Last year — 2019 — was the year that culture and conduct risk concerns became embedded as the new normal for financial services firms.
That new normal has shone a continuous spotlight on the how as well as the what for firms and has — combined with the re-emergence of judgement-based regulation — increased the need for a highly skilled in-house risk and compliance function.
Robust, well-resourced control infrastructures are a key requirement and core competency for firms. Events in 2020 are likely to test the resilience and strategic approach of all firms, along with continuing regulatory change and the growing automation of business processes set against a backdrop of increasing personal accountability.
For more on these 5 risks, see TRRI’s new Infographic; and you can watch a video of the author, Susannah Hammond, discussing highlights of the article here.
While the detailed risks run by firms are, by their very nature, firm-specific and unique, there are a series of high-level risks applicable to all financial services firms, irrespective of geography or sector.
A new Thomson Reuters Regulatory Intelligence (TRRI) expert talk, authored by Susannah Hammond, senior regulatory intelligence expert for TRRI, sets out the five key risks for firms to consider in 2020. In brief, these include:
- Continuing Uncertainty
Geopolitical uncertainties abound. Former political co-operations and certainties are shifting, creating potential fragmentation and a need to be (and to remain) prepared for any and all eventualities.
- Proliferation of personal accountability regimes
Senior manager accountability in financial services firms is hardly original. What is new is the proliferation of accountability regimes worldwide as regulators seek both to clarify the expectations and also make it easier to hold those senior managers personally liable in the event of regulatory breaches. Where specific accountability regimes are not in place, regulators are using other means, such as cooperation credit, to seek to drive better, risk-aware forms of behavior by those in positions of power.
- Evolving skill sets
Linked closely to the proliferation of accountability regimes is the need for senior individuals to have robust, up-to-date, and relevant skill sets which are evidenced in detail. In particular, firms need to ensure that across the business (the board of directors expressly included) there are regular skills audits and resources allocated to remediating any skill gaps found. It is likely that technological skills will be a key area where skill sets need to be refreshed on a regular basis.
Cybersecurity has become a very real regulatory risk, and firms around the world are on notice about the need to identify, manage, and, whenever feasible, mitigate cyber-risks, including ransomware. As part of a firm’s overarching approach, senior individuals need to ensure that cyber-risks are expressly included in the range of risks considered, and that the board is prepared to discuss the actions taken to ensure that all reasonable steps have been taken to embed cyber-resiliency throughout the firm.
- Possible budget constraints
While continuing regulatory change, technology, and data privacy are all perhaps to be expected as key regulatory compliance challenges, it is the rise of the specter of potential budget constraints which may be the cause of most concern. Without appropriate levels of consistent budget and resources being allocated to the compliance function of many firms, then, almost by definition, any compliance function and the business it supports will struggle to rise to the myriad challenges which continue to arise.