Seeing beyond Peak Reg: collaboration between regulatory and strategic projects

So far in this series of blogposts on bank regulation, we’ve looked at whether ‘Peak Reg’— the point at which the advancing tide of banking regulation pauses and goes into retreat—has been reached (short answer: ‘almost’); and examined the emerging priorities shaping future regulation in a post-Peak Reg world. In this third post, we’ll turn to the question of how banks and their compliance functions can best navigate beyond the Peak Reg turning-point.

First, some context. As the sustained wave of prudential reforms implemented since the global financial crisis (GFC) plateaus, the industry is telling us there’s a switch of regulatory focus underway to areas like conduct, culture, data protection and operational resilience.

Although there is commonality of purpose across these areas, the actions to address them aren’t being led by a top-down push from the G-20 and the Financial Stability Board (FSB). Not only is there a change of focus from regulators, but banks’ responses also don’t lend themselves as readily to global compliance programmes as the post-crisis prudential reforms did. The result is that the complexity for banks—far from trending down—is continuing to rise.

Faced with this situation, what should banks do? A couple of things are immediately clear. One is that banks’ regulatory spending priorities will have to shift towards building capabilities which can support the evolving regulatory agenda: focusing on areas like data management and governance, in order to improve capabilities that can meet a variety of demands in different jurisdictions and support efforts to improve culture and conduct. Another is the growing need to deliver real and measurable business benefits from investments made for regulatory compliance purposes: this means reducing overall costs, and bolstering competitiveness against a background of rapid technological change and intensifying competition.

All of this adds up to a big shift in the regulatory environment. Across the financial services industry since the GFC, compliance and remediation priorities have often trumped wider business strategy and technology-driven initiatives. In a recent research study that we conducted among banking executives, industry respondents told us that regulation-driven systems projects have frequently valued ‘speed of delivery’ over ‘utility for the business’—meaning the creation of business benefits wasn’t even on the agenda.

This needs to change. In a separate programme of PwC conversations with change directors at global banks, they pointed to the absolute imperative for their regulation-driven projects to plan, measure, track progress, deliver and be held accountable for the delivery of wider business benefits.

Achieving positive business outcomes is all the more important because, in the current environment, firms need to focus on improving competitiveness. And competitiveness requires investment in technology. With this in mind, global banks are investing particularly in four key technologies for the future: data analytics, cloud computing, artificial intelligence (AI) and robotic process automation (RPA).

These technologies are key to banks’ strategies - enabling them, among other things, to target and engage existing and potential customers more accurately, improve pricing, reduce operating costs, and gain better insights for decision-making. The end-results include a better customer experience and ultimately higher profitability.

The rising importance of these business benefits is contributing to a further shift in banks’ approach to their investments in compliance. Having been told for years that any and every regulatory project is vital to their bank’s licence to operate, boards are now taking a more sceptical view—and demanding that these projects generate added business value on top of ‘just’ compliance.

How should compliance functions respond to this increased scepticism? In our view, the solution is clear. What’s needed is a new and higher degree of collaboration between regulatory and strategy-driven projects. An approach that aligns and serves both agendas at once, by delivering robust compliance and helping banks to control costs, contributing in turn to higher competitiveness.

It could also be argued that complying with the rules is not enough on its own anyway: it’s the proper management of the risks that the rules are designed to address which matters more—and now is the time to pivot more overtly towards adding value by managing risk. Especially core risks, which are what a bank is fundamentally about, and newer risks now coming under growing regulatory scrutiny, such as climate risk.

Compliance also has little choice but to keep up with the blistering pace of technology change—both in the front office, and as a catalyst for finding more effective and lower cost ways of delivering compliance.

The good news is that this increased alignment between compliance and strategy is mirrored in the wider environment. Satisfaction of regulatory priorities increasingly requires better systems and data: regulators themselves are talking more and more about the role of RegTech and SupTech in regularising and improving the transparency of the activities on which firms report. Advances in these areas also provide an opportunity to rethink and rebalance the compliance function for the future.

Banks that can achieve all this will get the best of both worlds. It’ll help to improve the relevance of their compliance investments—while also aligning those investment to wider strategic imperatives. The result? They’ll be ideally equipped to navigate through the competitive landscape that lies in wait beyond Peak Reg.

Brian Polk

Brian Polk | Director
Profile | Email | +44 (0)7711 898535

More articles by Brian Polk

Read more articles on