How FNZ is improving the foundations of a three lines of defence model 

It is no secret that regulators around the world are becoming increasingly tougher on financial services companies. There is an unrelenting level of regulation being drafted and fines are hitting eyewatering sums. A report from Finbold pegged fines for non-compliance with AML, KYC and data privacy regulations at a total of €12bn in 2020.

Not only do firms have the pressure of being slapped with a hefty fine, but there are also the hefty costs they have with internal compliance processes. According to a report from 1RS Risk Solutions, financial firms spent a combined total of $213.9bn in 2021 for maintaining compliance – a rise of 16% on 2020. Not only is there a monetary price, but also human cost, with compliance teams swelling to handle the increased pressures. With some companies having thousands of annual KYC reviews, there are masses of people forced to complete mundane admin tasks.

Obviously, the market has seen a mass adoption of technology, with RegTech now a $15bn valued industry. However, a lot of the solutions are not as useful for a firm as they could be. Mark Shields, Solutions Director at FNZ, said, “A lot of them are point solutions. So, they solve a specific thing very well, whether it’s a screening solution or surveillance solution, but it’s often not joined up. There’s a lot of manual work undertaken, for example, political exposure checks (PEPs), media searches, and so forth. So, all of the different people involved in this process often have to work with multiple systems, and that leads to problems of data loss, auditability, and things like that.”

With so many challenges, a lot of firms are trying to get their three lines of defence models into place. This is an approach to risk management that separates the monitoring of compliance across three main groups. The first layer of the defence model involves the staff that are front lines, i.e, account managers, client-facing teams and support staff, and they handle the majority of the regular checks.

Layer two is based around providing the first layer with the policies, frameworks, tools, techniques and support needed. The final layer is for the internal and external auditors, independently assessing and reporting on the work of the former layers.

The reason this model is so popular is because it is efficient. Shields said, “All banks want to do an effective, robust job at being compliant and putting in the right processes. But they need to do that in a sensible way. If you did all the compliance checks centrally, in one place, you’d end up with huge bottlenecks and a huge amount of complexity in the organisation.” The three line defence model ensures teams run their compliance procedures more efficiently.

Challenges with the model

One of the biggest hurdles Shields has seen firms have with implementing a three lines of defence model is inconsistency. He has noticed that many companies, particularly mid-sized businesses, have inconsistent methods and approval processes. This lack of harmonisation leads to complexity and risk. For example, one division might use central compliance processes, while in others they are handled by line management. There is also often a communication failure, which means important data falls through the cracks.

This becomes even more common for firms that grow across jurisdictions. Whether they have grown organically or through acquisitions, different teams tend to find their own ways of doing things. The trouble is, when a regulator comes to the team, they want to see harmonisation of processes and that there is a consistency across the whole organisation.

How FNZ helps bring that consistency

FNZ’s platform is able to connect the various solutions and systems firms have implemented. For example, a firm can link up the KYC workflows of relationship managers with the compliance team so they can approve what took place and monitor the process for any issues. This digital process boosts efficiency and removes complexity out of the whole compliance procedure.

In addition to this, FNZ’s platform gives a 360 view of operations from a single location. Shields said, “If you think about a lot of reviews that take place, they require interaction with multiple systems, such as screening providers, the different document databases and the CRM, and pulling data in from different places. We bring that together, so that those people are not having to log onto multiple systems and do multiple searches. That can be automated and then brought back into a simple 360 view.”

Along with this, FNZ works with its clients to help them find the right process for them. It can often be overwhelming when faced with a new solution that can make a major transformational change to operations, and providing clients with support is always going to be well received. “Having someone who is working with them in bringing that standardised process, and then acting as the, if you like the gatekeeper for supporting them as they roll out that process, we’ve got very positive feedback.”

Regulatory Review Workspace

FNZ recently launched the Regulatory Review Workspace, which provides clients with that 360-degree view of all their cases. This workspace consolidates all this data into a single location so compliance teams do not have to hunt for it. It also automatically triggers various processes, such as screening processes. It also helps manage the risk categorisation. For example, if a piece of data changes, it will recognise this could put the client into a higher risk category and therefore could instigate additional review processes to account for this.

Shields offered an example of a triggered review that the workspace would launch. “Let’s say through one of the channels to the client, whether it’s through a relationship manager or through their mobile app, they’re notified of an address change to a new country. Now, this could lead to a recategorization of the client into a higher risk category.” The new country could be under sanctions or other regulatory constraints, so the bank would need to undertake additional actions and checks. The workspace solution would automatically trigger a review in this scenario. The relationship manager is then guided through each stage and the whole process can then be reviewed and validated.

Shields added that the solution has been described as, “Connecting the mosaic of apps and people and providing harmonisation across the enterprise.”

The world is always changing, and the current world events have shown just how sudden things can happen. People can be placed on sanction lists very quickly and a bank then needs to feed threats through their operations. Doing it manually takes a lot of time but can also be very laborious. On top of this, many firms have typically held reviews only periodically, which means they could be failing to meet compliance for many months until their next review. The Regulatory Review Workspace removes the stress and keeps banks compliant.

One of the main benefits of this solution is saving time. Teams can see everything they need instantly and quickly audit all historical events. Shields added, “It means that the compliance officer has “piece of mind” that everything that can be done to ensure compliance has been done. And it also means that when it comes to regulatory audits, you’re able to show what was done.”

Shields added that another major benefit of the solution is how easy it is to adopt and start using. He stated that many people will be put off using a new tool if it means they have to spend hours relearning how to do something. They will avoid investing the time and likely to fall back on manual methods and bad habits, with all the issues this entails. FNZ’s solution integrates seamlessly with client onboarding workflows, avoiding the need to have a learn how to use yet another application and saving time rekeying data elements that were already capturedThis also avoids the need for relationship managers to continually reach out to the client and ask the same questions they have previously answered. The solution joins up multiple apps and workflows and because of this it has a high adoption rate.

Shields concluded with a successful use case of FNZ’s technology. He stated that a large Swiss bank used the platform to bring harmonisation across their international units and simplify processes. They use various media check services, data suppliers and screening services. Until now their processes have differed around the world, but the Regulatory Review Workspace has helped bring harmonisation and improved compliance management.

Copyright © 2022 FinTech Global

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst


The following investor(s) were tagged in this article.