Top 3 Regulatory Focus Areas for Financial Institutions

Going forward, horizon scanning, anti-money laundering, and climate change are top-of-mind for the financial sector.

The financial system is currently undergoing a transformation that is forcing it to change up its usual modus operandi. Traditional financial institutions see more players in the field with fintech companies, non-bank lenders, non-bank payment companies, and crypto-asset companies growing in number and market strength. Meanwhile, federal and state regulators are looking closely at the risks in the current and future marketplace, adding a higher supervisory focus.

According to the 2022 Deloitte Report on key regulatory issues and trends in banking, the areas of risk that are top-of-mind after the foundational ones (i.e. governance and core risk management, consumer protection, data infrastructure, technology resilience, etc.) are:

Accelerating areas

  • Operational resiliency and mitigating cybersecurity risk
  • Third-party risk management (TPRM)

Emerging areas

  • Digital assets
  • Climate change

If accelerating areas demand faster internal adoption, the emerging areas require a more thorough vigilance in monitoring new developments. Whether you’re a large bank or a local credit union, financial institutions need to think strategically about the shifting goal posts of today’s regulatory compliance space – and the new tools and technologies that can help achieve future goals. Either that – or be a constant target for financial auditors and examiners.

Horizon Scanning

Compliance isn’t just checking a box. Regulations continue to shift, and even if certain regulations did not apply before, they may be applicable now – or in the near future. Anticipating, identifying, and understanding the impact of upcoming regulatory changes (new regulations, legislation, guidance, and updates) is critical for every financial institution. This is also known as horizon scanning.

With the constant regulatory change, compliance teams are overstretched, trying to stay ahead of the game in anticipating risks before they materialize. From failure to properly implement regulations to money laundering, insider trading, and hacking scandals – the risks are many, yet both management and staff are under-resourced and face unrealistic “dual-hatting” of responsibilities. Consequently, manual tracking in spreadsheets is no longer feasible.

Many organizations started looking into using automation, artificial intelligence (AI), and third-party integration providers to improve efficiency and effectiveness and reduce manual, repetitive processes when dealing with horizon scanning.

Key challenges to maintaining regulatory compliance.
Source: Regology

Digital Assets and Anti-money Laundering (AML)

The inherent risk associated with certain fintech advancements, digital assets, and cryptocurrencies requires additional risk management and controls in place. Particularly because the regulatory landscape around digital assets is not established yet.

With the passing of the ‘Digital Assets Executive Order’ – and the wave of regulatory changes on the horizon – it is critical for financial institutions to plan ahead. AML, customer due diligence (CDD) and know-your-customer (KYC) programs will play a critical role in any financial service that involves digital assets.

AML around cryptocurrency should encompass laws, regulations, and practices that are monitored and enforced by financial institutions to stop criminals from converting illegally obtained cryptocurrencies into fiat money.

Financial institutions will need to adhere to regulations governing anti-money laundering and identification of customers to avoid penalties and fully understand the risks they undertake if regulations are not followed.

What will help? According to Deloitte, a management system “that can adapt to new regulatory requirements, evolve core testing and monitoring capabilities to be proactive and automated, ensuring clarity across lines of defense, will help avoid compliance inconsistencies and increased regulatory scrutiny.”

Climate Change Issuances and ESG

“This year, most financial regulators are looking to widen their regulatory parameters to include every factor of ESG, from climate change to corporate governance. What does this mean for compliance teams? A deluge of emerging regulations and expectations.” (Deloitte, 2022)

Like digital assets, climate change and ESG are emerging areas of regulations that are here to stay. Taking a proactive stance is critical due to the US financial regulators continuing to accelerate their climate response in 2022. This means that stress testing, forecasting, and strategic planning efforts will be essential.

According to Climate Action Tracker, the US will need to implement additional policies to reach its proposed targets of reducing emissions by 50%–52% below 2005 levels by 2030 – which means that more climate-related legislation is underway.

As of September 27, 2021, CRS identified 48 bills introduced in the 117th Congress concerning climate change and the financial industry. These bills include provisions regarding climate change risk disclosure and proposals to create climate or green banks. Seven of these 48 bills received floor consideration.

US climate change policy table 2021.
Source: US Climate Change Policy, October 28, 2021

Alongside climate and environmental concerns, social issues, like diversity, equity, inclusion, and worker wellbeing, remain in the spotlight as part of broader ESG discussions. Particular regulatory attention will be paid to accountability – from boards and senior management to business lines, independent risk management, and internal audit functions.

“Governance and controls are sure to remain a hot regulatory topic in 2022, with a few high-profile enforcement actions and fines reminding boards and senior management that continued risk management is essential. Strong governance is required to deliver financial services in a safe and sound manner.” (Deloitte, 2022)

More often than not, however, accountability and ownership of controls are unclear as the result of poorly defined roles and responsibilities, leading to risk mismanagement. Optimal mapping of policies, risks, and controls will be critical going forward and can be achieved with automated solutions for regulatory compliance management.

In Summary (TLDR)

The financial sector is one of the most highly regulated industries, and the volume of regulations is increasing incrementally year on year. In 2022 and going forward, three areas are top-of-mind for compliance professionals in the field:

  • Horizon scanning is critical to keep tabs on all emerging areas of regulatory compliance, as well as the fundamental ones. Anticipating regulatory changes can be a tall order for under-resourced compliance teams, and more automation and AI-driven solutions are being scoped.
  • The emergence of digital assets and crypto as a new player in the industry means that additional regulatory risk management is needed. If your financial institution is engaging in digital assets products, the first order of priority is establishing AML and KYC programs.
  • The E (environment) in ESG is taking a lot of spotlight in 2022, alongside social and governance. In September 2021, 7 bills received floor consideration in Congress concerning climate change and the financial industry, placing climate change as a regulatory focus and a contributing factor to financial risk. Stress testing, forecasting, and strategic planning efforts will be essential, as well as proper mapping of policies, risks, and controls.