by Ralf Huber, Co-Founder Apiax
It is difficult to overstate the impact of globalisation on the financial services sector over the decades-long process of opening up national economies and markets. The breadth and depth of cross-border activities institutions are engaged in function as an enormous source of opportunity. They also account for a great deal of the danger they face. From transaction settlement to travel policy, anti-money laundering to marketing, cross-border compliance regulation is always top of the executive agenda.
Conscious of the grave legal, regulatory and reputational risks at play, supervisory authorities all over the world have been insisting over the past decade that banks implement frameworks to actively manage them. As with all the other strands of additional scrutiny, firms have to contend with, dealing with the complexities surrounding these control systems through traditional methods is proving challenging, to say the very least.
Flaws in the traditional approach to managing cross-border compliance frameworks
Cross-border compliance frameworks must naturally be based on a comprehensive understanding of the local laws and regulations in each jurisdiction a firm operates in (or wishes to). Having established this—which is no easy task—firms would traditionally then define policies, elucidate these in handbooks and training, and then implement monitoring and control systems to ensure adherence to what are inevitably labyrinthine rules. Yet as firms have come to see, this way of proceeding has inefficiencies and risks baked in right from the start.
Our cross-border compliance survey found that over half of firms deal with over 20 jurisdictions, meaning that just keeping up with the deluge of new regulations being published is immensely challenging in itself. Disseminating this knowledge to those who need it (relationship managers, marketing teams, software engineers, …) is then even more so since static text-based guidance and even paper manuals (!) are still so prevalent. Not only are personnel groping for ever-changing rules, but they are also groping for their applicability situation by situation, up and down the business. Recourse to legal advice is therefore a common and often costly occurrence.
Wasted resources, wasted opportunities in cross-border compliance
Training and monitoring are simultaneously like leaky buckets that can never be filled up. Very little time passes after personnel return from the classroom to their revenue generating activities, before that knowledge is once again out of date. Not to mention that no training can even come close to covering the complexity of real cases. Likewise, monitoring everything from product restrictions to marketing campaigns and client meetings can be a never-ending cycle of manual updates and workarounds and therefore, most organisations have controls in place only for high-risk areas. Travel approvals are very often “managed” via spreadsheet for want of a better solution.
Mired in this low-tech, resource-intensive manner of managing cross-border compliance, it may seem like spiraling budgets are just the cost of doing business in desirable markets – no matter that this investment never seems to get organisations to where they want to be. The alternative course is to admit defeat, either pulling out of what should be lucrative markets or never proactively pursuing them at all. In fact, our survey found that 45% of institutions provide cross-border services based only on client requests. This shows how powerful this dampening effect is.
Escaping the constraints of traditional cross-border compliance frameworks
Traditional approaches to cross-border compliance frameworks – indeed to compliance frameworks in general – clearly do not work at any level. So, what can firms do to dial down risk and costs, and dial up their chance to seek rewards?
The answer is to operationalise and modernise compliance, rather than have it as a largely analogue overlay. This means embedding compliance into teams, processes and products so that regulatory knowledge is delivered in a context- and role-specific way.
Momentum for a hardwiring approach has been building exponentially since Boston Consulting Group (BCG) heralded a new era of compliance by design, calling this “banking’s unmissable opportunity” to resolve its struggles to translate regulatory requirements into business processes.
BCG’s broad prescription was that institutions should begin with a detailed and structured analysis of regulatory requirements, translate these rules into compliance processes and then hardwire these processes into their systems via smart technologies and workflow tools. Things having moved on significantly since their original proclamation, we can now do even better than that.
Translating complex rules into digitised cross-border frameworks
In our world, cross-border compliance emanates from the centre and the crux of the matter: the rules, or rather a digitised rendering of those rules that may be managed internally or by an external legal or consultancy partner. All relevant processes are then connected to this centrepiece so that a change at the source translates immediately into required practice. Compliance simply flows from the source with no training, handbooks or head-scratching required. Whatever their function, personnel can get on with what they do best, secure in the knowledge that they are always operating within the rules.
When rules are embedded in a specific system or process (e.g. the investment advisory process), monitoring and controls are no longer required as the rules are checked “pre-activity”. Therefore, banks using such a solution can move away from their risk-based controls and gradually (process by process and system by system) move towards a low-risk organisation through cross-border compliance frameworks. The impact on risk reduction and efficiency is obvious.
For the institutions which have implemented our version of embedded compliance, and we can count some of the world’s biggest brands among them, the effects are proving to be transformative. Their peers are definitely taking notice and planning investments accordingly. Our survey revealed that a third of firms aim to integrate regulatory restrictions into their workflows in the next year and a quarter of firms will be giving advisors easy access to digital rules for cross-border compliance.
Why the digitisation of cross-border compliance frameworks is now a priority
Whichever angle you look at the issue from, it is becoming plain that the era of traditional cross-border compliance management is drawing to a close. The risks, inefficiencies and frustrations associated with it are simply untenable, as is the curtailment of competitiveness it brings in every sense.
In order for financial institutions to power up their competitive advantage in a global world, adopting a digitisation of cross-border frameworks is now a priority.
The rapidity with which both institutions and regulators are backing digital compliance will dictate how the rest of the industry will smoothly transition from complex, paper-based processes to a solid and scalable cross-border compliance framework.