A POINT OF VEW

De-Risking Financial
Institutions In
‘The New Beginning’
by Vijayaraghavan Venkataraman,
Global Head, BFSI Risk Management & Regulatory
Compliance, CRO Initiative, TCS;
Ramesh Iyer,
Partner, BFSI Europe, Risk Management & Regulatory
Compliance, CRO Initiative, TCS and
Raghunandan M,
Global GTM & Solutions, Risk Management & Regulatory
Compliance, CRO Initiative, TCS

Background and key dimensions of

pandemic impact
After the 2008 recession, financial institutions (FIs) & central banks
have been continuously building resilience against market shocks
to avoid resorting to public funded bail outs. Capital & liquidity
buffers have been maintained at a healthy level through the past
decade, that can now be used to mitigate the financial crisis
triggered by the current pandemic.

Moreover, in responding to the pandemic, global regulators have

come out with similar responses, by encouraging FIs to support
customers in surviving this crisis and gradually land on their feet.
To this purpose, many non-critical regulatory deadlines have been
postponed in order to reduce the operational burden to some
extent. In brief, the guidance has been:

▪ An increased focus on protecting consumers and market integrity

in the short term, and remaining vigilant against financial crime

▪ Continuation of liquidity injection into the markets to avoid any

ripple effect resulting into a systemic breakdown
A POINT OF VEW

The present crisis has an impact on various dimensions of business

operations. These repercussions fall under four main buckets – Financial,
Operational, Customer and Regulatory – that can ultimately lead to
business disruption (see Figure 1).

Stress On Liquidity Adverse Impact on Resource availability

& Overall employee well being
Stress On Capital Adequacy due to
operational losses & reduced profitability Unplanned Outages & stress on
IT / Infrastructure & Inventories
Increased NPLs Ope
ial ra
nc
Increased Cyber, Fraud &

tio
Fin
Money Laundering Risk

nal
Impact on Revenue due to deferred payments,
reduction in interest rates, waiving off late fees etc..
FI (Bank)
Expectation is to Keep providing financial Increased effort on external &
Reg

er
support to hardest hit viable clients internal Communication

om
at st
ul

Eased capital, liquidity constraints & stimulus

or y Cu
package(s), to increase the ability of banks to Increased Stress on continuity of services
lend and absorb losses in this challenging environment

Compliances to Conduct, and FCRM norms Deal with client challenges by delivering
To continue to deliver customer outcome during stress scenarios out of the box services & incentives

Disruption To Business Continuity

Figure 1: Dimensions of pandemic impact

CRO / CCO response to pandemic impact to date

The impact of COVID-19 has dealt a dual blow creating supply chain
disruption and demand-side slowdown. The chief risk & compliance
officer (CRO/CCO) division plays a key role in the mitigation of rapidly
emerging risks and to lead recovery efforts into the new beginning. Two
primary focus areas are driving these efforts: client centricity and
operational resilience.
A POINT OF VEW

Client Centricity Operational Resilience

▪ Efflux of Remote operations & change in ▪ Identifying critical processes, staff and
operating model to ensure client safety infrastructure to prioritize mitigation and
and continuity of services deliver remote services

▪ Focused analytics to sustain surge in call ▪ Re-calibration of financial risk models &
demand and agent supply, along with streamlining model risk management
dedicated helplines and personalized frameworks
services
▪
Focus Area

Deliver Capital optimization

▪ Creative customer engagement &
communication mechanisms ▪ Improvement in controls effectiveness
across the enterprise with special focus on
▪ Minimize customer Complaints and drive fin crime
positive conduct outcomes
▪ Execute BCP & DR plans
▪ Deal with client challenges by delivering
out of the box services & customer centric ▪ Re-prioritize and right-size book of work
risk management

▪ EWI’s to effectively assess sectorial risks and

drive mitigation

Moreover, the risk & compliance leadership is using pandemic impact

(e.g. changed working practices), as a strong driver to accelerate their
digital adoption roadmap. The upcoming two quarters will prove
critical in determining the future course of the financial organization
and industry.

