Following new rules means creating a new kind of IT department, one which deploys and manages platforms for quicker response and enables the bank to prove its fiscal fitness. Ernst & Young’s Donald Vangel and Dan Higgins recently discussed the scalpel and the hatchet that await.
Bank Technology News: How extensive is the new legislation for IT shops?
Vangel: The legislation is quite vast in its impact on information, broadly defined. For large institutions, for instance, there will have to be extensive reporting to permit the Financial Stability Oversight Council to define the perimeter of systemically significant firms.
That will include a wide range of data, including counterparty information, and that's very significant. There will also be [rules] regarding the reporting and record keeping for OTC derivatives, and compliance with a new set of rules for a Bureau of Consumer [Financial] Protection, not to mention heightened reporting for prudential supervision generally. Almost every element of the legislation has an impact on data and reporting.
Higgins: There are aspects of the reform that point to new levels of granularity of information that may not be captured by institutions today. There are also significant implications in not just the quality of the data but also the consistency of enterprise definition of data.
These implications will need to be addressed for firms to avoid negative reactions that would come with poor data quality or inconsistent answers.
BTN: How will the legislation's authorization of a council to monitor systemic risk impact strategy for risk management of partners and third parties?
Vangel: An issue that's particularly relevant for macro prudential supervision is the extent to which financial institutions are connected to one another. So at a minimum there will be reporting of a given company's exposure to other large companies and vice versa. Institutions will be required to know what their exposures are to counterparties, manage them effectively, and report them, but there are no requirements to take on responsibility for compliance by counterparty with any particular regulatory standard.
BTN: What kinds of tech projects will the legislation lead to?
Higgins: There's clearly not a silver bullet technology that's going to help organizations address all of the implications of the new regulations. Organizations are likely to take a phased approach, starting with some tactical data quality remediation, risk and capital engine enhancement, and reporting solutions that need to be addressed so firms can comply with the fast track regulations. From there, a more strategic approach will lead to initiatives such as the development of data governance frameworks to bring and maintain data consistency and quality to the enterprise and allow firms to aggregate reporting as required by the various pieces of the legislation. Additionally, one might expect to see organization changes to support a more proactive role by IT in the process of regulatory interaction, interpretation and strategy and design implications.
BTN: Why is the increasing role of IT in high-level corporate management important to comply with enhanced reporting requirements that increase both breadth and depth of reporting?
Higgins: It's important to have controls over the processes and a way of interpreting and addressing the potential implications of the reform package and future reforms on IT architectural and design processes. IT will be heavily involved in strategy so the institutions can practically account for how data will need to be managed.
BTN: If the regulators are taking a position that will increase scrutiny of M&A, are there tech strategies that can be deployed to over come that hurdle?
Higgins: As an early step, firms should assess the complexity of their IT and/or data architecture in the context of their risk profile, business strategy and growth plans. When assessing systemic risk, regulators are likely to consider an organization's ability to integrate the architecture of the firm they are acquiring and the resultant ability to monitor, manage and report on risk, capital adequacy, liquidity, etc.
By taking focused steps to reduce fragmentation and complexity, and improve the integration capabilities of their existing architecture, firms can better position themselves against regulatory challenge.
Examples of this include initiatives such as application and data simplification/rationalization and/or end-user computing strategies to improve control.
BTN: Is there one particular area of data or risk management that the legislation deals with that will require immediate attention, or greater attention than other issues?
Higgins: The fast track areas related to compensation, OTC derivatives, systemic regulation, and living wills imply certain thematic focus areas related to IT and data. These include increased analytic capabilities, enhanced monitoring and reporting solutions, data and model aggregation for annual stress testing and systemic studies, and infrastructure improvements for things such as central clearing interfaces.
In addition to these, a near-term focus will clearly need to be applied on data quality improvements and remediation such that there is improved accuracy and confidence in the report submissions and ad hoc query responses.
This story has been reprinted with permission from American Banker.
Register or login for access to this item and much more
All Digital Insurance content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access