Insights

Fresh thinking and actionable insights that address critical issues your organization faces.

Learn more

Resources

Services

KPMG's multi-disciplinary approach and deep, practical industry knowledge help clients meet challenges and respond to opportunities.

Services to meet your business goals

Technology Alliances

KPMG has market-leading alliances with many of the world's leading software and services vendors.

View all Alliances

Industries

Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more
Relevant Results
Sorry, there are no results matching your search.
Autocomplete suggestions are available. Use up and down arrows to review and enter to select.
See more results

Regulatory Intensity

Given continued discord and uncertainties, regulatory intensity focus on risk management/governance, financial risk, and data

Impact

In 2024, the intensity of supervision and regulation will continue with marked changes to reviews and examinations (e.g., more frequent, faster response, issues escalation, more rapid remediation) and a focus on risk management and governance (e.g., liquidity, capital, interest rate, concentrations, operations). This intensity will require financial services providers to (re)assess the current and target states of their operations; risk management policies, governance, and controls; and data and systems infrastructure.

Firms should anticipate: 

  • Immediate Action: Growing scrutiny of “weaknesses” in risk management and compliance, especially with regard to correcting deficiencies, will drive regulators to more stringent evaluations, possible ratings downgrades, and/or supervisory and enforcement actions. Firms will need to show both immediate assessment and resources to address potential weaknesses, as well as sustained processes (and executive accountability) to mitigate and manage risks.
  • Commitment to Resolve: Regulators will view inability to timely remediate supervisory concerns or identified “weaknesses,” or continuing, recurring, or increasing deficiencies, as cause to impose increasingly comprehensive and severe actions up to and including limitations on growth and required divestitures. Firms will need to demonstrate a commitment to resolving “weaknesses” such as through self-identification, proactive disclosure, completed root cause remediation, voluntary restitution, and executive accountability.
  • Intangible Risks: Regulators will expect risk management and governance processes to be adequately resourced (e.g., skilled staff, technology investment); risk management and compliance deficiencies (and particularly during times of “cost take-out”) may be seen as indicators of insufficient investment and/or resourcing, increasing both operational and intangible risks. Regulators will identify firms as “persistently weak” or “repeat offenders” in public enforcement actions, which will subject those firms to heightened reputation risk and may also have implications to the examinations of other regulators. Similarly, requirements or restrictions imposed on firms (e.g., reduction in asset size, additions to capital or liquidity, divestiture of subsidiaries or business lines) may heighten risks related to legal and compliance as well as market share and competition.

Firms should anticipate: 

1

Immediate Action:

Growing scrutiny of “weaknesses” in risk management and compliance, especially with regard to correcting deficiencies, will drive regulators to more stringent evaluations, possible ratings downgrades, and/or supervisory and enforcement actions. Firms will need to show both immediate assessment and resources to address potential weaknesses, as well as sustained processes (and executive accountability) to mitigate and manage risks.

2

Commitment to Resolve:

Regulators will view inability to timely remediate supervisory concerns or identified “weaknesses”, or continuing, recurring, or increasing deficiencies, as cause to impose increasingly comprehensive and severe actions up to and including limitations on growth and required divestitures. Firms will need to demonstrate a commitment to resolving “weaknesses” such as through self-identification, proactive disclosure, completed root cause remediation, voluntary restitution, and executive accountability.  

3

Intangible Risks:

Regulators will expect risk management and governance processes to be adequately resourced (e.g., skilled staff, technology investment); risk management and compliance deficiencies (and particularly during times of “cost take-out”) may be seen as indicators of insufficient investment and/or resourcing, increasing both operational and intangible risks. Regulators will identify firms as “persistently weak” or “repeat offenders” in public enforcement actions, which will subject those firms to heightened reputation risk and may also have implications to the examinations of other regulators. Similarly, requirements or restrictions imposed on firms (e.g., reduction in asset size, additions to capital or liquidity, divestiture of subsidiaries or business lines) may heighten risks related to legal and compliance as well as market share and competition.

