Regulatory reporting controls as a strategic advantage

There is continuing focus and heightened expectations around governance, processes and controls in relation to Financial & Regulatory Reporting. Over the last few years firms have invested to uplift controls environments around regulatory reporting in response to the Prudential Regulation Authority (“PRA”) Dear CEO letter of 2021 setting out the Regulator’s thematic findings on reliability of Regulatory Reporting. In this letter, the PRA have been clear in their expectation that regulatory reporting processes should be as rigorous as those for financial reporting, a significant step-change for many firms where regulatory reporting arrangements are substantially less advanced.

The nature of the banking industry means that firms will always need to ensure they keep up with evolving regulator expectations. For many firms the primary driver for a strong and robust prudential regulatory framework is the avoidance of supervisory actions, such as s166 reviews, Pillar 2 add-ons and / or fines.

Andrew Burrows

Partner

KPMG in the UK

mail

In the dynamic regulatory landscape, strong controls and prudential regulatory compliance are key areas where firms can position themselves to excel in a challenging market. Ongoing regulatory changes such as Basel 3.1 will require organisations to embark on large scale regulatory process changes, providing an opportunity to proactively overhaul the controls environment. This could deliver significant advantages. Firms should consider using this as a chance to review their regulatory processes and related controls, to simplify these by investing in stretching technology architecture and process re-engineering. By establishing a solid foundation, subsequent regulatory modifications become more manageable and less disruptive, minimising the need for repeated timely and costly adjustments to fit ‘another layer’ of controls onto existing processes.

Furthermore, a robust controls environment fosters a culture of compliance, reducing risks and reputational damage. The alternative costs of non-compliance spans from increased operational costs, due to complicated processes and controls, to investigations and/or restrictions placed by the regulator through fines and Pillar 2 add-ons. A proactive approach therefore safeguards the organisations financial stability and protects its long-term viability. As such the strongest performing organisations are those that see regulatory compliance as a foundation of their competitive advantage, rather than simply a box that needs to be ticked.

While adding controls may seem like a straightforward solution to improve regulatory reporting, simply layering additional controls onto often inefficient processes can have detrimental consequences. An overreliance on manual processes and layering of controls increases the number of potential points of failure and results in decreased agility to adapt to evolving regulations, placing increased demand on key SMEs to keep “turning the handle”. This accumulates in increased risk of human error and employee frustration, whilst diverting attention from improving the underlying processes themselves.

A reliable prudential framework will ultimately be the best foundation for any business and ensures management has the tools to make good decisions. Investing to build such a framework will bring regulatory compliance and with it, a competitive advantage. Firms should consider the following as they move forward:

The Basel 3.1 and the Small Domestic Deposit Takers (“SDDT”) regimes present opportunities to reset and ensure an effective internal control infrastructure. The quantum of change requires significant changes to the prudential technology infrastructure and provides a chance to build systems and processes in a compliant and efficient manner to meet the firm’s business needs.
Critically, firms should consider their end-to-end process framework and understand the data lineage of the Key Data Elements (“KDEs”) used to produce key regulatory outputs. By compiling an internal data dictionary, firms can begin to identify the gaps and remediate them. Furthermore, better sight and understanding across the prudential and reporting infrastructure can enable firms to be more proactive and identify weaknesses before risks crystallise.

In conclusion, the benefits from investing in a regulatory reporting controls uplift are clear. Instead of simply adding more controls, firms should first focus on improving the underlying processes embedding a culture of compliance. By addressing the root causes of inefficiencies and errors, firms can create a solid foundation for effective regulatory reporting buying them a strategic advantage in the market.