Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
DIGITAL BANKING
AND
REGULATORY COMPLIANCE
1
Banking – challenging times
• Powerful forces are reshaping the banking industry. Customer
expectations, technological cap...
Digital - in banking space
• Digital is all about making what can be seen unseen –
making services so smooth and seamless ...
Digital evolution in Banking
• Computerization - ALPM , TBA , CBS
• ATM /CDM/ POS / CARDs – Debit / Credit /Wallets
• Inte...
Digital push & Key drivers
• Accurate customers need assessment - combining rich,
varied data from within and from social ...
Digital Challenges
• Indian banking industry is focusing on connecting the dots between
business, operations, technology a...
Compliance and compliance risk
Definition:
• Compliance literally means `obedience’ or ‘dutifulness’. It was essentially a...
Compliance function- Objective
• Regulatory Compliance function is meant for:
protecting the banks against breaches of the...
Regulatory Compliance : Universe
• Important statutes :
Banking Regulation Act
Companies Act
Reserve Bank of India Act,...
BCBS – 10 principles for compliance
1. The bank’s board of directors is responsible for overseeing the management of the
b...
Responsibilities of compliance function
• To assist senior management in managing the compliance risks
• Advise senior man...
Regulatory Compliance - Challenges
• Globalization
• Issues with the corporate governance of complex institutions
• Contin...
Compliance – Challenges- 2
• Regulations are mostly re-active and play catching up game
• Organizations and their advisors...
Challenges: Multitude of Regulations
• Looked at in isolation, a piece of regulation is a relatively simple affair
– a leg...
Cyber security Compliance
• In the digital world, securing critical data, transactions as well as
operations will mean wor...
RBI Additional regulations - on digital
• Report on internet banking laid down clear
regulations for strict compliance for...
Guidelines on cyber security
• Policy on information classification, storage and archiving
• Policy on record maintenance
...
RBI Mandate on regulatory reporting
• The RBI, in 2010, had mandated banks to implement ADF for
more than 150 regulatory r...
RBI Mandate -2
• Master directions and periodic circulars
• Guidelines on KYC/AML , account opening, operations ,
Customer...
Regulatory compliance - Imperatives
• With several global regulatory bodies shifting their focus on the strength
and capab...
Regulatory Compliance - framework
• Each line function should have a strong compliance unit ,
identifying , recording , te...
Compliance : Way Forward
• Compliance function in banks is one of the key elements in the banks'
corporate governance stru...
THANK YOU
Sathyananda Prabhu,
Senior Vice President ,
Lakshmi Vilas Bank,
Email : prabhuss@lvbank.in
Mob : 9442502094
23
Nächste SlideShare
Wird geladen in …5
×

Digital banking an regulatry compliance

1.198 Aufrufe

Veröffentlicht am

Regulatory compliance is a very challenging task for bankers. Digital banking adds to the complexity . Banks need to go beyond regulatory compliance to be safe and successful in digital banking , as regulation is always a caching up game. Police cannot outsmart thief.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