Complexity

Expanded regulatory “perimeters,” innovative technologies, rapidly evolving products and services, growing interconnectedness, and the global political environment are contributing to heightened supervision and examination by all regulators, acting independently and in coordination, at the state, federal, and international levels, significantly enhancing the complexity of regulatory compliance. In 2024, firms will see ongoing and potentially increasing:

  • Regulatory Discord: International, federal, and state regulators will differ in public policies, areas of  supervisory focus, and regulatory approaches even as they work on the same regulatory concerns,  as exemplified by:
    • Efforts to promote international regulatory coordination and alignment (e.g., climate disclosure  standards, capital and liquidity requirements) amidst U.S.-specific adaptation.
    • Multiagency approaches and coordination (i.e., federal “whole-of-government” approaches  pursuant to the Administration’s Executive Orders) to address regulatory issues (e.g.,  cybersecurity, AI, consumer protection) amidst federal-to-state and state-to-state discord and  divergence (and timing).
  • Legal Challenge: Challenges to regulatory authorities, jurisdictions, and rulemakings (e.g., CFPB  funding structure, SEC climate disclosures, charters for novel institutions, crypto/digital assets) are  increasingly expected, raising the level of uncertainty and complexity in the regulatory landscape.  Firms will see that to preempt such challenges, regulators now regularly stipulate the agency’s  authority to issue regulations and/or take actions.
  • Implementation Challenge: The regulatory discord and legal challenges will drive the need for firms  to determine the level of direct investment (e.g., infrastructure and systems, people and resources,  data) to prepare to comply with supervisory and regulatory expectations that may at present be  uncertain or in flux.

1

Regulatory Discord:

International, federal, and state regulators will differ in public policies, areas of supervisory focus, and regulatory approaches even as they work on the same regulatory concerns, as exemplified by:

  • Efforts to promote international regulatory coordination and alignment (e.g., climate disclosure standards, capital and liquidity requirements) amidst U.S.-specific adaptation.
  • Multi-agency approaches and coordination (i.e., federal “whole of government” approaches pursuant to the Administration’s Executive Orders) to address regulatory issues (e.g., cybersecurity, AI, consumer protection) amidst federal-to-state and state-to-state discord and divergence (and timing). 

2

Legal Challenge:

Challenges to regulatory authorities, jurisdictions, and rulemakings (e.g., CFPB funding structure, SEC climate disclosures, charters for novel institutions, crypto/digital assets) are increasingly expected, raising the level of uncertainty and complexity in the regulatory landscape. Firms will see that to preempt such challenges, regulators now regularly stipulate the agency’s authority to issue regulations and/or take actions.

3

Implementation Challenge:

The regulatory discord and legal challenges will drive the need for firms to determine the level of direct investment (e.g., infrastructure and systems, people and resources, data) to prepare to comply with supervisory and regulatory expectations that may at present be uncertain or in flux.

Volume

The ambitious pace for new regulations set by regulators (led by the SEC) in recent years will likely  slow in 2024, an election year, as regulators work to finalize existing proposals (some of which are  already known to be the object of current and/or anticipated legal challenge). Additionally, 2024 “net-  new” regulations may be thwarted amidst the “lookback” period by which Congress might review and  disapprove final rules under provisions of the Congressional Review Act (summer 2024). Nevertheless,  firms can expect regulatory activity throughout 2024 to encompass:

  • New “Big Rocks”: Regulators will look to finalize “significant" new regulations (e.g., banking agency  rules on Basel III capital standards, long-term debt requirements, SEC rules on climate disclosure,  market structure).
  • Old is New: Regulators will continue to vigorously apply existing rules, regulations, and guidance  (e.g., heightened standards/ERM, financial stability, AML/BSA, UDAAP/UDAP, fair marketing, conflicts  of interest, recordkeeping) to new and emerging areas (e.g., “automated systems,” predictive  analytics, crypto and digital assets, digital devices) in supervision and enforcements.
  • Supervision and Enforcements Coming: The uptick in supervision and enforcement activities will  continue throughout 2024, including:
    • Continued/expanded prudential regulatory activity in areas of capital management, liquidity  management, enhanced regulatory supervision, enterprise risk management, AML, and integrated  data and reporting.
    • SEC/FINRA activity in areas of Best Interest, market structures (including Best Execution),  cybersecurity risk management, investment adviser supervision, and conflicts of interest.
  • Regulators will also signal new areas of supervisory focus and emerging risk through risk alerts,  speeches, blogs, and reports.

