Banking Risk and Regulation

📄 Is the weight of paperwork, meetings and training sessions making people unproductive? That’s what JPMorganChase’s CEO and professionals in the three lines of defence are saying, and the chorus is getting louder. Change is afoot, writes Lucy Harley-McKeown. 📉 In February, Jamie Dimon took a stand against bureaucracy. At a town hall, he demanded every department cut down reports, meetings, documents and training sessions by 10 per cent. 🏢 While some administrative bloat might be par for the course in one of the world’s biggest banks, it’s also rife elsewhere. 🗣️ “Too many committees, too many forums, too many workshops. Decks are too long; there are overlaps between committees and business units and groups,” lists KPMG director Colm Laird, ACA CFA when asked what his clients in internal audit complain about. 📋 Since the financial crisis and the rollout of reporting regulations like the Senior Managers and Certification Regime, regulators have demanded firms submit more paperwork. 🔍 Despite complaints, trade groups like UK Finance say they haven’t seen many concrete outcomes of efforts to streamline this. 🔄 Attempts include Transforming Data Collection, an initiative spearheaded by the Financial Conduct Authority and the Bank of England. UK Finance said a banking data review from the Prudential Regulatory Authority was supposed to help reduce firms’ data and regulatory reporting requirements. 🔗 https://lnkd.in/eFi8ySQh #Paperwork #Bureaucracy #Banking

The UK operational resilience framework deadline is today (March 31). Firms have had years to prepare, but you’d be forgiven for needing a quick refresher. Francesca Washtell outlines the key principles and how ‘Ukorf’ differs from the EU’s Dora rules. https://lnkd.in/eMPFguxm #Ukorf #OperationalResilience #Banking #Banks #Dora

The US Office of the Comptroller of the Currency will no longer examine banks for reputation risk. The move has been framed as a push for more straightforward supervision — but to Stephen J. Scott, founder and CEO of Starling, it signals a retreat where reform is needed. Agree or disagree? Let us know at Banking Risk and Regulation. In other news, the Financial Conduct Authority is vowing to communicate better with firms, while supervisors have a word of warning for banks rushing headlong into AI.

📣 The Financial Conduct Authority has to be a “smarter regulator” and communicate better with the firms it supervises, says its director of payments and digital assets. Matthew Long’s frank comments come as the FCA publishes its five-year plan amid a fight for survival among the UK’s beleaguered band of regulators. 🏛️ Two years into his task of improving the UK’s payments industry through supervision and policymaking, Long reflected on the FCA’s contributions at this week’s Pay360 conference in London. 🎯 “Realisation is about doing the things that we said we would deliver,” said Long when asked about bringing the UK government’s National Payments Vision to life. 🤝 “The [memorandum of understanding] says that we as regulators need to work better… But what we’ve got to do is listen to how [firms] want us to work, and some of the feedback we’ve got is, for example, you want us to be very clear about the responsibilities we’ve got and the roles we’ve got and where they duplicate…let’s not do [that].” 💬 He made his comments at a “fireside” chat with Riccardo Tordera-Ricchi, director of policy and government relations at The Payments Association, and Dan Moore, head of strategy, analysis and engagement at the Payment Systems Regulator. The FCA will swallow up the PSR, which is set to be abolished as a standalone regulator as part of the UK government’s efficiency drive. Moore insisted this “streamlining” will bring real benefits. He said: “We see that consolidation of the PSR into the FCA is a natural evolution that will help us build upon the many successes of the PSR of the past couple of years. From [our] perspective, a lot of work we’re doing to deliver impact absolutely does continue.” However, it is unclear how this work will be funded after the PSR is abolished. Its budget for this financial year is £28mn, a fraction of the FCA’s £755mn. Report by Banking Risk and Regulation's editor Farah Khalique. https://lnkd.in/eB2mddYh #Payments #Banking #Regulation

🚫 Sanctioned securities have surged 700 per cent in the past three years. US President Donald Trump’s revived “America First” agenda, combined with the rollback of Biden-era investment frameworks, means further clampdowns are inevitable, writes Oliver Bodmer of SIX. US asset managers must have systems now to track and manage emerging sanctions directives. 📉 When Trump’s first presidency ended in 2020, the US issued sweeping sanctions against China, targeting companies in the military and technology sectors. Now, Trump is picking up where he left off, only more aggressively, with decisions now announced abruptly and at speed. 🧠 Reassessing risk across key sectors is front of mind, as evidenced by the urgent review of Executive Order 14105, which was introduced under President Biden. That order restricted US investments in critical technologies — such as artificial intelligence, quantum computing and semiconductors — in countries of concern, primarily China. 🚀 The new review will go much further and assess whether to restrict investment in additional sectors, such as biotechnology, hypersonics, aerospace, advanced manufacturing, directed energy and other areas implicated by China’s so-called national “military-civil fusion” strategy. 🧾 Asset managers, including investment funds, must now remain vigilant about their exposure to such companies. If these firms are later designated “Specially Designated Nationals” by the US Office of Foreign Assets Control, their assets must be frozen, meaning US persons will be prohibited from transacting with them. Read more below. https://lnkd.in/eJtFEMBm #AssetManagers #Funds #Sanctions #SanctionedSecurities

