Risk & Compliance Solutions | HCLTech

Financial services– Risk and compliance solutions

HCLTech’ Risk & compliance solutions team helps banks and financial services institutions in mitigating the challenges arising from the impact of dynamic regulations, financial crime, cybersecurity threats and emerging technologies.

Risk has taken a new dimension after the global financial crisis of 2008 in which huge losses from over-the-counter (OTC) derivatives caused the global financial services upheaval.

The Basel Committee on Banking Supervision (BCBS) initiated the Fundamental Review of the Trading Book (FRTB) in the years following the financial crisis of 2007-2009, with the aim of completely revising the approach to calculating risk-based capital requirements for trading activities (i.e., market risk capital). BCBS introduced the so-called “Basel II.5” package of reforms. This included a significant increase in the market-risk capital standards for banks while increasing the overall quantum of capital required for market risk.

Banks have subsequently been asked by regulators to carry out improved risk measurement and de-risk their exposures to counterparties. Financial markets typically face financial risk due to changes in interest rates, foreign exchange rates and commodity and asset prices. This increases the possibility of default by individual companies and consequently the sectors they operate in.

We serve our banking clients worldwide to ensure compliance with risk frameworks stipulated in the Basel Accords. By implementing both qualitative and quantitative approaches in financial risk management, HCLTech protects economic value in the trading and holding of financial instruments by pricing, tracking, reporting and exposing its risks.

Recognized by Everest as a leader in its peer group and also in enterprise risk management in the financial services industry, HCLTech’ Risk & compliance services offer RegTech compliance solutions for banks. These tailor-made solutions enable our clients to tackle financial crime and be fully compliant with the respective laws, regulations and the codes of conduct applicable to their banking activities. Through innovative solutions, we support financial services clients to mitigate the risk of legal or regulatory sanctions, material financial loss or loss in reputation.

Business situation

Challenges and opportunities

  • Regulatory/Industry considerations
  • Emerging technologies
  • FinTechs / RegTechs (Disruption)
  • Transformation and change management

Regulatory/Industry considerations

  • Brexit

    The UK has left the EU with a trade deal for goods and services but no deal for financial services firms. UK financial services firms no longer have passporting services into the EU. UK banks, insurers and asset managers will have to seek continuity of existing entry to the EU financial services market through equivalency measures granted by the EBA(European Banking Authority) and ESMA(European Securities and Markets Authority ). Divergence in regulatory rules between the UK and the EU will lead to adaptations of the new framework.

  • ISO20022

    ISO 20022 is a replacement to SWIFT. This is a single interoperability messaging format for all the banks in Europe and the UK which will be implemented by November 2022 for some, and by the end of 2023 for all.

  • Basel IV

    Rules are in place for calculation of credit risk, operational risk, credit value adjustment, output floor and leverage ratio. The overall changes will be realized in the business model, system and data, risk management, impact analysis and implementation of projects.

  • GDPR

    The General Data Protection Regulation (GDPR) is a regulation in the EU to protect a citizen’s personal data. This simplifies the regulation of monitoring personal data across borders and brings a single-window system to manage private data.

  • MIFID2

    MiFID rules aim at creating a single and competitive market landscape while facilitating cross border transactions, increasing market transparency and improving investor protection. Its scope includes financial investment, trading and participants including bankers, traders, fund managers, exchange officials, brokers, firms, as well as institutional and retail investors.


Emerging technologies

  • AI/Machine learning

    Financial services companies are using AI and machine learning in a wide range of settings. AI is used in financial crimes, loan processing, and predominantly in risk management.

  • Cloud

    Cloud is an estimated $27 billion market to address concerns such as open banking and open markets to share third-party APIs. All this, while also reducing operational expenses and not compromising on security.

  • Digital

    The key focus areas are workflow automation, optical character recognition, advanced analytics and RPA. The industry can implement digitalization by establishing a digital risk office where IT, data and analytics teams could work together to monitor credit risk, market risk, operational risk and improve CCAR. A streamlined business process through GRC helps keep data quality high and relevant information accessible to concerned stakeholders in a matter of clicks, thus smoothening the business decision-making.

  • IAM (Identity Access Management)

    Enterprise-wide IAM is being implemented to avoid data and security breaches. This will assure end clients about their financial services brokers’ confidentiality. In addition to IAM, companies are advocating private access management.

  • DLT

    Implementing block-chain technology in the financial services industry would bring transparency in dealings, faster and automatic execution of transactions and improved security. Currently, this technology is extensively used in the Banking & Payments industry.


FinTechs / RegTechs (Disruption)

  • Fintech

    To meet Generation Z’s banking experience expectations, several FinTech are focusing on innovation which has led to newer business models and superior customer experiences. Most of the FinTech focus is on banking, consumer lending, payments and mortgages. This has resulted in neo/challenger banks, building newer markets and commodities for trading.

  • Regtechs

    RegTech companies bring in uniform regulatory and compliance offerings as per the industry standards. Companies build a CDM (Continuous Diagnostics and Mitigation) for easy consumption of changes. They are offered as on-demand services so that the vendors can easily integrate them. With an integrated GRC system, businesses can cut costs on regulatory compliance by avoiding hefty fines.


Transformation and change management

The objectives of organizations are to implement new technologies to achieve greater efficiencies and save costs as well as to ensure regulatory compliance. To achieve these goals, enterprises leverage change management and transition management programs of work. With change champions and key metrics in place, organizations drive both business-level changes as well as IT changes. Adaptive firms also monitor business model changes arising from emerging technologies and FinTech. By taking a forward-looking approach, firms eliminate the fear of missing out. This means that a successful organization manages challenges and opportunities thrown by the industry and leverages transformation and change management, allowing its business to be subsequently transformed.


