Financial services– Risk and compliance solutions
HCLTech’ Risk & compliance solutions team helps banks and financial services institutions in mitigating the challenges arising from the impact of dynamic regulations, financial crime, cybersecurity threats and emerging technologies.
Risk has taken a new dimension after the global financial crisis of 2008 in which huge losses from over-the-counter (OTC) derivatives caused the global financial services upheaval.
The Basel Committee on Banking Supervision (BCBS) initiated the Fundamental Review of the Trading Book (FRTB) in the years following the financial crisis of 2007-2009, with the aim of completely revising the approach to calculating risk-based capital requirements for trading activities (i.e., market risk capital). BCBS introduced the so-called “Basel II.5” package of reforms. This included a significant increase in the market-risk capital standards for banks while increasing the overall quantum of capital required for market risk.
Banks have subsequently been asked by regulators to carry out improved risk measurement and de-risk their exposures to counterparties. Financial markets typically face financial risk due to changes in interest rates, foreign exchange rates and commodity and asset prices. This increases the possibility of default by individual companies and consequently the sectors they operate in.
We serve our banking clients worldwide to ensure compliance with risk frameworks stipulated in the Basel Accords. By implementing both qualitative and quantitative approaches in financial risk management, HCLTech protects economic value in the trading and holding of financial instruments by pricing, tracking, reporting and exposing its risks.
Recognized by Everest as a leader in its peer group and also in enterprise risk management in the financial services industry, HCLTech’ Risk & compliance services offer RegTech compliance solutions for banks. These tailor-made solutions enable our clients to tackle financial crime and be fully compliant with the respective laws, regulations and the codes of conduct applicable to their banking activities. Through innovative solutions, we support financial services clients to mitigate the risk of legal or regulatory sanctions, material financial loss or loss in reputation.
Business situation
Banks
- Brexit: Over 5500 banks are going through business transformation due to Brexit passporting. Financial institutions operating in the UK no longer have access to the EU market regulatory equivalence granted by the EU.
- Market Risk (FRTB): All banks are required to calculate and report market risk capital requirements under the Standardized Approach (SA). Global banks opting for Internal Model Approach (IMA) for optimizing capital requirements will also have to incorporate significant changes like switching from Value at Risk (VaR) to Expected Shortfall (ES) and Stressed ES
- ISO 20022: Globally, high value systems like SWIFT Worldwide, Target2, EBA and others are mandating the implementation of ISO 20022. By 2025, it will be the universal standard for high or large-value payments and systems of all reserve currencies.
Insurers
- IFRS 17 will be implemented by January 2023. Accounting rules have changed for the first time in 20 years.
- Modernization of insurers’ platforms are a business opportunity to change the legacy systems.
- Prior to IFRS17, actuarial and accounting systems were not integrated. IFRS 17 will bring risk, actuarial and finance systems together.
- A modern accounting system will be implemented in the industry.
Capital markets
- The market size of alternative investments in hedge funds, private equity funds and real estate funds in Europe since AIFMD has grown to €5 trillion.
- AIFMD and MiFID II regulate financial markets in the EU and aims to improve protection for investors and standardize practices across the region.
- Better technology and automation helps in tracking one-off and ongoing charges as well as incidental and transaction costs for each fund.
- Compliance aids price transparency, disclosure of fees, investment product analytics, performance and investor reporting.
Business Continuity and Resilience (BCR)
- BCR solutions are expected be a $25 billion market by 2025.
- Amidst economic, political, pandemic-related and geo-specific influences, it is very critical for the BCR teams to steer an enterprise to function.
Cyber risk
- Cyber risk solutions market is expected to be a $40 billion industry by 2023. Enterprises have increased their budget by 75% to save them from cybercrimes.
- Typical spend is on Governance, Risk and Compliance (GRC), infrastructure and cloud security, application security, IDAM (Identity Access Management), and BCR/DR(Business Continuity and Resilience/Disaster Recovery).
Cloud and digital technologies
- Digital transformation industry is expected to reach $1.2 trillion mark by 2025 with a focus on workflow automation, OCR, advance analytics, RPA, and AI/ML.
- Financial services industry would enable the above by establishing a digital risk office where IT, data and analytics teams would work together to monitor financial risk.
- Leveraging digital tools in Comprehensive Capital Analysis and Review (CCAR) techniques can assist in achieving greater efficiencies in capital management.
Regulatory compliance
- The Governance, Risk and Compliance market is expected to reach $60 billion by 2025 with RegTech in financial services set to grow by about $20 billion by 2025.
- With an integrated GRC system, businesses can save huge costs on regulatory compliance, thus avoiding hefty fines and ensuring business continuity.
- Risk & compliance Industry advocates integrated GRC policies that are implemented at the department or business unit level, but from which business benefits are reaped at an enterprise lcvel.
