Regulatory reporting has grown in profile over the last number of years, with more budget and more employees dedicated to compliance activities than ever before.
Having been involved in the compliance space for more than a decade in some form or another, we have identified key compliance characteristics and trends in the majority of South African (and African) financial institutions.
Whereas a number of years ago compliance was a process that required a small team of people (as a percentage of IT staff) to manage, we have seen a steady increase in the proportion of staff assigned to compliance as opposed to revenue-generating activities.
This is due to a steady increase in the number of compliance checks and reports required by regulators, and an increase in the coverage of the reports (i.e. inclusion of more clients and reporting records), as well as an increase in the detail required (i.e. more detail on each client and/or reporting record).
Keyman dependency and burnout
A number of organisations make use of a few key staff members to run critical reporting processes.
In a lot of cases, this leads to burnout due to the significant levels of stress during reporting periods, or serious issues in cases where staff members actually resign or move on.
Reporting deadline pressure
Most organisations still treat reporting season(s) as an event rather than a process. i.e. once an (annual) submissions have been completed, everything goes on ice till a month or two before the next report is due.
This leads to immense pressure and lots of late nights for the staff entrusted with the reporting process, as well as a lot of (often nasty) surprises and at times missed deadlines and cutting corners when it comes to data quality.
Treating reporting as a process leads to early insight into data quality and a huge reduction in pressure during submission season.
Lack of repeatability
In a number of cases the activities that are performed to enable reporting for one season have to be started from scratch for the next reporting season.
Although some level of rework is to be expected at times, all too often client corrections are made on the final submitted reports, meaning there is almost no re-use of hours and hours of work for the next submission season.
Lack of responsibility
In a lot of cases, there are a lot of ‘grey areas’ when it comes to responsibility. Should reporting form part of the IT process, or should business take ownership?
In the scenario where it becomes an IT responsibility, we tend to see a lot of cases where business sends inaccurate data to IT, leaving IT with a very difficult task to ensure reporting occurs as expected.
Similarly, if it becomes a business-focused task, often business does not have the appropriate tools to help them clean or prepare their data. The technical nature of the issues that occur during submission means that business is highly reliant on IT for a task that IT does not consider part of their key responsibilities.
The answer lies somewhere in between, but we have seen very few organisations that have managed to strike the correct balance.
Lack of automation
In a few cases, the reporting process is very manual, from the sourcing of data to cleanup processes to the creating and validating (and submitting) of the final file.
Data quality issues
Data quality issues plague the majority of financial institutions. Most organisations have legacy data that predates the current stricter compliance landscape, meaning that data that was more than sufficient when it was originally captured now falls well short of minimum requirements.
However, this problem extends to newer financial institutions as well (as well as newer data at older financial institutions). In a large number of cases internal bank systems just can’t keep up with the broadening scope of regulation and the resultant data quality requirements, meaning that despite the best training and guidance in this regard, low-quality data still makes a regular appearance in financial systems.
Tactical rather than strategic solutions
Due to the nature of how compliance has evolved over the years, a large number of financial institutions make use of tactical rather than strategic solutions today.
When compliance requirements were first introduced, it was sufficient to do the bare minimum and re-purpose other reports and/or systems/processes to achieve compliance. This was since the scope of the requirements was low, and didn’t require much complexity to achieve. In a lot of cases, financial institutions also took a ‘wait and see’ stance to understand where the bar would be set.
As each subsequent year has introduced more requirements, the previous year’s solution would be taken out of retirement and tweaked to achieve the new requirements. After a few years of this, the reporting solutions at a number of institutions started resembling a massive snowball rolling down a hill, invariably collapsing and leaving financial institutions with (almost) no solution at all.
Additionally, the snowball (tactical) solution almost invariably does not address issues in the most optimal way possible, and there are lots of holes. Being able to take a strategic stance to reporting means considering all of the pitfalls and other aspects upfront.
Compliance is often seen as a grudge activity inside financial institutions. It is an activity that generates very little real value to most organisations, and in the vast majority of cases, the preference would be to redeploy the team working on compliance reporting to activities that are more closely aligned with the vision/mission of the organisation.
Indeed, in the most extreme cases, compliance teams are seen as a nuisance that needs to be tolerated rather than valuable members of the team.
Lack of leverage
Too often the results of compliance processes are not used for anything other than reporting.
However, since a massive amount of data needs to flow through compliance systems, there is often an opportunity to unlock additional value.
Whether it is due to additional analytics that can be performed on data due to having better-structured, cleaner data, or alternative metrics and insights that can be gained due to the data being structured and collated in one area. In our experience, very few financial institutions leverage this feature.
For these reasons, we belief is that looking at strategic rather than tactical solutions can help set financial institutions up for long-term success and lower the risk of non-compliance events.