This was in response to actions points from the regulator’s earlier examination of the Prudential Inquiry into the Commonwealth Bank of Australia.
Here, we look at APRA’s latest findings and what they mean for the industry in Australia.
After reviewing the self-assessments undertaken, the regulator found “material weaknesses” in governance and risk management, identified a need for institutions to improve their management of non-financial risk and “is considering applying additional capital requirements to several regulated institutions.”
By pulling this lever, APRA limits the strategic freedom available to boards and executive teams, while focusing their attention on increasing investment on measures that will improve non-financial risk management.
Integrating projects that improve non-financial risk operating models with their broader digital transformation initiatives can deliver momentum to the institution-wide strategy, while quickly delivering attractive returns on investment.
In their timely report ‘Transforming risk efficiency and effectiveness’, published in April 2019, experts at McKinsey & Company suggest that a “well-executed, end-to-end risk-function transformation can decrease costs by up to 20 percent while improving transparency, accountability, and employee and customer experience”. The report authors identify nineteen risk processes as candidates for automation with AML operations, which in the USA are required by the Bank Secrecy Act, as having the highest automation feasibility as these operations yield both the highest effectiveness and the highest efficiency impacts.
Issues identified by APRA, that have come from the self-assessments, include “resource gaps (particularly in the compliance function), blurred roles and responsibilities for risk, and insufficient monitoring and oversight. Institutions acknowledged that historical underinvestment in risk management systems and tools has also contributed to ineffective controls and processes”.
encompass’ experience both in Australia and in the UK demonstrates that investments that automate compliance and create new digital operating models address many of the issues identified by Australian institutions in these assessments.
There is consensus from a broad range of authorities on what it takes to overcome such blurred roles and responsibilities when it comes to risk. The Office of the Comptroller of the Currency within the United States Department of the Treasury, the Federation of European Risk Management Associations and The Institute of Internal Auditors Australia all recommend that professionals with responsibility for risk are aligned as three lines of defence.
Resource gaps are eliminated by creating an AML/ Know Your Customer (KYC) risk process that spans all three lines of defence. Automating routine tasks eliminates the majority of human interventions and creates a process linking the “digital outside” with a new “digital inside”. Institutions that have taken this path with encompass have seen KYC process cycles reduced from hours or days to minutes.
A significant cause of insufficient monitoring and oversight is that in old and predominantly manual processes these are high cost activities, particularly when first and second lines of defence are physically separated. In the new digital process, monitoring and oversight are hardwired into the design. Work cannot flow from one activity to the next until conditions defined by those within the institution responsible for managing non-financial risk are satisfied. All activities, including those involving humans, are securely recorded in a tamper-proof audit trail available for review by internal auditors in the third line of defence.
Digitising the KYC risk process enforces policies, eliminates errors, simplifies proper oversight and reduces times customers must wait before being onboarded or allowed access to new services. And it reduces costs. Forward-thinking executives will see opportunities in APRA’s interventions.
Founded in 2012 by entrepreneurs Roger Carson and Wayne Johnson, and operating from the UK, encompass is the creator of unique, innovative Know Your Customer (KYC) software for banking, finance, legal and accountancy that enable better, faster commercial decisions. The company is driven by the belief that the best decisions are made when people understand the full picture.
Contact us today to arrange your personalised consultation of encompass. Discover how our KYC automation software can help your business accelerate onboarding and give you peace of mind that you are regulator ready.