-cloud solution, I would have been thrown out within 30 seconds,” said Alikhani. “Today, I would be hard pressed to find a single RFP that’s not demanding cloud-based access, specifically RegTech, in light of the pandemic.”
RegTech Provides a Competitive Edge
Embedding RegTech into risk and compliance is leveling the playing field between large banking institutions and new FinTech firms.
“It’s no longer that whoever can throw more bodies at a problem will win the game,” Alikhani said. “RegTech shows us that many risk and compliance activities can and should be automated.”
To learn more about how RegTech can help BFSIs tackle emerging risks and business challenges, listen to the entire panel discussion with Kayvan Alikhani, Richard Dupree and Delphine Becker-Cooke.
Automatically monitor regulatory updates to map to your internal policies, procesures and controls. Learn More