Operational resilience and customer centricity will

become the overarching theme for CROs to deliver
confidence and continuity of services

Indicative regulatory focus

We are witnessing a two-way push across the regulatory spectrum, with
the focus increasing in some areas and easing out in others. Broad
categories across global regulators include:
A POINT OF VEW

Increased Supervisory Push on Market

Relaxation Of Capital & Liquidity buffers
Integrity & Consumer protection

▪ Enhanced reporting requirements for liquidity globally
▪ UK & EU regulators have emphasized on, fair & flexible
treatment of customers and transparency in
communication
▪ AFM (Dutch) calls for extra attention to diligent
customer care in product development and
evaluation
▪ Restrictions on short selling in EU
▪ European Insurance and Occupational Pension Authority
(EIOPA) stated insurance companies should preserve
their solvency capital positions
▪ Reduction of the countercyclical buffer (CCyB) rate to
0% of banks’ exposures to UK & EU borrowers.
Supplementary leverage ratio relaxed in US.
▪ The PRA clarified on VAR backtesting breaches that
have arisen as a result of market volatility. Firms will be
allowed to offset increases due to new exceptions
through a commensurate reduction in risks-not-in-VAR
(RNIV) capital requirements. The approach will be
reviewed after 6 months
▪ Clarification on treatment of forbearance under IFRS 9
& CECL, and flexibility on classification of loans

Increased Supervisory focus on Relaxation on non critical

Operational Resilience & Financial Crime regulatory submissions

▪ Monitoring guidance on WFH arrangements, online
data & services access to customers and employees
globally
▪ ESMA clarifies on MiFID II requirements of call
recording and communication surveillance, to
mitigate conduct risk due to increased remote working,
& EBA emphasizes focus on financial crime mitigation
▪ Monetary Authority of Singapore (MAS) has reminded
financial institutions to adopt BCPs and appropriate
control measures to guard against cyber threats
▪ Annual stress test – UK & EU have cancelled their annual
stress tests but US hasn’t
▪ BSBS postponed implementation of Basel 3.1 to 2023
▪ EC (European Commission) postpones leverage ratio
GSIB buffer
▪ Australia Prudential Regulatory Authority (APRA) has
suspended majority of its 2020 policy and
supervision priorities in order to free up capacity

▪ AUSTRAC & US Fed Issues new scenarios for financial

crime risk monitoring during pandemic scenarios

Outcomes map in the New Beginning

With the rapid evolution of financial ecosystems, the risk and compliance
function is also constantly growing in coverage as the result of newer risk
types into the governance, risk and compliance (GRC) spectrum. The
pandemic has accelerated this change, and encouraged CROs to reassess
& reimagine their core capabilities and the corresponding expansion
possibilities in delivering incremental value, positioning CROs/CCOs as
potent catalysts in optimizing risk-return profiles

Furthermore, there is also an active focus on proactively developing

transformational capabilities toward delivering a competitive advantage
for the organization. The segregation of outcomes across core, adjacent
and transformational themes can be seen in Figure 2.
A POINT OF VEW

Transformational
Adjacent Developing breakthroughs
Expanding capability into new horizons
Deliver ecosystem enabled competitive edge

Leverage emerging digital Renewed rigor in Stress Testing As A Service Quantification frameworks
design patterns to drive growth cost optimization for emerging risk
Proactively manage reputation risk factors
Increase digitization in
Cognitive regulatory compliance, credit risk, stress testing,
Where to play

impact assessment & reporting operational risk and Behavioral analytics for conduct risk
compliance EWIs & strengthening risk culture

Fulfil capacity gaps and activate

Optimization of omnichannel
Core alternate channels to expand
performance for growth
customer service
Optimizing existing business mandates
Modelling emerging risks, Monetizing risk data for
Remote operations Capital & liquidity revenue and cost scenarios
management insights & services

BCP & DR Refine policies and Cognitive risk intelligence to

Cognitive fin crime & procedures to reflect new sense and identify future risk
cyber management normal & enable growth scenarios
Technology effectiveness

Client & workforce safety Reputation management Cognitive controls diagnosis User journey-driven risk
and recommendations management

How to Win
Figure 2: Outcomes map across core, adjacent & transformational categories

Role of emerging AI and ML technologies to

re-imagine use cases
In a recent survey report conducted by TCS and Chartis across 166
relevant risk business & technology leaders, covering retail and
commercial banks, capital markets institutions, and insurance and wealth
management firms, we discussed the maturity of AI in their institutions,
and the potential for further uplifting these capabilities to deliver specific
outcomes. The next few sections list some of our key findings.