Digital banking an regulatry compliance

  1. 1. DIGITAL BANKING AND REGULATORY COMPLIANCE 1
  2. 2. Banking – challenging times • Powerful forces are reshaping the banking industry. Customer expectations, technological capabilities, regulatory requirements, demographics and economics are creating an imperative to change. Banks and credit unions need to get ahead of these challenges and retool if they are to find success in the upcoming decade. -- By Jeffry Pilcher, CEO/President & Publisher of The Financial Brand • Competition from old and new banks and fintech companies • Economic environment , High NPAs , low growth • Banking industry is going through a very challenging time • Banks respond by going Digital 2
  3. 3. Digital - in banking space • Digital is all about making what can be seen unseen – making services so smooth and seamless that it becomes invisible to the customer. • Digital players like Google, Apple, Facebook and Amazon may become a new kind of bank. These new banks are different from traditional or digital banks, because they are focused on mobile wallets or integrated payment services, and not on savings. Also, with these banks, you won’t be able to take cash out of your bank account: it’s all about digital payments. • There is a big difference between offering specific financial services and being a bank • Partnership between fintech companies is a strong possibility 3
  4. 4. Digital evolution in Banking • Computerization - ALPM , TBA , CBS • ATM /CDM/ POS / CARDs – Debit / Credit /Wallets • Internet banking , Mobile banking • NFC , Wearable – for outdoor micro payments • SMAC ( social , Mobile , analytics , cloud) dominating product development, delivery and customer engagement • Data analytics / Business intelligence /CRM/ Machine learning/Robots • Biometrics/ multi factor authentication for safety of consumer interaction . • Security standards, ISO 27001, COBIT, NIST , COSO 4
  5. 5. Digital push & Key drivers • Accurate customers need assessment - combining rich, varied data from within and from social media -with powerful analytics tools and techniques • Big Data and Analytics • Customizing products dynamically to suit individual needs • designing content tailored for smartphones leveraging the functionality like GPS, camera and access to fast internet - can be a major hook in engaging potential customers , also as a acquisition tool. • Centralization and Automation of various operations and processes enforcing speed and effective controls • Adoption of cloud to reduce cost and time to Market 5
  6. 6. Digital Challenges • Indian banking industry is focusing on connecting the dots between business, operations, technology and regulatory dimensions of the sector. • Challenges from entry of small banks , payment banks and non traditional players – latest technology and no legacy baggage • innovations in the payment space such as mobile money, e-wallets and payment aggregators , collaborating with the exploding e- commerce segment are taking away bank’s cash flows and revenue streams • Fintech companies are setting new standards in innovation, time to market, and customer experience raising demand on banks • Unbundling of banking into small segments • Peer to peer Lending , social media • Crypto currency / Bit coin • Managing Risks arising out of digital • Complying with regulatory framework on digital areas • Innovate of Perish in fast changing digital world 6
  7. 7. Compliance and compliance risk Definition: • Compliance literally means `obedience’ or ‘dutifulness’. It was essentially about complying with regulation and conduct business ethically. • RBI vide its circular dated April 20, 2007, had emphasized on the need to put in place an institutional arrangement which was commensurate with the increasing complexities and sophistication with the banking business. Thus, compliance as a distinct function of the bank evolved • RBI recognized that compliance function was yet to be fully cognizant of the "compliance risk" and the reputational risk arising out of compliance failures causing huge economic costs. • BCBS (2005) had defined compliance risk as being “the risk of legal or regulatory sanctions, material financial loss, or loss to reputation a bank may suffer as a result of its failure to comply with laws, regulations, rules, related self-regulatory organization standards, and codes of conduct applicable to its banking activities. 7
  8. 8. Compliance function- Objective • Regulatory Compliance function is meant for: protecting the banks against breaches of the law, codes and procedures, and ethics covering issues such as ‘KYC’, Anti-money laundering, Market Abuse, conflicts of interest and security of information. • Public perception about compliance standards of an organization has a great bearing on the market capitalization of the company. Eg : ITC , TCS, Infosys • Ghosh Committee report of 1992 introduced compliance in banking ; RBI issued guidelines . • Recommendations of BCBS 8
  9. 9. Regulatory Compliance : Universe • Important statutes : Banking Regulation Act Companies Act Reserve Bank of India Act, Foreign Exchange Management Act,  Prevention of Money Laundering Act Information Technology Act • Regulations by RBI, IRDA and other regulators • standards and codes prescribed by: BCSBI, IBA, FEDAI, FIMMDA etc; • Bank's internal policies and fair practices code. • International standards- Basel II/III • SOX 9
