Governance Risk and Compliance in Financial Services Industry

The global credit crisis has highlighted the significance of governance, risk and controls in the financial services industry. The aim of this article is to list the challenges faced by the financial services industry, define the goals and objectives of their risk management initiatives and note the trends prevalent in this sector.

The first challenge which the financial services sector faces is to integrate the governance, risk and compliance programme to discourage silos which operate in isolation from the business. The second challenge is the issue of overlapping control functions which hinder an extensive understanding of risk. The control functions in financial services firms are spread across various departments like audit, finance, operations, legal, compliance and IT. The control activities in each of these departments operate and report to senior management independently leading to inefficient processes which impede a comprehensive view of risk.

Governance, risk and compliance are a well defined term and refer to multiple overlapping activities of risk and compliance which include: risk governance, financial operational and IT risk management, audit and control activities, compliance efforts and processes, policies, documentation associated with these functions. The goal of the governance, risk and compliance initiative is to integrate these elements and ensure that information collected is relevant to risk management. The objective of this integration is to achieve a more comprehensive and transparent view of risk in an organization which reports on the effectiveness of risk and governance in an organization and enforces compliance within lines of business. The logic for integration is propounded by financial regulators of France, United Kingdom, Switzerland, US and Germany in a report titled Observations on Risk Management Practices during the Recent Market Turbulence issued in March 2008 which assessed risk management practises against the backdrop of the credit crisis. The report noted that siloed firms allowed its business units to make business decisions in isolation which was ignorant of other firm’s insights. The result of this practise was that some business line managers understood that underwriting standards for products was loosening whilst other business managers did not acknowledge this fact. These managers did not stop warehousing assets whose credit quality was deteriorating. The report found a causal link between the firms which incurred significant unexpected losses and managers who followed a segregated approach to governance, risk and compliance. In addition, the report stated that firms which avoided losses during the credit crisis were those where risk management had authority and independence within the organization and also involved a direct interaction with business managers.

The Economic Intelligence Unit of the Economist conducted an online survey of 167 worldwide executives of the financial services sector. 51% of respondents were board level executives and 49% were business unit heads or directors. 30% of the respondents were based in North America and 23% in Western Europe. The survey was instrumental in identifying trends in the financial services sector towards integration of governance, risk and compliance. 27% of the respondents stated that their firms were nearing completion of integration and 66% of the firms were already somewhat integrated. The figures are better understood in light of the organization’s risk profile – the amount of risk which the organization is willing to take on. The organization which is not integrated is twice as likely to be focused on the pursuit of new business rather than control of risk and 50% more likely to say that their organisation’s “policies and objectives exist only as a formality—they do not reflect how the organisation is run in practice. The organization’s will have to now be prepared for Basel III norms which were endorsed at the Seoul Summit of G20 on the 11th and 12th of November 2011. The Basel III norms will have a direct impact on banks and financial services sector. The achievement of the Seoul Summit was the formal endorsement of Basel III and a policy framework which addresses systematically important institutions.

The systematically important institutions are those institutions whose failures threaten the stability of the financial system. The G20 endorsed the Basel Committee on Banking Supervision’s new minimum capital and liquidity framework, Basel III, which require more and higher quality capital to improve the ability of banks to withstand shocks. The issues that still need to be resolved between the G20 include identifying which financial institutions will be considered globally systemic, and determining how much additional capital will be required.

In Conclusion, the obstacles towards integration of governance, risk and compliance in financial services industry are internal power struggles, disconnected hierarchies based on independent silos, concern on return of investment in integration effort and so on. However the common underlying factor associated with financial services is the fact that the business works on other people’s money and failure of controlling risk can lead to severe repercussions for the economy.

Senior Supervisors Group, Observations on Risk Management Practices during the Recent Market Turbulence, March 2008.
Economist Intelligence Unit (2008) Governance, risk & compliance in financial services. The Economist
Ernst & Young (2011) G20 Seoul Summit leaders press on with financial reforms. Retrieved on 17 March 2011 from:

Other Services of Interest

  • Cloud Security - Knowledge Snippets

    Riskpro presents a series of 5 articles / newsletters on cloud security. Cloud computing is attractive because it offers agility, resiliency and economy to organisations which adopt it. What is less...
  • Corporate Training Ideas - Risk Management and Compliance

    The following training options are appropriate for Banks, NBFC and small banks. • Basic fundamentals of Risk Management (half day) o Including Fraud, Reputational Risk issues also apart from...
  • Third Party Risk Management (TPRM) - Webinar

    EVENT OVERVIEW: TPRM or Third Party Risk Management is not a new concept, but something that needs to be addressed today. With Cybersecurity, Privacy issues emerging every day, often we find that...
  • Global Compliances - Free Webinar on key Global Regulations

    EVENT OVERVIEW: Riskpro India is conducting a free webinar on how to be future ready with respect to Global Compliances. Alleviate risk and strengthen your control on global compliance with this...
  • Sarbanes Oxley (SOX) Compliance - Free Webinar

    EVENT OVERVIEW: Riskpro India is conducting a free webinar on SOX (Sarbanes Oxley) Compliance which will take you through the applicability and requirements of the SOX 404 and 302 Act. The...
  • Internal Audit and IT Audit on Temporary Basis

    Due to the importance of regulatory compliances, it has become essential that companies are able to audit the business operations effectively. To meet this growing demand, Riskpro India offers...
  • India: Data Protection Services

    The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. Now India has its own version of Data protection regulation that will change...
  • Fire Safety Assessments and Training

    Some of our features of Fire Safety Assessments and Training • Fire Science • The common causes of fire • Identify fire hazards • Types of fires and extinguishers • Fire...
  • Go to top