In enterprise resource management (ERM) the use of artificial

intelligence (AI) techniques is focused on non-regulated use cases, such as
the generation of early warning signs, and the analysis of what-if scenarios
instead of regulatory reporting projects. A representative of a large
universal bank proposed leveraging AI capabilities to construct a varied
and expansive stress and scenarios library. The bank could then scan tens
of thousands of benchmark results, and millions of market data points, to
pinpoint potential areas of concern.
 A POINT OF VEW

Greatest perceived benefits for institutions in implementing AI tools for risk management,
by area of enterprise risk management (%), n=101

Stress Testing 12.9%

Default Risk Calculations 4.0%
Early Warning Capablities 40.6%
Statistical Calculations - Market Risk 5.0%
Portfolio Structure 2.0%
Corporate Bond valuation 4.0%
Risk Aggregations 7.9%
Data Quality 8.9%
Reporting & Visualization 3.0%
P & L Analytics 5.9%
Not Generally Applicable 0.0%
Don't Know/Perfer Not to Say 4.0%
Other 2.0%
0 10 20 30 40 50
Source: Chartis & TCS research

In regulatory reporting, AI has been used in managing and validating

data, validating results against predetermined criteria and monitoring
overall compliance. Representatives from several large banks explained
that they are now running elaborate data management and validation
programs using strong machine learning (ML) and related analytical
frameworks.

Greatest perceived role for AI, by place in the regulatory chain (%), n=101, with 228 responses

Mapping Rules & Requirements to Business Process 30.7%

Regulatory impact Management 30.7%

Data Preparatio/Mapping 33.7%

Data Validation 31.7%

Compliance Monitoring 54.5%

Analytical Calculations 35.6%

None of the above 3.0%

Don't know /Prefer Not to Say 5.0%

Others 1.0%

0 10 20 30 40 50 60
Source: Chartis & TCS research

In financial crime risk management (FCRM), respondents see the

greatest benefits in anti-fraud, anti-money laundering (AML) and
cybersecurity applications, with KYC an area of growing interest. Client
screening using external risk factors and alert prioritization frameworks
for sanctions screening and transaction monitoring are providing greater
resiliency in the management of financial crime signals.
A POINT OF VEW

Greatest perceived benefits from implementing AI tools for risk management by area of
financial crime risk management (%), n=101

Cybersecurity /Cyber Risk Management 23.8%

Anti Fraud 26.7%

Anti-Money Launching 23.8%

Trade Survelliance 5.9%

Communication Servelliance 4.0%

Watchlist / Sancitions Monitoring 5.9%
KYC / Due Dillgence 3.0%

None of the Above / Note Generally Applicable 0.0%

Don't know / Prefer Not to Say 6.9%

Other 0.0%
0 5 10 15 20 25 30
Source: Chartis & TCS research

In operational risk, quantifying has traditionally been extremely

challenging. Standard statistical models have struggled with the
relative paucity of data and lack of deep statistical processes. However,
in our discussions with banks and other FIs, three key trends stood out:

▪ Widespread digitalization has effectively solved the data paucity

problem

▪ External and internal networks can now be monitored in much

greater detail

▪ There are broad uses for AI in non-financial and operational risk

management contexts, although one quarter of respondents are
not engaged.

Usage of AI tools, by area of the non-financial and operational risk management (%), n=101 with 200

GRC 23.8%
Operational Risk 26.7%
Model Risk Management & Governance 20.8%
Third-Party Vendor Risk Management 13.9%
Internal Audit 11.9%
Security / Cybersecurity Risk 25.7%
IT Risk 17.8%
Conduct Risk 15.8%
None of the Above 27.7%
Don't Know / Prefer Not to Say 12.9%
Other 4.0%
0 5 10 15 20 25 30
Source: Chartis & TCS research
A POINT OF VEW

CROs’ evolving influence in a client-centric

ecosystem to deliver growth and transformation
CROs are gradually moving toward a user journey-driven operational
model that’s focused upon client centricity. Initiatives like improvement of
customer data view, including hardships and dispute analytics, enable
insights for a more informed and empathetic decision making by the
frontline. This model also requires reimagination of business services and
processes to improve throughput and risk management efficiency.

Moreover, in the time of crisis, strengthening workforce availability and

effectiveness in forbearance, and restructuring cases and guidance on
alternate products is imperative to expand operational capacity and
ensure business continuity. CROs are looking at strengthening risk &
compliance capabilities to deliver insights and value-added services, like
ratings and hedging advisory for SME clients, and defensive measures like
improving customer data protection against cyber-attacks and financial
crime, to create competitive advantage in the marketplace.