  10. 10. BCBS – 10 principles for compliance 1. The bank’s board of directors is responsible for overseeing the management of the bank’s compliance risk. The board should approve the bank’s compliance policy, including a formal document establishing a permanent and effective compliance function. At least once a year, the board or a committee of the board should assess the extent to which the bank is managing its compliance risk effectively. 3. The bank’s senior management is responsible for establishing and communicating a compliance policy, for ensuring that it is observed, and for reporting to the board of directors on the management of the bank’s compliance risk. 5. The bank’s compliance function should be independent. 6. The bank’s compliance function should have the resources to carry out its responsibilities effectively. 8. The scope and breadth of the activities of the compliance function should be subject to periodic review by the internal audit function. 10
  11. 11. Responsibilities of compliance function • To assist senior management in managing the compliance risks • Advise senior management; • Provide guidance & education on compliance issues; • Identify, measure and assess compliance risks; • Monitor and test compliance and report the findings through the reporting line in accordance with the bank’s internal risk management procedures. • It is widely believed that compliance should always be at the forefront of the employees’ thinking thus underlining the role of “awareness cultivation”. 11
  12. 12. Regulatory Compliance - Challenges • Globalization • Issues with the corporate governance of complex institutions • Continuously changing understanding of sound operational management • Existence of disparate systems – Failure of the systems to talk to each other and data integrity issues prevent taking a holistic view on risk and compliance. • Cyber threats • Parallel compliance and risk initiatives lead to duplication of efforts • Numerous and Changing laws and regulations • Ongoing evolution of products • Determination with governments and regulators to fight money laundering, terrorist financing and other illegal financial transactions 12
  13. 13. Compliance – Challenges- 2 • Regulations are mostly re-active and play catching up game • Organizations and their advisors invent innovative ways to circumvent regulations. The asset quality study conducted by RBI last year in Indian banks is a classic example of this. • Internationally Basel committee norms were introduced to improve governance and compliance standards. Mostly big foreign banks circumvent that by innovative products like derivatives which none understood and regulations were not there on them till big banks started collapsing. • Rating agencies, the defective governing mechanism , further contributing to the failure • Basel- II though good, failed in preventing crisis , because of this catching up game and tricks of such big organizations. • Competitive business environment and faulty incentive structure in the corporate sector. • Scale and scope of both business and regulations makes compliance challenging • Increasing compliance failures, regulatory fines, personal legal sanctions for their management. 13
  14. 14. Challenges: Multitude of Regulations • Looked at in isolation, a piece of regulation is a relatively simple affair – a legal document containing text that describes what needs to be done, by whom, when, and how. Compliance officer can decide what needs to be done to comply and also to demonstrate to the management and regulator. • Multiple regulations, both global as well as regional, have forced banks to look at increasing their resilience around data management. • Regulators are moving from standardized reports based supervision to seeking access to granular underlying data for assessment of the bank’s risk positions. • The expanding ambit of regulatory initiatives such as anti-money laundering, automated data flow, Basel norms, Foreign Account Tax Compliance Act, etc have a common underlying theme of providing accurate and reliable data in a timely manner. • Financial regulators around the world are seeking to ensure banks conduct themselves with a higher level of professionalism and do not facilitate illegal activities through their services • Standardized regulatory tools in the industry supported by a strong data governance structure will become a norm in the industry. 14
  15. 15. Cyber security Compliance • In the digital world, securing critical data, transactions as well as operations will mean working beyond the traditional network walls • Adversaries range from nations states and organised crimes to proactive hacktivists and insiders and also with no resource constraint • Cyber risk management in the business ecosystem is a complex issue, requiring board and managers to engage sophisticated techniques, and new skills and capabilities to be embedded in the people. • With the advent of digital technologies, the amount of data is going to multiply, further increasing the complexity of data management. • Those that are able to build trust with customers and other stakeholders for their digital strategies will be successful. • Cyber security needs to be treated as an enterprise-wide risk for which banks will need to develop a clear risk appetite • Various department employees at all levels (from C-suite to junior management) will require education about cyber threats as cybercrime will no longer be just the domain of the IT or network security function. 15
