2020 was a banner year for disruption to all industries. From the lasting economic impacts caused by the pandemic to the policy outcomes that a new administration brings, 2021 will push financial services companies to mitigate risks as they accelerate online and digital technologies; innovate products, analytics, and systems; adopt long-term remote working practices; and expand their management of climate and ESG-related financial and non-financial challenges.
We’re pleased to share our report, Ten Key Regulatory Challenges of 2021, and help answer the question: What are the steps I can take now to prepare.
Key regulatory challenges for financial services in 2021
1. Change management
Volatility will expand through 2021, forcing financial service companies to demonstrate agility through change management. Documented and sound change management practices will be essential to satisfy regulators amidst continued remote working, use of flexible operating models, distributions of stimulus funds, and the use of expanded digital platforms. Establish governance and management routines to demonstrate your capacity to identify and mitigate risk.
Explore change management challenges, regulatory pressures and actions to take in the link below.
2. Credit risk and LIBOR
Economic indicators and persistent low interest rates will bring added pressure to the credit and securitization sectors. Ensure that your firm’s practices safely and fairly respond to these risks. The role of the GSEs should also be considered. ALLL, LIBOR, and CECL will continue to be a focus, along with credit concentration and exposure. Develop early warning sign indicators within loan portfolios which may be impacted and focus on risk controls, risk rating accuracy and periodic assessments.
Explore credit risk and LIBOR challenges, regulatory pressures and actions to take in the link below.
3. Climate and ESG
ESG will move from being seen as solely “doing good” to a key driver of value, risk and opportunity. Be prepared for regulators to expect financial service companies to identify and refine ESG and climate-specific risks, with particular attention paid to stress testing and scenario analysis, credit risk and due diligence monitoring. Adopt standard data, analysis, and disclosure practices and develop a roadmap to measure impacts.
Explore climate and ESG challenges, regulatory pressures and actions to take in the link below.
4. Core risk management
In 2021, a strong risk management foundation and culture will be tested. Effective three lines of defense will be fundamental to regulatory supervision and enforcement. Be prepared for critical incidences and capital or fiduciary exposures to be questioned if core risk management is inadequate and evaluate current frameworks for scalability.
Explore core risk management challenges, regulatory pressures and actions to take in the link below.
5. Operational resiliency and cyber security
Financial service companies will need to continuously demonstrate resiliency and control effectiveness against expanded cyber and vulnerability threats resulting from the expanded use of digital platforms. Be prepared for more focus on protection of proprietary data, customer data, core processes, and exposure from third parties. Embed operational resilience as a key criterion across all management decisions and business activities.
Explore operational resiliency and cybersecurity challenges, regulatory pressures and actions to take in the link below.
6. Compliance risk
Stimulus funds will present new compliance risk challenges. You’ll need to ensure that funds in such areas as PPP, emergency credit facilities, forbearance and accommodations are allocated with both efficacy to the programs and underlying regulations, as well as to quality in the underlying files and processes. At the same time, compliance leaders face a mandate that increasingly includes culture/conduct, data privacy, and financial crimes. Strengthen fraud and employee misconduct controls and increase the frequency of risk assessments.
Explore compliance risk challenges, regulatory pressures and actions to take in the link below.
7. Fraud and financial crime
Regulators will focus on areas of expanded risk in the current economic cycle, including fraud, insider threat, conflicts of interest, KYC, CDD, sanctions and AML. Be prepared with expanded data analytics and real-time surveillance for potential misconduct. Develop cohesive connections between fraud, cybersecurity and financial crimes teams within all three lines of defense on a global scale. New charters for cryptocurrencies and digital assets are being proposed at state and federal levels, and these should be considered in developing compliance programs.
Explore fraud and financial crime challenges, regulatory pressures and actions to take in the link below.
8. Consumer and investor protections
Regulatory attention will refocus back on consumer and investor protections, including UDAP/UDAAP, fair access, servicing and lending, anti-trust, privacy, wealth management and best interest regulations. Implement and evaluate technology-enabled surveillance, monitoring, and testing controls for real time feedback.
Explore consumer and investor protections challenges, regulatory pressures and actions to take in the link below.
Digital transformation has accelerated with significant impact on payments channels and platforms, placing emphasis on ease and speed. Regulatory attention focuses on security, protections and expanded business models. Leverage regulatory sandboxes, no action letters, and other guidance to develop and pilot innovative payments solutions.
Explore payments challenges, regulatory pressures and actions to take in the link below.
10. Expanding regulatory authority
Growing numbers of mergers, alliances, and partnerships coupled with the realization amongst many nonbanks and fintechs of their financial services core functions, will expand licensing and chartering activity. State frameworks for digital assets and cryptocurrencies will allow for new custodians, and federal guidance, while currently sparse, is evolving. Regulatory authority will continue to expand even without the need for new regulations. Ensure all leveraged technologies and their usage can be easily explained and ensure that service continuity and resilience plans are established for all providers, including contracted third parties and alliance partners.
Explore expanding regulatory authority challenges, pressures and actions to take in the link below.