Financial institutions need to put conduct risk on same priority level as KYC/AML

KYC and AML have received a lot of RegTech focus, but conduct risk needs to receive more attention, according to Dilip Mohapatra, founder at Cognitive View.

The market dominance of solutions addressing KYC and AML challenges can be seen simply by the volume of capital being invested into the spaces. Since 2014, a total of $10.9bn has been invested into RegTech companies globally, of which, $6.4bn has been deployed to companies building KYC and AML solutions. Priority around these areas is well warranted, with the global financial market being littered with fines for breaches; most notably, the €200bn Danske Bank scandal last year.

Unfortunately, this priority has left other regulatory areas a little more neglected, conduct risk being one of them, according to Dilip Mohapatra. Conduct risk is generally defined as an action which has led to misdirecting a customer negatively or impacted the market stability. There are a number of instances this can occur, such as charging people who are dead, or targeting vulnerable people and mis-selling them products.

Conduct risk might not be topping the priority lists of financial institutions, but it’s not like there are not hefty penalties for breaches. According to a study from CCP Research, the world’s top 20 banks racked up £252bn in fines, legal bills and compensations for poor conduct.

The big financial implications caused by breaches has clearly got the attention of players and regulators and the market is looking to change. Regulators, like the UK’s FCA and Australia’s ASIC are putting more emphasis on conduct risk and promoting RegTechs as a way of combatting challenges. The FCA has made strong moves to changing the culture towards conduct risk, one of these is the release of the senior managers and certification regime (SM&CR). The regulation, launched in 2016, aims to encourage a culture of staff taking personal responsibility for their actions and ensuring firms know where accountability lies.

Mohapatra said, “I think the momentum is picking up and now companies are learning about what conduct risk failures mean and what sort of technology and options are available. It’s definitely a new segment that we are trying to establish, because a lot of RegTech focus has been around AML and KYC, but we are really trying to establish conduct risk as one of the independent and dedicated segments, it should be looked at equally or even more because it’s also a big and pressing problem.”

Regulations like SM&CR has helped put more focus on to conduct risk, as executives and directors can now be found guilty for misconduct. In effect, this is a good way at improving the levels of trust in banks by consumers. If they know a bank would be putting itself into legal challenges for misleading information, they would, in theory, be less likely to do it.

As CEOs are more at risk and tier two/three companies are at risk failing to meet compliance and still making enough direct sales, Mohapatra believes conduct risk should be in the top three or five priorities for businesses. It should particularly be a top priority for the wealth management industry as it has been heavily impacted by revisions on conduct risk as their stockpiles having been significantly damaged, he said.

Some of the bigger financial institutions are helping to address challenges with conduct risk, but mainly on the advisory side, he said. This might be great for the market, but it is not beneficial for everyone and this is where RegTech companies can come in. Unfortunately, he has not seen much work down the route of automating the process or a solution which can improve the culture around conduct.

The keyway of ensuring there are no breaches of conduct is through the monitoring of communication methods. Whether this is via a call centre, email or chatbots, the customer interactions need to be examined to ensure everything is being done correctly and with the customer’s best interests at the centre. Trying to do this manually, especially for large institutions, would be a colossal task. Instead RegTech solutions can easily automate the procedures.

Cognitive View helps companies to ease these burdens, supplying them with data and analytics tools to monitor all communication lines and identify any potential breaches. Its technology can view the entire customer engagement lifecycle and uncover any mis-selling, issues, or unethical practices which have arisen. Additionally, the technology can automate the risk and compliance processes with prebuilt obligation libraries to help enterprises better understand requirements.

Describing an example, he said, “Let’s say a company has terms and conditions for a financial product. They need to show they’re meeting those terms and conditions at their selling points or the communication points, and our technology can look at this and prevent breaches. If you are getting a lot of complaints because customers are not happy, you must address those complaints and we can see if this is part of your standard process and how you handle complaints. Going further int sales and advice, it can look at whether you are giving personal advice or general advice, whether you are actually asking the right questions and advising the customers about the type of disclosures they need to make.”

