Insights on board importance, risk management, and mitigating misconduct
Across all regulatory challenge areas, the importance of risk management and avoidance of “risk complacency” is vital to remaining in compliance with evolving regulatory landscapes and ensuring resiliency.
Explore here insights on Risk and Governance from the KPMG report Ten key regulatory challenges of 2023.
Regulators will continue to look to demonstrable evidence of credible challenge and dynamic risk assessment and decisioning from both within and across the board and senior management. As part of these expectations (and as part of supervisory focus and evolving regulatory reporting), regulators will expect increased and formalized documentation, mapping, ownership, and ongoing testing and monitoring of controls.
Regulators will expect board and senior managers to:
Regulators will continue to focus on the robustness of the risk framework across all three lines of defense – as a part of rulemaking and as an ongoing theme in enforcement actions. This will include assessing whether risk and compliance programs across the enterprise are “geared” to current and emerging risks as well as sufficiently and appropriately resourced, including investment, funding, technology, and skilled staffing. Individual accountability and companies deemed to be “repeat offenders” will be a key focus of investigations and enforcements.
Companies will need to demonstrate:
Conduct risk and ethical business practices will take on additional importance with evolving ESG importance. Regulators will look to the corporate culture and the investment in ethics and compliance programs to ensure they both reward compliant behaviors and accountability and deter misconduct. Areas of regulatory interest will include:
In today’s dynamic and ever-changing environment, new risks are constantly identified. Because of this, it is very easy and natural to focus our energy and resources on the hot topic of the moment. While it is important that we quickly assess the risk of these emerging threats, we must not lose sight of the basics. This will help ensure we maintain the effectiveness and integrity of our foundational risk and control environment.
Chief Audit Executive, US Bank
☑ Assess board and executive governance structure, skills and composition
☑ Develop and formalize board composition /education program to address critical and emerging risks
☑ Ensure demonstrable board and executive management critical challenge
☑ Actively surveil and mitigate conflicts of interest and conduct risks, particularly in areas of “new” (digital adoption, models/AI/ML, etc.)
☑ Evaluate existing supervision and control testing coverage; explore methods to increase coverage (automation, methodology, etc)
☑ Invest in automation, analytics, and process efficiencies
☑ Appropriately position, scale, and reward risk management
Ten Key Regulatory Challenges of 2023
Read our report for client perspectives, regulatory recaps, and actionable steps to help mitigate risk.Download PDF