The cost of regulatory reporting

This is the first in a series of Point of View articles from Chartis and Regnology that explore the cost of complying with regulatory reporting requirements, and the context in which regulatory reporting is evolving. This article highlights financial institutions’ regulatory reporting obligations and challenges, and offers a framework they can use to assess both the cost of compliance and of upgrading their systems to facilitate it.

Context: the regulatory reporting landscape

The regulatory reporting landscape for financial institutions is evolving. The volume and complexity of financial regulations have increased, putting pressure on firms to monitor and report a range of exposures and comply with different regulatory requirements. Major change is also happening following the failures of Credit Suisse and Silicon Valley Bank because of liquidity-related issues.

Prior to these failures, regulatory reporting requirements were already burdensome for financial institutions. But firms are facing newer requirements that are necessitating investment in solutions for end-to-end regulatory monitoring and reporting, to ensure the healthy functioning of organizations (see Figure 1).

Key challenges for financial institutions

Financial institutions face different regulatory reporting challenges based on several business and operational factors (see Figure 2), including:

• Size.
• Business lines.
• Types of reporting.
• Existing infrastructure.
• The systems and tools they use.
• The number of skilled or expert resources they deploy in the reporting value chain.

The main challenges they face include:

• Ever more regulations. Regulations have been adapted to meet the challenges linked to recent banking failures and instability in the financial markets. But complying with these and such major regulatory initiatives as the Fundamental Review of the Trading Book (FRTB), Basel IV, the Securities Financing Transaction Regulation (SFTR), the Sustainable Finance Disclosure Regulation (SFDR) and environmental, social and governance (ESG) and climate risk reporting presents considerable challenges.
• The need for real-time reactivity is increasing, to help firms keep their information up-to-date so they can stay on top of challenging reporting requirements and impacts to their investments and credit lines. This reactivity also allows regulators to review data in real time.
• There is a growing need for more granularity in reporting so firms can make the best possible business decisions and regulators can monitor more detailed data.
• Liquidity challenges. The unstable economic state of many countries following the COVID-19 pandemic has made it difficult for banks to maintain adequate liquidity. Most banks in the US have been exempt from Basel-style liquidity risk measures (such as the net stable funding ratio [NSFR] and the liquidity coverage ratio [LCR]), but we expect to see liquidity risk controls expand to include them. By definition, liquidity risk controls tend to be highly focused on data and integration and often require banks to extract data from a variety of systems so they can perform intermediate aggregations and calculations (often using spreadsheets). Regulators in many countries now mandate liquidity risk requirements that include adequate liquidity provisioning and stress testing.
• Data and data management are still among the biggest challenges financial institutions face. It is often a struggle to gather ample and accurate data that meets the standards of real-time granularity while maintaining a solution that can be integrated easily. But this is necessary given the current fiscal environment and its associated regulatory requirements.

To address these challenges, financial institutions require a coordinated approach that combines effective data management practices, robust IT infrastructure and continuous monitoring and updating of regulatory compliance processes.

The cost of compliance – and non-compliance

Over the past decade, compliance costs have risen significantly compared to levels before the 2008 financial crisis, especially in retail and corporate banks. This increase is due to several factors, including heightened regulatory expectations and enforcement, globalization and pressure on firms from policymakers, regulators and shareholders to meet and ensure the effectiveness of their compliance measures (see Figure 3).

The cost of compliance

The cost of regulatory reporting compliance can have a significant impact on an organization’s financials and operations, particularly in industries (like finance) with more stringent regulations. These costs cover several different elements of the business and its operations:

• Regulatory complexity. Different regions may have different regulations – organizations with a high volume of transactions will incur greater costs because of the increased effort required to track, analyze and report on them accurately.
• More investment in robust regulatory reporting software and infrastructure. This can reduce costs in the long term by automating processes and ensuring accuracy, but initial setup costs can be high.
• Skilled personnel with expertise in regulatory compliance are essential but can be costly, as can training staff to stay abreast of evolving regulations.
• Effective data management practices and systems can help to ensure vital data accuracy, integrity and security, but can be costly.
• Regular audits and reviews to ensure compliance add to the overall cost.
• Legal and consulting services to interpret regulations, provide guidance on compliance strategies or assist with audits add to the cost.
• Integration with existing systems can increase costs, especially if modifications or upgrades are needed.
• Scalability and flexibility can affect the cost of regulatory reporting systems and processes.