  16. 16. RBI Additional regulations - on digital • Report on internet banking laid down clear regulations for strict compliance for banking offering internet banking under following broad categories: • 1. Operational risk issues • 2. Cross border issues • 3. Customer protection and confidentiality issues • 4. Competitiveness and profitability issues • Requires Board approved note to be submitted to RBI • Have clear information security policies in place • Regular external audits of information security • Adherence to Guidelines on Risks and Controls in Computers and Telecommunications 16
  17. 17. Guidelines on cyber security • Policy on information classification, storage and archiving • Policy on record maintenance • Adoption of standards for information security management like ISO 27001 , COSO , COBIT, NIST etc., • SOX compliance in applicable cases • Policy, strategy, Role definition and overseeing executive committee on cyber security. • Independent CISO of sufficiently senior management with dotted line reporting to CEO • I S Audit function with CISA qualified Auditors • Independent cyber security audit • Policy on outsourced financial services , annual independent audits, reporting to Board and RBI 17
  18. 18. RBI Mandate on regulatory reporting • The RBI, in 2010, had mandated banks to implement ADF for more than 150 regulatory returns to be submitted at regular intervals. RBI advised using the same ADF platform for generating MIS reports also • Data cleansing to ensure accuracy and consistency of data. • Connection between systems to ensure seamless data flow. Manual intervention should be avoided • Supervisor moving from CAMELS to RBS . The new process depends both on onsite supervision as well as offsite monitoring . Requires flow of large volumes of information from banks regularly including standard Tr-1, IA, 2 and 3 covering operational data as well as information on compliance. • RBI risk rating of banks depends mostly on data submitted • Ensuring accurate , consistent and timely data is the need of the hour . 18
  19. 19. RBI Mandate -2 • Master directions and periodic circulars • Guidelines on KYC/AML , account opening, operations , Customer service • Credit risk management • Fraud detection and reporting • Cash transactions • Digital Payment systems • Forex guidelines, FEMA • Taxation • Gopalakrishna committee recommendations on information technology areas • RBI Directions on cyber security • Fraud risk management policy and startegy 19
  20. 20. Regulatory compliance - Imperatives • With several global regulatory bodies shifting their focus on the strength and capability of IT systems and the state of technology in financial institutions, it has become imperative for banks as well as larger financial institutions to develop an integrated IT system as a solution (instead of the earlier piece-meal approach) that will not only help with the current regulatory guidelines but also any future developments • with the banking system becoming complex by the day and with the growing presence of Indian banks globally, there is a stronger need for Indian banks to start focusing on areas such as data governance and integrated management information system ( MIS) across all business and all regions so that sound business decisions can also be taken based on the accurate information and regulatory compliance also can be ensured. • With numerous digital forays like social media , web sites, market places, mobiles APPs , internet banking , banks need to develop capabilities to comprehensively track all compliance requirements and risk events. • Banks need to go much beyond the regulatory compliance and put proper framework in place to take care of unknown/potential threats/exploits. 20
  21. 21. Regulatory Compliance - framework • Each line function should have a strong compliance unit , identifying , recording , testing and reporting all compliance requirements • Clear definition as to the role of respective lines of business and of centralized GRC functions with regard to compliance responsibilities. • Centralized compliance dept must he headed by a senior , independent functionary and a robust reporting and escalating system be put in place • Have formal co-ordination between line of business, Op risk , compliance and audit functions. • Put in place an end to end compliance framework listing all the regulatory mandates and easily accessible and understandable to all the stakeholders for ready reference. • Governance oversight from senior Management and Board 21
  22. 22. Compliance : Way Forward • Compliance function in banks is one of the key elements in the banks' corporate governance structure. It has to be adequately enabled and made sufficiently independent. • Include PPT in the compliance framework • Each bank has to devise it’s own compliance program, around the culture of the organization, involving all levels of functionaries. • Skilled and trained staff. Staff should have clear understanding of banks business operations as well as regulatory compliance requirements against these activities. • Evolve GRC framework with long term strategies to address Compliance risks around evolving areas of Channels, products, customers, operations. • Data quality, MIS , centralized operations management using technology. • Inculcate compliance culture. In any compliance initiative, people are the weakest link. Provide training and implement incentive and accountability policies for ensuring a compliance culture • As business is on technology platform , Technological capabilities to be leveraged to address the Governance, Risk and Compliance initiatives. • Implement automated compliance management and testing systems 22
  23. 23. THANK YOU Sathyananda Prabhu, Senior Vice President , Lakshmi Vilas Bank, Email : prabhuss@lvbank.in Mob : 9442502094 23

×