Author: Acin – acin.com
Global bank meets regulator deadline using Acin AI
This customer was already a member of the sales & trading network for 2 years, giving them insight into how their peers were interpreting regulations, and ensuring risk control completeness.
Quarterly data updates from peers enabled them to constantly recalibrate against network changes following new regulations, and evolving best practice.
However, a consent order required them to describe their current state and remediation plans in detail across the bank by late summer. They were given 2 years and the window was closing fast.
The transformation team of 50 comprised a sizable program management group liaising with control owners in the US, Europe and APAC, but whilst working evenings and weekends, deadlines were looking unattainable.
The main problem lay in the laborious work that was identifying only those controls that directly mitigated a risk, because the volume under management had grown uncontrollably to 18,000 controls over previous years. And the approach that had been designed to complete the task of connecting up process to risks to controls was being implemented on a risk type basis.
This required all firm-wide risk stripes to have been processed and connected up before front to back visibility of any division was available. Not being able to at least report on remediation status of Sales & Trading to the regulator on time was going to be an issue.
Acin agreed to provide a view into the health of the data and preliminary completeness for sales & trading plus corporate finance as an interim solution. We took all this data, and returned an analysis 6 weeks later, summarized as follows:
- 18% preliminary missing (controls being operated by peer banks).
- 7% of the controls were unique to this firm (controls not operated by others).
- 50% comprised duplicates and proliferated controls, plus a further 12% non-controls, representing a huge opportunity for efficiencies.
- Further ownership inconsistencies were identified, plus over reliance on detect versus prevent controls across key risk stripes versus other banks.
This understanding of the risk control process landscape enabled the transformation team to prepare an initial completeness report to the regulator, and then prioritize efforts required to connect control only data to risks and process.
Overall, delivery timescales for various value drops were brought forward by many months.