Kristin Moyer

On 17 June 2009, in a report titled “A New Foundation: Rebuilding Financial Supervision and Regulation,” U.S. President Barack Obama called for “a sweeping overhaul of the financial regulatory system.” (see http://www.ustreas.gov/news/index1.html).  Under the proposal, the federal government will assume a new role as a systemic risk regulator, with increased authority over a wide range of institutions.  This will have a major long term impact on bank technology ,especially as an enabler of regulatory reporting and enhanced managerial control.

 With a few minor exceptions, it is far too early to tell what the results of these proposals will be.  This is but one of a series of sweeping reforms facing a legislature already overwhelmed by economic and political circumstances, both domestic and worldwide as well as lawmakers already engaged for a hotly-contested mid-term election cycle involving the entire House of Representatives and slightly over a third of the US Senate.  Media hype will be high, but actual regulations remain in the indefinite future. It deliberately takes a long, complicated process for an idea to eventually become an actual regulation: these proposals might stall, only to reappear as Executive Orders if banks, long deemed part of the nation’s critical infrastructure, are deemed to be in peril.

 Whatever the outcome, banks should expect to face increased demands from their stakeholders for better visibility and accountability.  Some long-lead technology-related time items should be started now, as they will be useful even if the need for new regulations diminishes.

• Evaluate technology solutions that add speed, transparency, improved analytics and reporting, and worldwide compatibility to risk management and compliance efforts, such as enterprise governance, risk and compliance (GRC) platforms, spreadsheet controls, continuous controls monitoring (CCM), incident management, and policy training and certification.  Demand for this is not going to go away, as it comes in equal part from investors, partners and governments.
• Lower your level of trust: review your partner ecosystem – and map the linkages and potential impacts of technological and partner failure.  Explicitly risk rate each link or critical dependency, and set up a periodic framework for reassessment.
• If you do not have public-policy monitoring capabilities add them now.  If you do, expand them:  expect other governments to come up with similar proposals requiring tracking. Volunteer your enterprise’s skilled staff as expert witnesses, media commentator and information sources.  Participate fully in the commentary process.

We are tracking the technology impacts of the proposals as they develop– keep an eye on the blog for details.