The Sarbanes-Oxley Act of 2002 (SOX) changed the way the U.S. looked at managing risk and compliance in the investment banking technology space. It is hard to believe that we soon will see the 15th anniversary of SOX. The Dodd-Frank Wall Street Reform and Consumer Protection Act, meanwhile, is in its sixth year of existence. While many changes have occurred in the technology landscape since 2002, one element has been constant: risk and compliance remain at the core of the banking industry as institutions continue to grow and deliver new, complex service offerings in this highly regulated environment.
“With the emergence of artificially intelligent technologies, we must be mindful that these are tools and strategies that can be used to manage risk”
As the scope of compliance continues to increase, the technology used to support this expansion also has an opportunity to grow. Consider anti-money laundering or operational compliance as examples; these are typically behavioral-based risks that would be good case studies for advanced machine learning (AML) technologies. Data is a powerful tool, and unlike traditional methods for flagging and tracking behavior after the fact, machine learning solutions take information and not only track algorithms to determine patterns or concepts, but also in essence “learn”–from an artificial intelligence perspective–based on the data and the way in which it is processed and interpreted. This learned behavior has the potential to exponentially expand how we monitor and control risk. Whereas traditional data analysis and predicting can take months of human effort, recent examples exist where organizations have been able to compress this process down to less than a week by utilizing advanced data analytics through machine learning. Think about the possibilities when we are able to leverage speed, information, machine learning, and patterns with AML initiatives.
With the emergence of artificially intelligent technologies, we must be mindful that these are tools and strategies that can be used to manage risk. The effectiveness of leveraging these strategies lies in the framework of governance and controls. Factors to consider:
• Sound policies must exist that are regularly reviewed and updated to align with stringent compliance regulations.
• Appropriate due diligence is required around analytics obtained from advanced technologies.
• Data analytics is valuable information if it can be leveraged properly to proactively manage risk and compliance in this space.
• Ongoing value-added education needs to be offered that allows staff to understand their roles and responsibilities in risk and compliance.
• CIOs and our business partners must be aligned so we can collaborate on risk reduction integration with strategic technology roadmaps.
Finally banking risk and compliance will continue to evolve and with the recent election we are heading into a new era with an uncertainty of what will happen over the course of the next four years. As we await the impact of any changes to the regulatory environment, technology needs to be at the center of all risk and compliance related discussions. Historically, technology played a support role for the business, we have seen this change with the rapid growth and agile nature of technology. Thus purposefully shifting the direction to a new world of technology driven compliance.