Governance Risk and Compliance in Financial Services Industry

The global credit crisis has highlighted the significance of governance, risk and controls in the financial services industry. The aim of this article is to list the challenges faced by the financial services industry, define the goals and objectives of their risk management initiatives and note the trends prevalent in this sector.

The first challenge which the financial services sector faces is to integrate the governance, risk and compliance programme to discourage silos which operate in isolation from the business. The second challenge is the issue of overlapping control functions which hinder an extensive understanding of risk. The control functions in financial services firms are spread across various departments like audit, finance, operations, legal, compliance and IT. The control activities in each of these departments operate and report to senior management independently leading to inefficient processes which impede a comprehensive view of risk.

Governance, risk and compliance are a well defined term and refer to multiple overlapping activities of risk and compliance which include: risk governance, financial operational and IT risk management, audit and control activities, compliance efforts and processes, policies, documentation associated with these functions. The goal of the governance, risk and compliance initiative is to integrate these elements and ensure that information collected is relevant to risk management. The objective of this integration is to achieve a more comprehensive and transparent view of risk in an organization which reports on the effectiveness of risk and governance in an organization and enforces compliance within lines of business. The logic for integration is propounded by financial regulators of France, United Kingdom, Switzerland, US and Germany in a report titled Observations on Risk Management Practices during the Recent Market Turbulence issued in March 2008 which assessed risk management practises against the backdrop of the credit crisis. The report noted that siloed firms allowed its business units to make business decisions in isolation which was ignorant of other firm’s insights. The result of this practise was that some business line managers understood that underwriting standards for products was loosening whilst other business managers did not acknowledge this fact. These managers did not stop warehousing assets whose credit quality was deteriorating. The report found a causal link between the firms which incurred significant unexpected losses and managers who followed a segregated approach to governance, risk and compliance. In addition, the report stated that firms which avoided losses during the credit crisis were those where risk management had authority and independence within the organization and also involved a direct interaction with business managers.

The Economic Intelligence Unit of the Economist conducted an online survey of 167 worldwide executives of the financial services sector. 51% of respondents were board level executives and 49% were business unit heads or directors. 30% of the respondents were based in North America and 23% in Western Europe. The survey was instrumental in identifying trends in the financial services sector towards integration of governance, risk and compliance. 27% of the respondents stated that their firms were nearing completion of integration and 66% of the firms were already somewhat integrated. The figures are better understood in light of the organization’s risk profile – the amount of risk which the organization is willing to take on. The organization which is not integrated is twice as likely to be focused on the pursuit of new business rather than control of risk and 50% more likely to say that their organisation’s “policies and objectives exist only as a formality—they do not reflect how the organisation is run in practice. The organization’s will have to now be prepared for Basel III norms which were endorsed at the Seoul Summit of G20 on the 11th and 12th of November 2011. The Basel III norms will have a direct impact on banks and financial services sector. The achievement of the Seoul Summit was the formal endorsement of Basel III and a policy framework which addresses systematically important institutions.

The systematically important institutions are those institutions whose failures threaten the stability of the financial system. The G20 endorsed the Basel Committee on Banking Supervision’s new minimum capital and liquidity framework, Basel III, which require more and higher quality capital to improve the ability of banks to withstand shocks. The issues that still need to be resolved between the G20 include identifying which financial institutions will be considered globally systemic, and determining how much additional capital will be required.

In Conclusion, the obstacles towards integration of governance, risk and compliance in financial services industry are internal power struggles, disconnected hierarchies based on independent silos, concern on return of investment in integration effort and so on. However the common underlying factor associated with financial services is the fact that the business works on other people’s money and failure of controlling risk can lead to severe repercussions for the economy.

Senior Supervisors Group, Observations on Risk Management Practices during the Recent Market Turbulence, March 2008.
Economist Intelligence Unit (2008) Governance, risk & compliance in financial services. The Economist
Ernst & Young (2011) G20 Seoul Summit leaders press on with financial reforms. Retrieved on 17 March 2011 from:

Other Services of Interest

  • Celebrating 1 Year of GDPR - Webinars from Riskpro

    GDPR turns ONE on 25 May 2019. On this Anniversary, lets explore what the last 12 months meant for global companies as it relates to Data Protection and Privacy. Riskpro India has organised 6 GDPR...
  • Procurement Fraud - Riskpro can help

    If you suspect procurement fraud, do contact Riskpro India and we can help to unearth the suspicious activity. Following are some of the ways in which we can help. 1. Review of onboarding...
  • GDPR - Data Privacy Trainings - Six Webinar on GDPR Anniversary - Riskpro

    GDPR turns ONE on 25 May 2019. On this Anniversary, lets explore what the last 12 months meant for global companies as it relates to Data Protection and Privacy. Riskpro India has organised 6 GDPR...
  • HIPAA Awareness Training (Mandatory) - Riskpro India

    EVENT OVERVIEW: HIPAA stands for the Health Insurance Portability and Accountability Act and is a US regulation that deals with security measures for protecting patient’s medical records. Employees...
  • SEBI's Insider Trading Amendment - Free Webinar by Riskpro India

    Another important compliance topic that kicks off today. SEBI Amendment to Insider Trading Regulations. Join us for an hour to learn the important changes and how to deal with these. Register -...
  • Sox Training

    Our sox training covers the following points. 1. What is SOX? 2. The Act and its Sponsorors. 3. The background for bringing in this act. 4. Major Sections in the Act 5. Section 404 overview 6...
  • GDPR Countdown

    Riskpro is working hard so that clients can GDPR deadline as the clock ticks away.
  • EU-US Privacy Shield for Data Transfers

    Come GDPR (General Data Protection Act) and EU-US PRivacy shield will assume more importance. Privacy Shield Overview The Privacy Shield program, which is administered by the International Trade...
  • Reduce your GDPR implementation Costs - Hire GDPR Experts in India

    Reduce cost for GDPR Compliance - Remote Consulting from India GDPR readiness assessment and implementation can be costly. And time is short. Instead of paying premium fees to local GDPR consultants...
  • Go to top