2018 Risk Survey: Technology’s Impact on Compliance
In addition to better meeting the needs of consumers, technology’s promise often revolves around efficiency. Banks are clamoring to make the compliance function—a significant burden on the business that doesn’t directly drive revenue—less expensive. But the jury’s out on whether financial institutions are seeing greater profitability as a result of regtech solutions.
In Bank Director’s 2018 Risk Survey, 55 percent of directors, chief executive officers, chief risk officers and other senior executives of U.S. banks above $250 million in assets say that the introduction of technology to improve the compliance function has increased the bank’s compliance costs, forcing them to budget for higher expenses. Just 5 percent say that technology has decreased the compliance budget.
Regtech solutions to comply with the Bank Secrecy Act, vendor management and Know Your Customer rules are widely used, according to survey respondents.
Accounting and consulting firm Moss Adams LLP sponsored the 2018 Risk Survey, which was conducted in January 2018 and completed by 224 executives and board members. The survey examines the risk landscape for the banking industry, including cybersecurity, credit risk and the impact of rising interest rates.
Fifty-eight percent say that the fiscal year 2018 budget increased by less than 10 percent from the previous year, and 26 percent say the budget increased between 10 and 25 percent. Respondents report a median compliance budget in FY 2018 of $350,000.
Additional Findings
- Cybersecurity remains a top risk concern, for 84 percent of executives and directors, followed by compliance risk (49 percent) and strategic risk (38 percent).
- Respondents report that banks budgeted a median of $200,000 for cybersecurity expenses, including personnel and technology.
- Seventy-one percent say their bank employs a full-time chief information security officer.
- Sixty-nine percent say the bank has an adequate level of in-house expertise to address cybersecurity.
- All respondents say that their bank has an incident response plan in place to address a cyber incident, but 37 percent are unsure if that plan is effective. Sixty-nine percent say the bank conducted a table top exercise—essentially, a simulated cyberattack—in 2017.
- If the Federal Reserve’s Federal Open Market Committee raises interest rates significantly—defined in the survey as a rise of 1 to 3 points—45 percent expect to lose some deposits, but don’t believe this will significantly affect the bank.
- If rates rise significantly, 45 percent say their bank will be able to reprice between 25 and 50 percent of the loan portfolio. Twenty-eight percent indicate that the bank will be able to reprice less than 25 percent of its loan portfolio.
- One-quarter of respondents are concerned that the bank’s loan portfolio is overly concentrated in certain types of loans, with 71 percent of those respondents concerned about commercial real estate concentrations.
To view the full results to the survey, click here.