For many who weathered the cycle of Dodd-Frank, it is a familiar, historical sight, which comes at a time of intense business and operational change with diminished investment—due to operational disruption—in risk and compliance talent and transformation.
With change, comes risk
Volatility will likely continue in 2021, forcing companies to demonstrate agility in their change management processes. Key areas of change will be directed by the Biden administration’s priorities, including:
- COVID-19: Eviction and foreclosure moratoriums and federal student loan relief continue to be extended; risks associated with COVID-19 programs—Paycheck Protection Program, Federal Reserve Bank credit facilities—include fair access/treatment and fraud.
- ESG: Regulatory efforts to address climate change through stress testing, data collection, and standardized disclosure will accelerate. Racial equity will push heightened attention to the use of algorithms/artificial intelligence models and could prompt extension of Equal Credit Opportunity Act protections or Community Reinvestment Act considerations.
- Agency leadership: Choices to lead the financial services agencies, including the newly confirmed Treasury Secretary and the Consumer Finance Protection Bureau and Securities and Exchange Commission nominees, have proven pro-consumer regulatory track records and are expected to promote rigorous examination and enforcement.
- Supervisory focus: Intensifying consumer protection, combined with the Biden administration’s priorities, will manifest compliance risk related to fair access/fair treatment across all products and services with focus areas that include small businesses, credit reporting, lending, sales/compensation practices, fiduciary standards, diversity/inclusion, and community investment.
Strong risk management foundations and cultures can outlast the regulatory swell expected in 2021. Enhancement of risk management frameworks will hinge on:
- Identification and evaluation: Remove redundancies/gaps in internal controls to increase efficiency and cost effectiveness.
- Data interoperability and cleansing: Data and technology target state should enable sharing and linkage of risk data across key risk categories and provide a single source for reporting purposes. Review, organize, and cleanse existing data to support data-driven assessments.
- Technology integration: Integrate technology risk management capabilities with broader risk strategy and align with overall risk priorities.
The new leadership has a vision and a plan; a slim congressional majority could present hurdles, though much can be accomplished through only the regulatory process. Financial services companies can remain steadfast with strong change management approaches and risk management frameworks.