Global Regulatory Network

What EY can do for you

The GRN, along with EY’s risk and compliance advisory professionals, helps the C-suite and board-level bank executives respond to constantly changing financial and nonfinancial risk management, operational and governance requirements. In times of crisis, such as we’re experiencing now with the COVID-19 pandemic, the GRN advises financial institutions, as well as governments and regulators, on what actions they can take to mitigate the financial impact of the crisis. 

As digital reshapes financial services, risk strategies must continue to evolve. Banks that succeed will excel at proactively addressing the impact of digitization on compliance, accountability, transparency, risk management and data governance. Advising clients on how to meet these challenges, the GRN provides insight on a range of issues, including:

• Risk and compliance management frameworks, and allocation of resources
• Understanding the global, regional and local regulatory agendas
• Prioritization of issues, and identifying what’s next and beyond
• Input to senior executives on matters of accountability and governance
• How to build positive dialogue and relationships with the regulator 
• Linking the risk and regulatory environment to the wider geopolitical landscape.

Our regulatory outlook for 2020

Regulation is experiencing a period of substantial adjustment, as the risk portfolio expands to include a set of less familiar challenges, such as personal data privacy, use of the cloud and climate risk. Consequently, the post-crisis period, which was characterized by amending and tightening existing rules, is now being followed by re-scoping and evaluation, as regulators decide how to create a proportionate framework that can strike a balance between allowing for change and innovation while preserving systemic stability and protecting consumers.

This is set against a backdrop of rapid technological innovation and change in the competitive landscape. The business and macro-economic environment, combined with the potential for new and more agile entrants to fragment traditional customer bases, presents challenges to banks that threatens their revenue generation. Supervisors are cognizant of pressures in the current market environment, with the need to maintain the improved capital base and to enhance the profitability of systemically important institutions.

The GRN’s current view, set out in our 2020 Global bank regulatory outlook, is supported by our discussions with clients and industry participants and by the results of the most recent EY/Institute of International Finance (IIF) annual global bank risk management survey.

The key message going forward is that compliance and risk management models must be updated to incorporate a much more varied set of dynamic and inter-related operational and non-financial risks, and to meet the enhanced expectations of supervisors, investors, clients and other stakeholders. The most likely areas of focus will be:

1.  Operational resilience: Regulators are now assessing banks’ capabilities to continuously intermediate markets and deliver services to their customers and clients on the assumption that a disruption of some kind is inevitable. The scope of resilience activities is also being challenged, with authorities seeking to understand banks’ abilities to prevent, respond to, recover and learn from disruption, whatever the threat or vulnerability that might cause it.
   
   
2. Environmental, social and governance (ESG): The ESG criteria used to measure the sustainability and ethical impact of an investment in a business are now just one part of a wider agenda that encompasses climate risk, corporate behavior and social responsibility, inclusion, equality, diversity and an expanding range of other societal issues. This wider set of issues places increased expectations on corporate risk management, including new board responsibilities and reporting to shareholders, along with enhanced internal governance and comprehensive mapping of rule requirements to bank processes and controls.
   
   
3. Data and emerging technology: Banks need to navigate a complicated and inconsistent set of international guidelines, laws and rules, and try to find standards and working practices that anticipate where data protection regulation is likely to land. More broadly, regulators will be looking at the impact of technological change across the risk and control infrastructure in banks. Artificial intelligence (AI) and machine learning (ML) will be key topics, as supervisors focus on how existing risk management and governance practices need to be enhanced to capture the dynamic and inter-related risks associated with AI and ML.
   
   
4. Completion of remaining post-crisis measures: Basel III and the interbank offered rate (IBOR) transition are areas where banks must maintain momentum. Banks must anticipate regional divergences on Basel implementation and scrutiny of IBOR transition planning will intensify.