Risk and compliance management has moved into a new era. The significant level of regulatory change since the financial crisis, coupled with the slowing of economic growth and declining margins, has led organisations to seek opportunities to drive efficiencies. Many are turning to digitisation and automation with artificial intelligence (AI) as the solution.
Andrew Berry, Future of Risk and Compliance Lead shares ten key learnings from a recent collaboration with the European CRO of a global corporate bank to automate the client credit journey for wholesale clients.
1. The productivity gains are astonishing
Our credit staff were initially skeptical that processes such as complex financial spreading could be accelerated or automated. But, within a few months a process which had been taking up to five days, could be whittled down to three or four minutes. This freed up hours in the day for experienced staff to deploy their skills on more value adding tasks. It also increased the bandwidth that analysts could cover, meaning more clients!
2. Clients really notice – in a good way
The bank’s CRO noted “Clients love it when you can make a decision on a lending application and offer a price almost instantly. Relationship Managers love being able to develop opportunities face to face with their prospects and clients. But the benefits aren’t just about immediacy.” The newly automated process is more reliable than a judgement-driven one, which is inevitably subject to review and (occasional) overrule. Moreover, the abundance of data and computational power means the bank can now better segment customers and focus on products and pricing that are most relevant.
3. Target a clear benefit to start with, but be ready to adapt and expand
It’s important to define the benefit up front while constantly communicating with stakeholders. The bank was ready to adapt at speed, having learnt that the potential scope for intelligent automation was always far wider than the current application, which allowed them to expand the business case beyond immediate gains.
4. Your IT roll-out and HR strategy need to progress in tandem
Automation criss-crosses the traditional divisions of labour between IT, risk and compliance teams. For this reason, the roll-out of technology and HR strategy needs to work at the same pace. The bank developed a ‘fit for the future’ approach to teaming, training and a culture of learning
5. Automation gets you rethinking organisational design
It’s hard to create a workforce that’s ‘fit for the future’ if we are asking them to do the same jobs that they did 20 years ago. Jobs will be different in 18 months’ time so we need to look months into future not just years. You need particular skills to deploy automation and artificial intelligence (AI). They are not always the same ones needed in traditional, hierarchical banks where seniority goes hand in hand with years of experience. In many cases value is more closely tied to technical ability, rather than length of service. For that reason the CRO began to encourage people to form circles of competence in place of rigid hierarchies.
6. Work with people who get banking as well as technology
The CRO had dealt with a huge range of consultancies, and was clear about what kind of people they needed to collaborate with on credit risk automation. “They needed to understand banking and ideally have worked in a bank. That is what gives them credibility to walk our floors and re-engineer the jobs our people do.”
7. Cyber threats are real and need new forms of governance
Robotic process automation (RPA) and AI mean proactive governance becomes more important than ever, because of greater reliance on programming code and algorithms. Take three examples:
(1) Cyber criminals looking to sabotage a bank may target its models or bots; any code tampering could take months to notice unless the right controls are in place.
(2) You need to understand both the upstream and downstream interactions of bots so that changes in one piece of code don’t negatively affect other pieces.
(3) Relying on ephemeral ‘circles of competence’ to write code is great until those circles disband, so be sure to document decisions and design principles for later inspection.
8. Keep your IT department up to speed and on side
IT departments know more about managing cyber and technology risk than bankers and credit analysts. This is a good thing. It does mean, though, that successful automation of credit risk processes depends upon buy-in from your IT function. You can only execute your tasks as fast as IT can execute theirs.
9. You’ll see better interactions between first and second lines and between risk, finance and audit
Automating credit risk processes gives banks richer, more reliable streams of information that can become the single source of data across the organisation. The second line can help the first line with tools to automate new client prospecting. When business units or other central functions interact with risk teams, it’s based on a shared version of the truth.
10. Success comes in many shapes: welcome them all
Setbacks teach you valuable lessons and the CRO of the bank found they didn’t need to automate every process – just preparing for it helped. Some of the credit teams discovered that when they mapped out their processes ahead of automation they could so radically simplify them that they didn’t even need automating.