Banking Risk and Regulation’s Post

Thrilled to share my latest article published today in the Financial Times, Banking Risk and Regulation In this piece, I present a new perspective on the evolving "fit and proper" criteria defined by regulators globally and how the Central Bank of the UAE (CBUAE) is taking the lead in strengthening banking stability. As risks continue to evolve at an unprecedented pace, I explore why a fresh approach to risk governance is critical to ensuring that CROs and financial institutions are equipped to navigate these challenges. Would love to hear your thoughts—how do you see regulatory frameworks adapting to the shifting risk landscape? #RiskManagement #Banking #FinancialRegulation #CRO #Governance #CBUAE

Half of large U.S. banks are reportedly failing on operational risk, as revealed last week in a secret report by a U.S. banking regulator. The Office of the Comptroller of the Currency (OCC) found that 11 out of 22 major banks lack adequate management of operational risk, including cyberattacks and employee errors. This assessment has led to concerns, with the banks receiving low ratings on a five-point management scale. These findings come after three significant banking failures in 2023, prompting U.S. regulators to prioritize risk management. The OCC's assessments form part of the comprehensive CAMELS rating, evaluating various operational aspects to ensure banking stability.

💦 A leak from the Office of the Comptroller of the Currency in July revealed that half of large US banks are seen to have an inadequate grasp on operational risk, from cyber controls to employee blunders and lots in between. Big banks didn’t come off so well in the leak, but neither did the OCC, writes Stephen J. Scott of Starling. 🤫 What the OCC calls ‘confidential supervisory information’ is meant to be kept secret; the disclosure of such information is viewed as theft of government property and is a punishable offence. The leaked CSI thus provides a rare glimpse into the priorities and practices of a principal US banking regulator and reveals where these fall short. 📐 My conclusion? Our current system fails to provide objective measures on how to assess ‘management quality’ and, worse, an insistence on secrecy assures that supervisory subjectivity remains incontestable. Sceptics suggest that regulators like it this way. 🛠 But perhaps they simply lack tools that allow them to put quantitative metrics to qualitative components of risk and the management thereof? 👀 Read more of Stephen's insights below https://lnkd.in/eeFVDJzZ #OperationalRisk #RiskandCompliance #ConductRisk #USbanking

Good to see regulators taking stringent action against non-compliance. For two consecutive years, the bank was assessed to be deficient in its IT risk and information security governance, the RBI said. During subsequent assessments, it was non-compliant with corrective action plans issued by the RBI in 2022 and 2023. #compliance #riskmanagement #kotak #auditing

For two consecutive years, the bank was assessed to be deficient in its IT risk and information security governance, the RBI said. During subsequent assessments, it was non-compliant with corrective action plans issued by the RBI in 2022 and 2023. The compliance statements submitted by the bank were inadequate, incorrect or not sustained. Consequently, the RBI barred Kotak Mahindra Bank from signing up new customers through its online and mobile banking channels, and issuing fresh credit cards, among the toughest curbs imposed on a scheduled bank. https://lnkd.in/gM_EmZUT

UAE Authorities Mandate Registration of Hawala Service Providers The Central Bank of the UAE recently announced the mandatory registration system that has been launched for informal money transfer service providers or money transfer brokers operating within the UAE. The new registration system is in line with the rules and regulations that apply to registered brokers. The system reflects the ongoing efforts of the government authorities and the Central Bank to maintain the integrity of the country’s financial systems. Monitoring and Auditing Hawala Brokers in the UAE All activities of hawala brokers will now be subject to monitoring and auditing by the implementing authorities based on the UAE’s anti-terrorist financing and money laundering regulations. According to the new system, informal money transfer service providers will have to register and report their activities to the Central Bank of the UAE. It is worth noting that hawala brokers provide financial services that facilitate the transfer of money from one individual to another through non-banking settlement methods. The mandatory registration process provides the formal system for regulatory accounting of the various methods adopted by hawala providers in transferring money within and outside the UAE. According to the banking authorities, the Central Bank of the UAE will take all legal measures against hawala brokers who do not register in the new system within less than ninety days from the date of issuance of the system. The procedures must be followed strictly or the authorities will be forced to impose a fine or imprisonment on violators.

These points can be taken into consideration - improving corporate governance, reducing non-performing loans (NPLs), strengthening regulatory oversight, enhancing risk management practices, promoting transparency, and encouraging digital banking innovations. Additionally, stricter enforcement of lending standards and improving financial literacy can help restore stability and trust in the sector.

A concerning report from the USA reveals that half of large US banks are failing on operational risk. According to a secret assessment by the Office of the Comptroller of the Currency, 11 out of 22 large banks have been flagged for having "insufficient" or "weak" management of operational risk. This type of risk encompasses various threats beyond traditional financial risks, such as employee errors, legal issues, natural disasters, and technological failures. The EU is set to enforce the DORA act starting January 2025, while the UK will follow suit in March 2025 with their operational resilience act. It is worrying that 50% of US banks are struggling with this critical aspect of the regulatory framework, especially as additional operational resilience acts are on the horizon. These upcoming regulations will demand heightened levels of diligence and oversight from financial institutions. #OperationalRisk #DORA #OperationalResilience #RegulatoryFramework #BankingSector #RiskManagement Gieom

▶ Examples of #transaction #monitoring in high-vs-low risk situations   You have been landed your dream job as the #AMLCO of a global-wide Banking Institution and few weeks later one of the board members responsible for the Institutions’ #AMLCTF is asking you how you are effectively applying the principle of transaction monitoring, according to the applicable policies and procedures:   ✔ The Answer: According to the #FATF’s #RBA in Banking Institution, monitoring in ⚠ high risk situations is consisted of: 1️⃣ daily transaction monitoring, 2️⃣ manual transaction monitoring, 3️⃣ frequent analysis of information, 4️⃣ considering the in/out bound destination of funds, 5️⃣ establishment of red flags based on typologies reports, 6️⃣ reporting of monitoring results to senior management, 7️⃣ customers’ behavior, 8️⃣ adverse media, etc.   ✔ Monitoring in 🚨 lower risk situations: 1️⃣ thresholds, 2️⃣ low transaction frequency, 3️⃣ automated systems alerts.   📝 Also, the 2014 #BaselCommitteeonBankingSupervision guidance on the Sound management of risk related to money laundering and financing of terrorism sets out in Section II 1 (d), what #banks should consider when assessing whether their monitoring system is adequate. It stresses that a bank should have a monitoring system in place that is adequate with respect to its size, its activities and complexity as well as the risks present in the bank. For most banks, especially those which are internationally active, effective monitoring is likely to necessitate the automation of the monitoring process.