2024 is shaping up to be remembered by financial services organizations as a year of regulatory challenge marked by three factors:
a. Exam Findings and Remediation:
b. Regulatory Discord:
c. Frameworks and Existing Regulations:
“From robust supervision to state, federal and global regulatory discord to election-year uncertainty—regulatory intensity is driving corporate costs as well as high anxiety,” said Amy Matsuo, Regulatory Insights Leader, KPMG LLP. “Going forward, regulators may shift their focus towards supervision and enforcement of existing rules rather than extensive rulemaking.”
(note: Additional comments from KPMG LLP financial services leaders are below)
Supported by the KPMG Regulatory Insights Barometer, which assesses areas of regulatory pressure and direction of change, the report covers mid-year perspectives on the 10 key regulatory challenge areas identified for financial services companies in 2024, and insights on what is expected looking forward to the second half of the year:
1. Regulatory Intensity
As of mid-year 2024, we are seeing a shift away from “net-new” rulemakings and toward a stringent supervision and enforcement of existing rules and the use of frameworks/guidance in lieu of new rules. Uncertainty around the 2024 election outcome, and how different administrations could potentially impact upcoming regulatory, supervisory, and enforcement activities, prompted a rush of rulemakings in 2023 and in the first half of 2024.
Risk Management & Governance:
2. Regulatory Intensity – There are regulatory expectations for robust risk management and governance, with an expanding focus on operational and compliance risk. Continued application of, and exam intensity around, heightened standards is expected in the future, across risk pillars and within risk areas.
3. Risk Sustainability – There are regulatory expectations for adoption, functionality, continuous improvement and "sustainability" of risk processes and functions across governance, risk assessments, internal controls, issues management, and challenge. Ongoing supervisory attention to the sustainability of processes is expected for the remainder of the year, particularly around operational resilience, as well as its link to other areas of non-financial risk management.
Financial Risk:
4. Growth & Resiliency – There is ongoing and increasing regulatory focus on capabilities related to liquidity and interest rate risk management, contingency funding, and resolution planning.
5. Capital & Valuations - Regulatory expectations are “leveling-up” on financial risk management practices, with areas of focus that include capital, liquidity and interest rate risk, CRE and consumer credit, strategic planning, board oversight, and reporting. Going forward, there are heightened expectations and supervisory focus in compliance with existing guidance and rules around financial, operational, and risk calculations, as well as on CRE risk management loan classification, regulatory reporting, and accounting considerations on estimating loan losses.
Consumer/Investor Protection:
6. ‘Threat Actors’ – There has been supervisory focus on the expansion of perceived threats and vulnerabilities. Ongoing focus is expected around maintaining comprehensive, compliant BSA/AML/CFT programs, sanctions compliance, and data lineage and quality, transaction monitoring, and threat mitigation and vulnerabilities.
7. Fairness – We have seen legal challenges to rulemakings and a focus on fees and "product risk.” Increasing supervision and enforcement is expected in expanding areas with legal challenges adding to uncertainty and discord around fairness regulations.
Tech and Data Risk:
8. Responsible Systems – Scrutiny of technology, operations, and model/”model-like” use (including AI/GenAI), is ongoing, with a focus on vulnerabilities, security, privacy, explainability, fairness, and integrity. Evaluating AI technologies, conducting ‘red-teaming’ tests, facilitating consensus-based standards and providing testing environments is expected going forward.
9. Security & Privacy – There are ongoing regulatory concerns around data security, management, and privacy driven by security risks spanning cyber and technology to operational, physical, and third parties. Supervision and enforcement of management and oversight of security-related risks is expected, including processes, reporting, remediation, and recovery, as well as supervision and enforcement of compliance with security-related rules and requirements.
10. Data – There is demonstrable and sustainable implementation of heightened standards throughout the data lifecycle. Going forward, increased regulatory scrutiny is expected around governance, universe & tiering, lineage, and management.
The KPMG Regulatory Insights Barometer uses a 10-point scale to assess upcoming regulatory pressure and direction of change. It assesses three attributes for each challenge area: volume, complexity, and impact, and combines them to arrive at a single weighted average indicator of regulatory intensity.
To learn more about the Ten Key Regulatory Challenges of 2024: Mid-year Look Forward report, or to arrange an interview with Amy Matsuo, please contact Andreas Marathovouniotis.
# # #
About KPMG LLP
KPMG LLP is the U.S. firm of the KPMG global organization of independent professional services firms providing audit, tax and advisory services. The KPMG global organization operates in 143 countries and territories and has more than 273,000 people working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such.
KPMG is widely recognized for being a great place to work and build a career. Our people share a sense of purpose in the work we do, and a strong commitment to community service, inclusion and diversity and eradicating childhood illiteracy. Learn more at www.kpmg.com/us.
____________________
2024 KPMG American Perspectives Survey
Amid compound volatility, Americans are optimistic about their own personal finances, but less optimistic about the U.S. economy’s growth prospects.
KPMG Ranks #1 for Quality in AI Advice and Implementation by Source
According to senior buyers of consulting services who participated in the Source study, Perceptions of Consulting in the US in 2024, KPMG ranked No. 1 for quality in AI advice and implementation services.
KPMG Upgrades GenAI Audit Assistant, Unveiling New Capabilities To Empower Its 9,000+ Audit Partners and Professionals
Today, KPMG, LLP, the US audit, tax and advisory firm, announced upgrades to KPMG Audit Chat released in 2023, a proprietary generative AI tool built on Azure OpenAI service, and to KPMG Clara, our global smart audit platform.