Financial risk
- Solutions for financial risk management which includes credit risk, market risk, liquidity risk and operational risk is to be valued at $45.9 billion by 2025 through cognitive processes and AI as well as third-party data engines.
- New financial regulations and reporting standards across the globe encourage the use of big data and analytics applications.
- Big data and risk analytics in financial services can capture relevant customer information and make decisions on credit risk, detect financial fraud or crime and deal with other issues related to the portfolio of customers.
Financial crime compliance
- Financial crime compliance is expected to be valued at $38.2 billion by 2025 with focus on KYC, alert/case investigation management, fraud detection and screening.
- Cognitive decision-making and advanced artificial intelligence (AI)-based algorithms can be used in automating the decision making process. Additionally, they can also be used to detect fraud before it’s too late.
Challenges and opportunities
- Regulatory/Industry considerations
- Emerging technologies
- FinTechs / RegTechs (Disruption)
- Transformation and change management
Regulatory/Industry considerations
-
Brexit
The UK has left the EU with a trade deal for goods and services but no deal for financial services firms. UK financial services firms no longer have passporting services into the EU. UK banks, insurers and asset managers will have to seek continuity of existing entry to the EU financial services market through equivalency measures granted by the EBA(European Banking Authority) and ESMA(European Securities and Markets Authority ). Divergence in regulatory rules between the UK and the EU will lead to adaptations of the new framework.
-
ISO20022
ISO 20022 is a replacement to SWIFT. This is a single interoperability messaging format for all the banks in Europe and the UK which will be implemented by November 2022 for some, and by the end of 2023 for all.
-
Basel IV
Rules are in place for calculation of credit risk, operational risk, credit value adjustment, output floor and leverage ratio. The overall changes will be realized in the business model, system and data, risk management, impact analysis and implementation of projects.
-
GDPR
The General Data Protection Regulation (GDPR) is a regulation in the EU to protect a citizen’s personal data. This simplifies the regulation of monitoring personal data across borders and brings a single-window system to manage private data.
-
MIFID2
MiFID rules aim at creating a single and competitive market landscape while facilitating cross border transactions, increasing market transparency and improving investor protection. Its scope includes financial investment, trading and participants including bankers, traders, fund managers, exchange officials, brokers, firms, as well as institutional and retail investors.
Emerging technologies
-
AI/Machine learning
Financial services companies are using AI and machine learning in a wide range of settings. AI is used in financial crimes, loan processing, and predominantly in risk management.
-
Cloud
Cloud is an estimated $27 billion market to address concerns such as open banking and open markets to share third-party APIs. All this, while also reducing operational expenses and not compromising on security.
-
Digital
The key focus areas are workflow automation, optical character recognition, advanced analytics and RPA. The industry can implement digitalization by establishing a digital risk office where IT, data and analytics teams could work together to monitor credit risk, market risk, operational risk and improve CCAR. A streamlined business process through GRC helps keep data quality high and relevant information accessible to concerned stakeholders in a matter of clicks, thus smoothening the business decision-making.
-
IAM (Identity Access Management)
Enterprise-wide IAM is being implemented to avoid data and security breaches. This will assure end clients about their financial services brokers’ confidentiality. In addition to IAM, companies are advocating private access management.
-
DLT
Implementing block-chain technology in the financial services industry would bring transparency in dealings, faster and automatic execution of transactions and improved security. Currently, this technology is extensively used in the Banking & Payments industry.
FinTechs / RegTechs (Disruption)
-
Fintech
To meet Generation Z’s banking experience expectations, several FinTech are focusing on innovation which has led to newer business models and superior customer experiences. Most of the FinTech focus is on banking, consumer lending, payments and mortgages. This has resulted in neo/challenger banks, building newer markets and commodities for trading.
-
Regtechs
RegTech companies bring in uniform regulatory and compliance offerings as per the industry standards. Companies build a CDM (Continuous Diagnostics and Mitigation) for easy consumption of changes. They are offered as on-demand services so that the vendors can easily integrate them. With an integrated GRC system, businesses can cut costs on regulatory compliance by avoiding hefty fines.
Transformation and change management
The objectives of organizations are to implement new technologies to achieve greater efficiencies and save costs as well as to ensure regulatory compliance. To achieve these goals, enterprises leverage change management and transition management programs of work. With change champions and key metrics in place, organizations drive both business-level changes as well as IT changes. Adaptive firms also monitor business model changes arising from emerging technologies and FinTech. By taking a forward-looking approach, firms eliminate the fear of missing out. This means that a successful organization manages challenges and opportunities thrown by the industry and leverages transformation and change management, allowing its business to be subsequently transformed.