🏛️ The US Office of the Comptroller of the Currency’s announcement that it will no longer examine regulated institutions for “reputation risk” reflects a healthy desire to be a more straightforward, less subjective supervisor. Alas, it is sounding the retreat where it should be calling for reform. It’s time for an innovative new approach, writes Stephen J. Scott of Starling. ⚖️ The OCC’s decision comes in the wake of investigations by the House Committee on Oversight and Government Reform and the Senate Banking Committee into allegations that some bank customers were “debanked”. Critics argue that this was done under the guise of alleged “reputation risks” that they may have posed when, in fact, they were “arbitrarily” disfavoured by bank executives or regulators. 🗳️ “It doesn’t matter who you voted for, what you believe, or the origin of your last name: people shouldn’t be arbitrarily denied access to their banks, locked out of their accounts, or stripped of their banking privileges,” Senator Elizabeth Warren intoned, in remarks almost certainly aimed at bank executives. 📣 With last week’s announcement, Acting Comptroller Rodney E. Hood likely sought to address a different audience: those frustrated by ‘regulatory over-reach’. 🔒 In an assertion of precedence, Hood insisted that the OCC’s examination process has “always been rooted in ensuring appropriate risk management processes for bank activities, not casting judgment on how a particular activity may fare with public opinion”. 🔎 “Focusing future examination activities on more transparent risk areas improves public confidence in the OCC’s supervisory process and makes clear that the OCC has not and does not make business decisions for banks,” Hood added. 🧩 The Acting Comptroller is right to highlight the importance of transparent regulatory processes. But by stepping back entirely from the oversight of reputation risk, the OCC may be oversimplifying a critical issue rather than resolving it. Read more below. https://lnkd.in/euFEmsTR #ReputationRisk #RiskandCompliance #Banking

The Financial Times’ Digital Assets Summit will feature over 400 leaders from both crypto and mainstream finance. Key topics include the tokenisation of real-world assets, the growing role of digital assets in investment portfolios, and how blockchain technology is being integrated into traditional finance. Download the brochure to view the full agenda, speaker line-up and networking opportunities. Here: https://lnkd.in/eJypDC8y As a valued member of the Banking Risk and Regulation community, you can save 20% on in-person and digital passes. Use code BRR20OFF at digitalassets.live.ft.com #FTDigitalAssets

🤖 Banks cannot expect to crack financial crime by buying expensive AI “off-the-shelf solutions” and using “technology unthinkingly”, UK and European supervisors have told an industry conference. 🧠 Regulators from the Financial Conduct Authority and European Banking Authority (EBA) said firms rushing to deploy artificial intelligence would worsen their fincrime exposure if they don’t assess how these tools aligned with existing risk frameworks. 🔐 David Geale, managing director of the Payment Systems Regulator, which recently came under the FCA’s full oversight, acknowledged that banks needed to keep up with advanced tech being used by fraudsters. But he told the Pay360 conference that the rush to deploy AI at scale came with its own jeopardy. 🛠️ “Technology can be used, but we often see firms take a solution off the shelf and think that’s job done. Testing and adaptation are key.” 🧩 His argument was echoed by Carolin Gardner, head of the EBA’s anti-money laundering and counter-terrorism financing unit, who cautioned against over-reliance on untested tech. 📣 Addressing an audience of payments experts in London, she said: “Technology is something we absolutely favour. But using new technologies is not the same as having effective systems and controls in place.” 🔍 “We’ve seen serious shortcomings in financial institutions that use technology ‘unthinkingly’, [with] the effect of making their financial crimes exposure worse”. 🌍 Gardner cited findings from the EBA’s supervisory database EuReCA — where national supervisors can access AML/CFT insights across the bloc — as a sign of regulatory collaboration. 🏦 Mike Regnier, Santander UK’s CEO, outlined how the bank uses AI to combat fincrime through child exploitation detection, adverse media screening and real-time fraud monitoring. ❗ Citing a report this month by the Financial Action Task Force (FATF) on child sexual abuse, Regnier said an AI-driven transaction model introduced “a few months ago” had flagged hundreds of suspicious activities linked to human trafficking and modern slavery. These matches, he added, had already been passed to the FCA and law enforcement. Report by John Crowley. Read more below. https://lnkd.in/eUCeWFFf #AI #Banking #Banks

With the latest India Cooperative Bank crisis and other banking failures in the past such as Punjab Maharashtra Cooperative Bank and Yes Bank, here’s a broader perspective about what went wrong with the Indian banking system and what could be done to tackle internal corporate governance issues. Check out my latest investigative piece for Financial Times’ Banking Risk and Regulation that reveals mounting concerns from former and present staff at the Reserve Bank of India (RBI) Subhash Garg Dr. Rabi Narayan Mishra Govind Gurnani Madan Sabnavis and others thank you all for your insights. Bridget Leena thank you for teaching us how important it is to have critical thinking. There isn’t a single day that we don’t discuss your classes in the news room. You’re the reason why we are able to do decent job when it comes to coverage of banks and earnings.

❗A year since the ransomware attack on UnitedHealth Group revealed holes in the healthcare giant’s cyber defences, I see similar cracks in banking, declares Rachael Johnson of the Association of Chartered Certified Accountants (ACCA). Can banks learn lessons from the hack amid fast-evolving AI-powered threats, or will history repeat itself? 🖥️ In February 2024, the biggest medical claims clearing house in the US, Change Healthcare, discovered that a Russian-linked ransomware gang had exploited its computer systems, specifically a legacy server lacking multifactor authentication. 🔥 The breach escalated rapidly, meaning this massive risk and compliance oversight at the UnitedHealth Group subsidiary proved costly for both providers and their patients. 📈 By October 2024, the number of affected individuals had risen from 100 million to approximately 190 million. Financially, the toll has been staggering, with losses amounting to billions of dollars. 🏛️ Senior officials at the US Office of Financial Research have pointed out that critical service providers in the financial system have “much in common” with Change Healthcare. 🚨 Now, members of ACCA from banks — accountancy professionals at firms large and small — are urging action to remedy the same red flags. Read more below. https://lnkd.in/esWr9pd2 #Banking #Accountancy #Banks