The company is addressing pressing conduct risk challenges in the Australian and UK markets. In Australia it is the Royal Commission reforms related to misconduct and in the UK it is the FCA’s non-financial misconduct movements.

Earlier in the year, the Royal Commission released a report on the misconduct in the banking, superannuation and financial services industry. It explored whether conduct risk laws could be simplified, how it can be improved to deter misconduct, whether conflict approaches should change, and how good governance and improved culture in financial services could be encouraged. The report highlighted 76 recommendations for change including the expansion of its accountability regime, giving civil penalties for mortgage brokers not acting in the borrowers best interest, annual reviews of fee arrangements and reviews of culture in financial services.

Australia’s views on conduct risk is very similar to the UK’s, with both having the idea that personal accountability and a change of culture shifts are of major significance in improving conduct risk.

A change in behaviours is integral to improving the attitude towards conduct risk. Cognitive View helps organisations get a better view into their workforce through a dashboard. Its conduct risk heatmap can give a risk and compliance officer clear details on how agents or advisors are interacting with customers, whether someone needs more product or compliance training, or maybe staff need to work more on customer empathy. Its analytics sets it apart from other solutions as it can give teams actionable insights which can inspire change. The platform can highlight the five employees which need support or identify 100 customers which are exploring other competitors and might need more engagement to stop this.

Part of this culture change revolves around changing the mindsets of call centres or customer communication methods. Instead of focusing on how well an agent is performing, it should be whether the customer is being served honestly.

He said, “Quality management has been very agent-focused. So, whether he is actually following the procedures and selling what is required to sell. It has been very agent focused and not very customer focused. This is one shift with what’s happening with conduct. That means it will require some sort of education in the market to iterate that the customer is definitely the primary point of focus. You don’t only look at your agent and how they’re doing, but also look at how customers are feeling about it and whether they think that’s the right value for the money.”

There is a lot of talk about AI and the ways it will revolutionise everything we do. Chatbots have become one of the big avenues for this type of technology, enabling businesses to provide consumers with more personalised interactions, without the need of hiring massive teams to cater to more in-depth customer relationships. The good it can do is overshadowing the potential issues ticking away in the background, notably, can AI be responsible? Debates are ongoing on who is responsible for an AI that makes an error, and, in this instance, breaches conduct risk rules.

“Companies are rolling out new chatbots and a lot of the time, don’t properly build them. You may think I have built the bot and taught the bot how it should actually communicate but it’s not the case, the bot can be non-compliant as well.”

In a twist, AI can actually help the monitoring of AI. Cognitive View is using AI to gather all of the unstructured datapoints from various communication methods and generating actionable insights. The technology is capable of automatically identifying obligations which needs to be adhered to, but its predictive capabilities also gives a real-time view of communication lines and detect whether there are breaches happening or not.

Stances on governance, risk and compliance (GRC) are changing and it’s is becoming more of an integral part of operations, particularly in the first line of defence. The first line of defence refers to the to the risk management and internal control measures. According to research from IBM, AI is increasingly being deployed to better manage risk and ensure compliance by boosting the efficiency of GRC processes.

The report puts emphasis on the benefits AI technology can have for the risk and compliance processes, stating it can save time for those conducting initial risk assessments. Leveraging AI to make it a more user-friendly tool will improve the staff’s engagement with the GRC requirements, especially key for regulations like SM&CR.

Mohapatra believes that non-financial risk will lead the next phase of growth in risk and compliance space for financial institutions, and RegTechs will be a big part of this. Non-financial risk is categorised as any type of risk which is not directly involved with the primary business of revenue-generating activities. These types of risks can impact the trust levels with consumers and hinder the reputation and brand of a financial institution. A recent study by Deloitte highlighted the challenges these risks posed and stated that financial institutions need to implement integrated framework to improve management of them.

RegTechs like Cognitive View can be integrated to easily identify instances of manipulation, collusion, improper and unethical practices. Its technology can ensure non-financial risks are being proactively monitored and ensure any regulatory obligations are made clear first and foremost.

Copyright © 2019 FinTech Global

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst


The following investor(s) were tagged in this article.