Each year, most financial institutions spend significant time and resources on the compliance risk assessment process. However, many executives still feel that they repeat the same labor-intensive process for marginal benefit.
- As a Compliance lead, does the risk assessment help you meaningfully prioritize activities across businesses and corporate functions?
- As a senior executive, does the assessment help you formulate a view on the organization’s top areas of regulatory concern?
We believe that at many banks the answer to these questions is “no.”
In this paper, we discuss recent progress made by the industry as well as key remaining challenges facing many institutions. We provide recommendations for how to address these common hurdles and unlock greater benefits from the compliance risk assessment process. Specifically, we provide ideas for how firms can further leverage data to increase automation, foster stronger engagement from senior leadership, gain a better understanding of emerging risks and control strength, and ensure the assessment process drives action.
In our experience, the most effective compliance risk assessments are those optimized to work within the institution’s unique set-up and circumstances, not necessarily ones with the most advanced features
With some practical adjustments, we believe that most compliance risk assessments can be made more robust and shed more light on where to focus time and attention. It should also improve the chances of preventing incidents, or at least detecting them earlier.
Our paper offers simple no regret moves you can implement this year to get the assessment to work for you. With the right construct and role, the compliance risk assessment can act as the spotlight that guides you to focus on the highest areas of compliance risk.