Uber. Amazon. Zillow. GoBank. In today's digital world, technology has opened a multitude of new choices, channels and conveniences for consumers. And behind every digital consumer action, there's a digital financial transaction: paying for a rideshare, buying a television online, borrowing money for a home—even saving for retirement. Banking and financial institutions are embedded in every part of people's lives and the actions they take every day.
There is nothing new about "digital" in the banking sector; there has been no sudden technology-based change. Banks have been going digital since the use of magnetic ink character recognition (MICR) to automate physical check processing, the advent of automated teller machines (ATMs), the introduction of online automated bill pay and electronic payroll distribution, and, most recently, the rise of mobile banking.
Banking was one of the first industries to embrace and benefit from
digital transformation—and to recognize the risks it brings.
You don't have to go back very far in time to find an example of the monumental role risk can play in the financial industry. Let's take a quick walk down memory lane to 2008, when the banking system began to melt down in the wake of several major bank failures. These events and subsequent bank failures led to government bailouts and public outrage over irresponsible banking practices.
Financial experts continue to debate the causes of the banking crisis, but one potential contributing factor that bears mentioning is the lack of a standard risk framework for the industry. Following the crisis, we saw an enormous overhaul of the regulatory environment, coupled with a significant focus on risk and regulation, both internally within banks as well as externally via a myriad of regulatory organizations such as the OCC, FFIEC, Federal Reserve, FDIC, CFPB, SEC and so on.
After the financial crisis, we saw banks operating under new rules intended to prevent failures and protect the banking system. Integrated risk management technology, which evolved from governance, risk and compliance (GRC) technology, has played an enormous role in helping banks and financial institutions tackle risk management and compliance obligations. These risk management systems join people, processes and technology in a collaborative environment to ensure sound risk management decisions can be made with speed and agility, based on data.
Looking ahead, we see the continued value of risk management as the banking space opens to new players. Recently, as part of an effort to drive modernization of the banking system, the U.S. Treasury Department's Office of the Comptroller of the Currency (OCC)—in a move hotly contested by state regulators and industry associations—formally invited fintech companies to apply to become special-purpose national banks. As Comptroller of the Currency Joseph M. Otting said in a July 31, 2018 news release, "Over the past 150 years banks and the federal banking system have been the source of tremendous innovation that has improved banking services and made them more accessible to millions. The federal banking system must continue to evolve and embrace innovation to meet the changing customer needs and serve as a source of strength for the nation's economy." This new opportunity for fintech companies to operate as nationally chartered banks will provide tremendous options for consumers, but these new "challenger banks" will face the same regulatory scrutiny and risks existing financial institutions face.
"Providing a path for fintech companies to become national banks can make the federal banking system stronger by promoting economic growth and opportunity, modernization and innovation, and competition," Comptroller Otting stated. Since the OCC announcement, more than 50 challenger banks have emerged across the U.S. Through the OCC charter process, a regulatory framework is established to ensure these companies operate in a safe and sound manner while serving customer, business and community needs.
As digital transformation continues, the speed and impact of risks in a hyperconnected world will become more difficult to manage, requiring rapid decision and response. Many challenger banks will face risks stemming from heavy reliance on third parties, and from the enormous effort required to institute anti-money laundering and anti-fraud capabilities, fair lending practices, payment processing and other digitally enabled processes. Integrated risk management will be critical to their success.
Effective risk management requires collaboration, integration, transparency and measurements that cross organizational boundaries. Digital banking will enable consumers to execute transactions with speed and agility and, assuming challenger banks adopt technology for integrated risk management, they should be a valuable addition to the U.S. banking system.
# # #
Get the RSA® Digital Risk Report 2019 to learn about perceptions and attitudes towards risk in the digital world and the top critical risk challenges facing organizations in your industry. You can also use the RSA Digital Risk Index to identify your organization's risk exposure and highlight specific focus areas where you can take immediate action. This quick online assessment can help guide your strategies as you prepare to take on new digital initiatives.
Join the #TalkingDigitalRisk conversation on Twitter and social media by following @RSAsecurity.