By AI Trends Staff
When US regulators announced a $400 million fine to Citigroup last fall, citing “several longstanding deficiencies” and operational lapses, they teed up the opportunity to suppliers of compliance management software, especially those incorporating AI.
The Federal Reserve and Office of the Comptroller of the Currency said that the bank required “comprehensive corrective actions” and must overhaul its risk management, data governance and internal controls across the company, according to a report from Reuters. The Fed said the action “requires the firm to correct several longstanding deficiencies.”
“For several years, the Bank has failed to implement and maintain an enterprise-wide risk management and compliance risk management program, internal controls, or a data governance program commensurate with the Bank’s size, complexity, and risk profile,” the OCC stated in its consent order.
In a statement, Citi said it was disappointed to have fallen short of regulatory expectations and has “significant remediation projects” under way. Since then it has announced that Chief Executive Mike Corbat would retire earlier than expected and the bank would boost investment in its operational systems by $1 billion.
CEO Jane Fraser, who took over in March 2021, highlighted improving risk and control systems as a priority. “We will invest in our infrastructure, risk management, and controls to ensure that we operate in a safe and sound manner,” she said in a statement quoted by Reuters.
Regulators said Citi has for years failed to address concerns over its operational problems, with some issues dating back to 2013. In recent years, the OCC has hit Citi with more than $70 million in fines for a range of lapses, including violation of fair housing and flood insurance regulations and rules on how long banks can hold foreclosed property, according to Reuters.
Bank Compliance Officers Seek a New Normal
This following a year of COVID-related disruptions to traditional banking practices, a new administration in Washington with shifting regulatory priorities, and continued regulatory change as customer behaviors evolve, leaves bank compliance officers looking to establish a new normal, suggests the writer of a recent account in Risk and Compliance.
“Consider the judicious use of artificial intelligence to automate key elements of your compliance program management processes,” suggested author Elaine Duffus, a senior consultant on the compliance program team at Wolters Kluwer, an information services company based in the Netherlands. However, she suggests, “Traditional approaches to CPM no longer meet the expanded obligations that regulators require, nor do they provide the level of insight and transparency that stakeholders demand today.”
Antiquated processes include: an over-reliance on spreadsheets, manual gathering of regulatory updates, lack of connections between CPM elements. Ideally a company has in place a way to map policies, procedures, training, risks, controls, testing, products and services to address regulatory obligations.
(It’s almost like the government is ordering companies to buy compliance management software.)
In the 2020 Regulatory and Risk Management Indicator survey conducted by Wolters Kluwer, 54% of the 665 US banking respondents reported that they were “concerned” or “very concerned” with their banks’ ability to keep track of new and changing laws, rules, and regulations.
“If your regulatory library is not kept current and used to drive changes to all the other elements of your CPM, it quickly becomes outdated or worse, it can become a source of harm to your customers,” stated Duffus. “That’s where the most bang is—the automation of your regulatory change process. Automation provides the compliance team with the technology, the content and the ability to holistically and collaboratively analyze regulatory changes and their potential impact.”
According to the Wolters Kluwer survey, of the top obstacles cited in implementing an effective compliance program, 46% of respondents ranked manual compliance processes as a 7 or higher concern on a 10-point scale.
She advised a careful review of how the solution provider is applying AI to compliance management. “The best practice would be to consider a solution that includes a human-expert validation step,” Duffus suggested.
Chief Compliance Officer Responsibilities Are Many
The chief compliance officer (CCO) has many responsibilities, as outlined in a recent account in Risk and Compliance written by executives of 4CRisk.ai, a supplier of regulatory compliance software. Regulators expect firms to have the expertise and data needed to:
- Scan the horizon for rule changes applicable to their business and assess the impact on operations;
- Manage a complete and accurate inventory of laws, regulations and industry standards, including internal policies that may have more stringent requirements;
- Understand the impact of enforcement orders against other organizations;
- Perform regular compliance risk assessment on rule changes and business operations to understand the adequacy of policies, controls and employee training.
Sounds like a job for AI.
“Artificial Intelligence can enable firms to identify regulatory requirements and help them ensure that their regulatory requirements are traced end-to-end to their risk and compliance taxonomy,” the authors state. “AI technology can further assess the regulatory changes, identify the impact on the taxonomy and keep the compliance maps updated at scale and in real-time.”
4CRisk.ai was cofounded in 2019 by CEO Venky Yerrapotu, who has experience deploying hundreds of risk and compliance solutions in his 20-year career. He holds an undergraduate degree in production engineering from Osmania University, in Hyderabad, India, and a graduate degree in industrial and management engineering from Montana State University in Bozeman, Montana.
“AI can help CCOs meet all of these obligations by enabling firms to acquire strategic data, unify data lakes and reduce manual labor,” advise the authors. “AI can help a bank make regulatory compliance its superpower.”
Read the source article and information from Reuters, an account in Risk and Compliance written by Elaine Duffus, and another account in Risk and Compliance written by executives of 4CRisk.ai.