1

New “Big Rocks”:

Regulators will look to finalize “significant" new regulations (e.g., banking agency rules on Basel III capital standards, long-term debt requirement, SEC rules on climate disclosure, market structure).

2

Old is New:

Regulators will continue to vigorously apply existing rules, regulations, and guidance (e.g., heightened standards/ERM, financial stability, AML/BSA, UDAAP/UDAP, fair marketing, conflicts of interest, recordkeeping) to new and emerging areas (e.g., “automated systems”, predictive analytics, crypto and digital assets, digital devices) in supervision and enforcements.

3

Supervision and Enforcements Coming:

The uptick in supervision and enforcement activities will continue throughout 2024, including:

  • Continued/expanded prudential regulatory activity in areas of capital management, liquidity management, enhanced regulatory supervision, enterprise risk management, AML and integrated data and reporting.
  • SEC/FINRA activity in areas of Best Interest, market structures (including Best Execution), cybersecurity risk management, investment adviser supervision, and conflicts of interest.

What to Watch

Firms should look for the following items to set expectations about next years’ regulatory intensity:

  • Regulatory Agendas: Fall and Spring regulatory agendas released by each of the  agencies outline rulemaking actions expected to be released in the next twelve months.  Fall agendas are typically released in November; Spring agendas in June.
  • Supervision/Examination Reports: The publication of regulators’ supervisory and  regulatory summary reports and priorities, including the FRB Supervision & Regulation  Report (November/May) and Financial Stability Report (November/May); OCC Risk  Perspectives Report (December/June); FDIC Risk Review (spring); CFPB Supervisory  Highlights (biannual); SEC Examination Priorities (January/February); and FINRA Report  on Examination and Risk Monitoring Programs (January/February).
  • Testimony/Speeches: Congressional testimony related to oversight, pivotal speeches  and/or statements indicating emerging risks and/or areas of rulemaking.
  • Enforcements/Legal Actions: Public enforcement actions and/or legal actions that  outline deficiencies related to compliance with specific laws and regulations as well as  remedial actions to take.

Call to Action…

  • Allocated sufficient resources: Allocate sufficient investment, resourcing, and time to  “regulatory intensity”, inclusive of, but not exclusively to, net-new regulations. This will often  involve strong, centralized regulatory relations and regulatory remediation teams.
  • Implement “regulatory routines”: Develop and execute on “regulatory routines”, inclusive  of process automation and data analysis, for consistency and trends (including for regulatory  requests and corporate responses).
  • Map regulations to risk assessments and controls: Dynamically map regulations and  regulatory expectations to risk assessments and risk controls, built on a robust regulatory  change management inventory and process.
  • Integrate issues management into risk assessments: Integrate regulatory issues  management into dynamic risk assessments, with clearly defined ownership and  accountability for resolution and critical challenge.

Dive into our thinking:

Ten Key Regulatory Challenges of 2024

Download PDF

Explore more

Regulatory Insights

A source for updates and perspectives on regulatory activity and issues

Read more

Meet our team

Image of Amy S. Matsuo
Amy S. Matsuo
Principal, U.S. Regulatory Insights & Compliance Transformation Lead, KPMG LLP
Read bio
Image of Amy S. Matsuo
Amy S. Matsuo
Principal, U.S. Regulatory Insights & Compliance Transformation Lead, KPMG LLP
Read bio

Explore other services tailored to your business

Industry
Banking and capital markets
Read more
Industry
Insurance
Read More

KPMG. Make the Difference.


Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. KPMG LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters” subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

© 2024 KPMG LLP, a Delaware limited liability partnership and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Search now!

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Submit

Office locations

View locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Learn more

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Contact

Headline