These factors, coupled with an expanding profile of a CRO, necessitate a

larger ecosystem to mitigate the expanding risk profile of financial
institutions. Figure 3 shows different enablers participating together in
a conducive ecosystem:

Artificial Intelligence

Agile Accountability of Prudent Risk Management

Cross Industry
Data Sets for Fin
at the board level
Crime
Shared Utilities & Mitigation
Expanding CROs role in delivering competitive
Services across FIs
Digital advantage by Monetizing Risk Data / Insights, &
Enterprise enabling business decisions
Cloud

FinTech’s Drive Continuous Cost Reduction via

digitization of core & extended functions
CROs Sphere Of
Customer at Influence to
IT Services the centre of
Reputation Relationship Differentiate & Deliver Forward Looking
Investments Deliver
Management Focus
RPA Operational Resilience
Alt Data
Sources
Personalized Protect the organization by proactively
Services
managing reputation risk
Academics,
Blockchain Analysts &
Think Tanks Regulatory
Convergence Drive a risk culture of promoting value
creation in close partnership with business
IOT
Cyber, Data & Analytics

Figure 3: Risk ecosystem view

A POINT OF VEW

Horizon for CRO initiatives (6 to 8 quarters)

We are witnessing a sudden surge in risk clusters and their interplay,
which has never been observed before in recent history. While we have
had pandemics in the past, the potential impact of a pandemic has
increased exponentially, due to the sheer size of today’s global banking
system, and an ever increasing reliance on the infrastructure to conduct
day-to-day transactions. In such an environment, prioritizing remediation
initiatives is proving very challenging for CROs. Figure 4 visually
represents this horizon of prioritized initiatives.

Mitigate Prepare for the new normal

AR / VR adoption for compliance
& customer experience
Cyber Risk Quantification (CRQ) & Digital Forensics
Real time Credit Monitoring
Behavioral Analytics for proactive
Strategic

mitigation of operational risk

Continue Improving on Climate risk quantification & mitigation
Re-Calibrate Scenarios & Models across risk types
Embed BCP/DR into GRC

Improve AML effectiveness & Anti-Fraud Capability

Re-Imagine Credit - rating models & approval
Improve Controls diagnosis, effectiveness & Indexing
RWA Optimization
Identify new risks, Update Risk Appetite Statements
Operational

Ensure Data readiness for regulatory reporting

Digitize Compliance Activities
Track data, collate and classify gaps
across key risk types Design proactive and configurable reports
Recalibrate mitigation plans, Ensure proactive communication of same

Now 3 months 12 months 24 months

In summary, the pandemic presents unique challenges and opportunities

for the FIs in adapting to a new normal of delivering business continuity
in a remote operation’s dominant setup. Risk & compliance organizations
have so far responded well, in delivering client centricity and operational
resilience, wherein FIs are going above and beyond their traditional
mandates, with value-added services for customers while continuously
adopting newer design patterns. Capability uplifts in areas like conduct
risk mitigation, reputational risk management & early warnings for
shifting left, are emerging as priorities, with a customer centric use
journey approach, to deliver client protection and enablement.

_____________________________________________________________
i
TCS, “The State of AI in Risk Management: Developing an AI roadmap for risk and compli-
ance in the finance industry,” 2019, https://www.tcs.com/content/dam/tcs/pdf/Indus-
tries/Banking%20and%20Financial%20Services/State-of-AI-in-Risk-Management.pdf
 A POINT OF VEW

About Tata Consultancy Services Ltd (TCS)

Tata Consultancy Services is an IT services, consulting and business solutions organization that
delivers real results to global business, ensuring a level of certainty no other firm can match.
TCS offers a consulting-led, integrated portfolio of IT and IT-enabled infrastructure, engineering
and assurance services. This is delivered through its unique Global Network Delivery ModelTM,
Corporate Marketing | Design Services | M | 08 | 20

recognized as the benchmark of excellence in software development. A part of the Tata Group,
India’s largest industrial conglomerate, TCS has a global footprint and is listed on the National
Stock Exchange and Bombay Stock Exchange in India.

For more information, visit us at www.tcs.com

All content / information present here is the exclusive property of Tata Consultancy Services Limited (TCS). The content / information contained here is
Experience certainty. IT Services correct at the time of publishing. No material from here may be copied, modified, reproduced, republished, uploaded, transmitted, posted or distributed
Business Solutions in any form without prior written permission from TCS. Unauthorized use of the content / information appearing here may violate copyright, trademark
and other applicable laws, and could result in criminal or civil penalties. Copyright © 2020 Tata Consultancy Services Limited
Consulting