Solution building blocks

Risk measurement and monitoring
Credit, market, liquidity, stress testing
Finance and Regulatory reporting
Capital, MIFID 2 transactions, AIFMD, IFRS17
Financial Crime and Surveillance
KYC and client onboarding, AML
Qualitative Risk management
Process risk management and assurance, processes analytics
Governance and Compliance analytics
GRC tools, data security and privacy, IAM
Data management and services
BCBS 239, risk and finance alignment, big data implementation and analytics
Infrastructure operations, cloud security and support, application operation and support, application development and maintenance, COTS product implementation and managed business services (BPO)
Financial change management, domain-based advisory, consulting and co-sourcing

Success story

Singaporean Multinational Banking and Financial Services
Large Irish Bank

Functional Area: Model Development

Engagement Description :

The bank had been struggling to get validation of credit risk models for approval by the regulator. The bank reached out to HCLTech for performing an independent audit and deep dive validation of their key credit risk lending models

HCLTech Solution:

Assessment, review, and challenge of the outputs of the Irish Banks’ model validation program. Devised co sourcing test plan for testing periodic validations of the 5 IRB Credit Risk Models. Conducted Tests on the risk models including Mortgage PD andCorporate PD, , drafted the final audit report for R&C assessment. HCLTech played a role in the client’s 3rd line of defense supporting the Risk Audit function. The results of the Audit was used to gain local Regulatory Supervisor approval, ensuring the right level of testing and controls work was deployed to independently validate the client’s Risk modeling. The R&C validation unit and co-sponsored project steering review team setup by HCLTech became part of the governance framework for the overall Risk Audit, thereby ensuring scrutiny, high quality results and adherence to the local central bank and Basel regulations.

  • All tests in the Audit plan were executed as pertaining to the overall Risk Audit schedule communicated in the governance status reports.
  • Issues identified on collateral data feeding into the rating systems allowed client to note to regulator dealing with IRB model approval to plan for any further remediation work with HCLTech able to support.
  • Recommendation given to automate the current Audit capture and workflow system a manually intensive process and offer better solutions to undertake the same functions without the need for so much manual intervention. Identified future benefit for audit team to reduce audit times as well as make improvements on documentation and align to the banks strategy around maintaining an efficient digital footprint.
  • Business processes for SAS data capture and transfer flagged for future improvements. HCLTech able to offer AI, machine learning and Risk analytics products Actian Vector which can perform Risk aggregations and produce complex Risk calculations to enable risk processing and improve data quality

Compiled final results of IRB model review

Traditional 'Big Four' Irish banks
A Leading UK Bank

Functional Area: IFRS 9 Compliance & Forecasting Credit Losses

Engagement Description:

The bank must be enabled to be compliant with the IFRS9 regulations within strict timelines and be able to forecast credit losses

HCLTech’s Solution:

Analysed data gaps (Risk data including PG, LGD, EAD) proposed data solution, performed data modelling, designed and built IFRS 9 data mart. Involved in the requirements gathering, analysis, design and development phase to provide impairment related data to comply with the regulations from IASB. The reporting framework applied disclosure requirements, prepared group financial reports including the banks subsidiaries. This was a global solution for the bank which covered Europe, Middle East, APAC & Africa.


Avoided huge penalties and business restrictions due to compliance with IFRS 9 and was able to produce a daily feed of data without compromising on processing time and data quality. The bank had seamless coordination amongst risk, business and finance units.

Life and General Insurance Agencies in Singapore
A Leading UK Bank

Functional Area: Enterprise-wide multi-year Risk Transformation Program

Engagement Description:

Define a consolidated solution platform to deliver requirements across key strategic risk transformation work streams (EC, Modelling, Stress Testing, Risk MI)

HCLTech’s Solution:

HCLTech’s Architects followed the TOGAF standards to develop a target architecture view by using a scorecard-based evaluation of vendor platforms. The participants in this activity were the key business and IT sponsors’ who ranked the vendor platforms and provided an objective measure for future vendor selection. HCLTech helped define and build the Enterprise architecture and Risk transformation Program architecture to address all corners of the business. The R&C models were implemented on data, business, technology, and application. Several interfaces were created amongst these pillars to eliminate risks and adhere to organization, and industry compliance methodologies.


A governing organization was setup to enable strategy, ensure review boards were the check posts, optimal portfolio management, and technology lifecycle roadmaps were in place. This resulted in achieving the target architecture using industry best practices and provided objective criteria for vendor solution evaluation, resulting in robust decision making; Generated TCO reduction of c. 30% Application simplification (12 platforms rationalised to 2)

Australian Multinational Bank
A Large European Investment Bank

Functional Area: Building a Market Risk Platform

Engagement Model:

HCLTech has implemented a bespoke Market Risk Platform. As a part of implementation HCLTech has owned end-to-end delivery of the Platform, Change Management, & Transition Management


HCLTech has supported the bank in implementation, and transformation of its Market Risk Management Landscape through changing economic conditions and evolving regulatory norms covering all measures required for Basel II, II.5 and III. The platform has helped in achieving insights and transparency into the banks risk exposures, from clearing and settlement costs and uncertainties. The platform has optimized processes, worked collaboratively with all the business functions, and drove operational excellence.


Progressive reduction of 80% in calculation runtimes along with massive increase in transaction volumes in Credit and Market Risk Landscape. The strategic risk data lake continuously acquired data and performed high speed provisioning. The reference, operational and market data were used for further risk analytics & reporting at strategic, operational and tactical levels. Multiple layers were built on the platform for producing dimensional reports in Finance & CCAR.