Risk management in the financial services industry is evolving. Traditionally, risk was managed by the second line of defense: risk management and compliance functions.
But the trend now with banks is to move these responsibilities to the front line, where it all happens. A new Risk in Review study from PwC reveals that leading companies are increasingly making this a part of their risk management practices. This strengthens the organization’s risk culture and accountability, increases awareness of best practices, and reinforces the defense lineup.
So the question becomes: are you valuing your front line staff? In the banking world, risk is introduced at the start of a transaction, for example, when a customer applies for a product online or initiates a transaction at the counter with teller or account staff. Your organization’s best first line of defense lies in strategies and controls that monitor and analyze potential risk and fraud created through these transactions. These will be much easier to address—and may result in better outcomes and less damage—on the front line than if the same risk is caught later, at your second or third lines of defense. As such, banks should aim for this first line of defense to identify at least 50% of potential transactional risk and fraud concerns.
According to the International Money Laundering Information Bureau, money laundering is the third-largest industry after oil and currency, and accounts for billions of dollars in dirty money globally. Successfully implemented know your customer (KYC) procedures and controls are an essential precaution against these types of shady activities. And the keys to a successful KYC program are, again, your front-line staff.
Why are front-line staff best positioned to help achieve KYC compliance?
Your front-line staff are in the trenches on a daily basis, which puts them in the best position to better assess and address transactions from customers as they take place. Shifting the focus to the front lines will empower these employees through increased responsibility and ownership (with support from the second and third lines of defense, as required). Not only do they take care of day-to-day transactions, they are also responsible for one of the most vital parts of a bank’s operational risk and KYC compliance program. Banking experts would say that this “utopia” occurs when the front line owns and is accountable for the key risks and key controls that they touch on a daily basis.
This powerful relationship of ownership and accountability can help strengthen risk management and KYC compliance programs through the use of risk and control self-assessments (RCSAs), which capture what is, effectively, a continuous risk assessment from staff who interact with risks and controls up close, every day.
Benefits of front-line risk management
There are three key advantages of managing risk through your front-line:
1. Better accountability and decision making, from the ground up
Engaging the front line (through RCSAs) equips staff with the risk intelligence to make better decisions. Since many procedures and controls are designed with transactional risk and KYC requirements in mind, data and insights from the point of sale are invaluable. Operational staff are, by far, in the best position to gauge when things seem a bit off, and are also better positioned to recalibrate possible control weaknesses quicker and earlier.
The added responsibility and empowerment allows (if not demands) staff to exercise professional judgment. An RSCA approach also empowers the front line with a feedback mechanism to provide additional insight to management, for more real-world informed decision making.
2. Be more agile and nimble
The heightened risk awareness deployed by front-line staff through RCSA ownership means more flexibility to provide superior service to customers. Today’s banking product landscape has evolved dramatically as a result of new regulations and red tape. Staff also now deal with more information-savvy and aware customers thanks to the Internet. This means customers expect even more from face-to-face banking interactions.
Shifting ownership (through RCSAs) helps ensure that future customer interactions can be modified more quickly when the risk landscape evolves, or when customer preferences change. The use of RCSAs can be a valuable tool for banks to maintain systematic controls, while at the same time being more agile and responsive to customer needs.
3. Improved customer service
Why not kill two birds with one stone? Many financial institutions don’t know it yet, but having more insight into your customers translates into better service and happier customers. Data insights on customer behavior and improved interactions between front-line staff and customers will be a part of banking DNA in the years to come. Obtaining strategic knowledge and insights can also be achieved through the proper deployment of RCSAs.
RCSAs strengthen procedures during customer interactions and arm the front line with the necessary tools to enrich the customer journey. Empowered staff who own RCSAs will help translate that into a healthier brand by delivering better customer service outcomes.
Risk control self-assessments and ACL
RCSAs are essential tools in helping your first line of defense become more empowered and risk-aware. Where transaction risk is introduced, RCSAs help to ensure there is enough information to understand the risk and appropriately address it. Then further in the process, when the second and third lines of defense come into play, they can test against the self-assessment that have already been conducted. The first line understands the risks and fixes the issues, and the second line then can validate as a true second line of defense.
ACL’s banking solution makes it possible for financial institutions to develop and implement effective RCSAs as part of the overall risk management strategy. Use technology to help you automate and streamline the self-assessment process, while at the same time freeing up your organization’s second and third lines of defense—and fortifying your first line of defense by properly equipping your front-line staff.
7 key trends in enterprise risk management
Excellence in ERM practices is not easy to achieve. If it were that easy, all organizations would already be doing it. Internal controls often have a bad reputation amongst business operational managers, often being seen as impediments to “getting the job done.” This eBook highlights the ERM Process Flow to help you identify, respond, monitor and manage risks, report on results, and continually improve your process.