The cost of non-compliance

While the cost of complying with regulatory reporting requirements can be high, the cost of non-compliance can be significantly higher. Crucially, the total cost of non-compliance can extend beyond immediate financial penalties, with long-term implications for a company’s financial health and strategic position. These costs can arise from several sources, including the following:

• Regulatory bodies can impose substantial fines and penalties on companies that fail to comply with reporting requirements. These can amount to millions or even billions of dollars in some cases, depending on the regulation, the severity of the non-compliance and the jurisdiction.
• Legal battles and litigation can mean expensive legal fees, settlements and judgments. Legal proceedings can also be time-consuming, diverting resources from other business operations.
• Reputational damage for non-compliant companies can lead to a loss of customer trust, decreased investor confidence and even lost business. The impact on a company’s brand and market position can be significant and long-lasting.
• Operational disruptions caused by regulatory investigations and having to rectify non-compliance issues can lead to inefficiencies, lost revenue and additional costs.
• Non-compliant companies may be subjected to increased regulatory scrutiny and oversight in the future, leading to higher ongoing compliance costs.
• Non-compliance can affect a company’s ability to secure financing or increase the cost of insurance premiums, as lenders and insurers may view the company as being a higher risk.
• Dealing with the consequences of non-compliance can consume significant management time and focus and may lead to such employee-related issues as demoralization, high turnover and recruitment difficulties.

Achieving cost-effective compliance

Financial institutions have struggled to find the right strategic solutions to help them stay abreast of increasing regulation and the need for compliance. Some are still using technologies they deployed after the 2008 financial crisis, choosing to invest to keep up with current standards and increasing their overall compliance costs in the process. Emerging regulatory technology (RegTech) solutions can help firms meet their obligations, easing their burden by streamlining costly manual and labor-intensive tasks, and making it easier and cheaper for financial institutions to comply.

An integrated RegTech platform approach

RegTech uses digital technologies to enhance elements of the regulatory reporting workflow (such as monitoring, compliance and reporting itself), making the process more robust and economical by standardizing and automating many manual activities. These technologies can be expensive, however, especially if deployed on a stand-alone basis. To add value and provide maximum benefit, RegTech must be part of an integrated risk and finance architecture.

Fortunately, financial institutions looking to invest in more up-to-date and cost-effective regulatory technologies now have access to a market that has expanded across geographies, and which contains specialty products for almost any system type. To help narrow down their choice to the best systems, firms have three major considerations:

• Choosing the right operational system.
• Determining the utilities required.
• Reconciling complexity and cost, bearing in mind that greater complexity means higher cost.

To address the first two considerations, RegTech solutions should offer platform capabilities, coverage of regulatory calculations and the ability to generate and submit reports to regulators. These capabilities are summarized in Figure 4 and Table 1.

A framework for success

As regulations have continued to proliferate, most firms acknowledge that they must not merely comply with current regulations but also budget for future ones. For financial institutions, much of the answer lies in being able to pinpoint exactly where their compliance costs sit across technology, processes, people and operations. We believe that high-performing firms will be able to implement the right organizational mechanisms to optimize their total cost of compliance and take a vital step toward achieving efficient and cost-effective compliance.

To help them address their challenges, Chartis and Regnology have devised a cost-attribution framework that firms can use when calculating their cost of regulatory reporting compliance. It takes into account upgrades to their legacy systems and investments in efficient RegTech solutions (see Figure 5 and Table 2). The exact nature of this framework will depend on the type of institution, its size and the different business lines and geographies in which it operates.