Solution building blocks
Credit, market, liquidity, stress testing
Capital, MIFID 2 transactions, AIFMD, IFRS17
KYC and client onboarding, AML
Process risk management and assurance, processes analytics
GRC tools, data security and privacy, IAM
BCBS 239, risk and finance alignment, big data implementation and analytics
Infrastructure operations, cloud security and support, application operation and support, application development and maintenance, COTS product implementation and managed business services (BPO)
Collaterals
Success story
Functional Area: Model Development
Engagement Description :
The bank had been struggling to get validation of credit risk models for approval by the regulator. The bank reached out to HCLTech for performing an independent audit and deep dive validation of their key credit risk lending models
HCLTech Solution:
Assessment, review, and challenge of the outputs of the Irish Banks’ model validation program. Devised co sourcing test plan for testing periodic validations of the 5 IRB Credit Risk Models. Conducted Tests on the risk models including Mortgage PD andCorporate PD, , drafted the final audit report for R&C assessment. HCLTech played a role in the client’s 3rd line of defense supporting the Risk Audit function. The results of the Audit was used to gain local Regulatory Supervisor approval, ensuring the right level of testing and controls work was deployed to independently validate the client’s Risk modeling. The R&C validation unit and co-sponsored project steering review team setup by HCLTech became part of the governance framework for the overall Risk Audit, thereby ensuring scrutiny, high quality results and adherence to the local central bank and Basel regulations.
Benefits:
- All tests in the Audit plan were executed as pertaining to the overall Risk Audit schedule communicated in the governance status reports.
- Issues identified on collateral data feeding into the rating systems allowed client to note to regulator dealing with IRB model approval to plan for any further remediation work with HCLTech able to support.
- Recommendation given to automate the current Audit capture and workflow system a manually intensive process and offer better solutions to undertake the same functions without the need for so much manual intervention. Identified future benefit for audit team to reduce audit times as well as make improvements on documentation and align to the banks strategy around maintaining an efficient digital footprint.
- Business processes for SAS data capture and transfer flagged for future improvements. HCLTech able to offer AI, machine learning and Risk analytics products Actian Vector which can perform Risk aggregations and produce complex Risk calculations to enable risk processing and improve data quality
Compiled final results of IRB model review
Functional Area: IFRS 9 Compliance & Forecasting Credit Losses
Engagement Description:
The bank must be enabled to be compliant with the IFRS9 regulations within strict timelines and be able to forecast credit losses
HCLTech’s Solution:
Analysed data gaps (Risk data including PG, LGD, EAD) proposed data solution, performed data modelling, designed and built IFRS 9 data mart. Involved in the requirements gathering, analysis, design and development phase to provide impairment related data to comply with the regulations from IASB. The reporting framework applied disclosure requirements, prepared group financial reports including the banks subsidiaries. This was a global solution for the bank which covered Europe, Middle East, APAC & Africa.
Benefits:
Avoided huge penalties and business restrictions due to compliance with IFRS 9 and was able to produce a daily feed of data without compromising on processing time and data quality. The bank had seamless coordination amongst risk, business and finance units.
Functional Area: Enterprise-wide multi-year Risk Transformation Program
Engagement Description:
Define a consolidated solution platform to deliver requirements across key strategic risk transformation work streams (EC, Modelling, Stress Testing, Risk MI)
HCLTech’s Solution:
HCLTech’s Architects followed the TOGAF standards to develop a target architecture view by using a scorecard-based evaluation of vendor platforms. The participants in this activity were the key business and IT sponsors’ who ranked the vendor platforms and provided an objective measure for future vendor selection. HCLTech helped define and build the Enterprise architecture and Risk transformation Program architecture to address all corners of the business. The R&C models were implemented on data, business, technology, and application. Several interfaces were created amongst these pillars to eliminate risks and adhere to organization, and industry compliance methodologies.
Benefit:
A governing organization was setup to enable strategy, ensure review boards were the check posts, optimal portfolio management, and technology lifecycle roadmaps were in place. This resulted in achieving the target architecture using industry best practices and provided objective criteria for vendor solution evaluation, resulting in robust decision making; Generated TCO reduction of c. 30% Application simplification (12 platforms rationalised to 2)
Functional Area: Building a Market Risk Platform
Engagement Model:
HCLTech has implemented a bespoke Market Risk Platform. As a part of implementation HCLTech has owned end-to-end delivery of the Platform, Change Management, & Transition Management
Solution:
HCLTech has supported the bank in implementation, and transformation of its Market Risk Management Landscape through changing economic conditions and evolving regulatory norms covering all measures required for Basel II, II.5 and III. The platform has helped in achieving insights and transparency into the banks risk exposures, from clearing and settlement costs and uncertainties. The platform has optimized processes, worked collaboratively with all the business functions, and drove operational excellence.
Benefit:
Progressive reduction of 80% in calculation runtimes along with massive increase in transaction volumes in Credit and Market Risk Landscape. The strategic risk data lake continuously acquired data and performed high speed provisioning. The reference, operational and market data were used for further risk analytics & reporting at strategic, operational and tactical levels. Multiple layers were built on the platform for producing dimensional reports in Finance & CCAR.