Reimagining the role of the front office in complying with banking regulations

Corporate risk management: Current state

For some time, second line of defense functions have often led regulatory response and remediation efforts. And frequently, the front office isn’t fully engaged in the end-to-end design and implementation efforts.

This has contributed to disconnects in the technology architecture and operating models across the first two lines of defense. Such disconnects can lead to overlapping controls, siloed responses, or the inability to explain the control framework across the three lines of defense for regulations that span businesses and functions.

Addressing regulatory issues in a disconnected manner can create additional inefficiency in achieving strategic business goals. Furthermore, front office controls remediation efforts that have traditionally focused on achieving compliance with various bank regulations can result in tactical fixes, leading to both redundancies and disparate controls.

A more comprehensive approach for the front office

The time has come for the front office to strategically design and invest in a more comprehensive approach to respond to and manage banking regulations, as well as an expanded business and control agenda. In a period in which we expect a continued uneven and divergent playing field across regulatory supervisory approaches globally and within and among jurisdictions, demonstrating a strong control environment will be critical.

Our view is that there has been too much reliance on the second line of defense in responding to various regulatory requests. As a result, the front office often doesn’t have a comprehensive view of the foundation (controls and processes necessary to achieve management and regulatory objectives).

Building the foundation: Three pillars

A macro trend in the industry is an increased interest in automation and digitization of processes and controls, along with investments in cognitive technologies and analytics to enhance data analysis capabilities and reporting. But before one can begin to strategize about automation, the foundation of the processes and controls must be well-understood.

The business operating model must be enhanced and realigned to support strategic organizational vision and priorities instead of the laboring tactical fixes. And it must prioritize a business-led approach with support and participation from all control functions. Lessons may then be aggregated at both the functional and cross-functional levels.

To improve the front office’s response to banking regulations, we recommend focusing on three fundamental pillars:

• Business operating model
• Business controls and processes
• Continuous improvement and sustainability

Investing in technology and automation

Global banks are taking a much closer look and investing in automation and cognitive technologies. Automation can significantly streamline existing processes and activities to create greater efficiency and provide employees with time to focus on more strategic areas.

At the moment, robotic process automation is most widely used in banking and securities to automate workflow or routine and repeatable tasks. But other methodologies such as business process management and business decision management, when applied with the right tools, can be used to automate highly complex end-to-end business processes. They can also further support real-time decision making and the evaluation of regulatory requirements against complex front office processes.

Back to top

How to get started

The front office is responsible for a wide range of processes and controls. Therefore, the first step to strengthening the front office’s delivery against banking regulations should be obtaining an enterprise view of the supporting business control framework and system architecture. Areas that should be highlighted in this review include:

• Key regulations and control areas that are driving regulatory findings and issues
• Tactical manual fixes that are creating internal audit and regulatory pressure points
• Product, legal entity, and account hierarchies, to ensure the ability to drive controls across the three lines of defense
• Instances of over-reliance on the second line of defense without understanding the first line’s control processes
• How the business is organized to meet process and control expectations
• How rule engines can be applied to front office/trading systems versus embedding them in each front office system
• Financial; corporate risk management; conduct, operational limits, and monitoring capabilities; and business, product, and personnel hierarchy structures to move toward establishing focused front office business dashboards

Front office digitization will create efficiency benefits, along with improvements in cost-effective quality, scalability, and resiliency. It can also help mitigate risk and control costs for the enterprise.

By embracing regulatory complexity, banks can take the lead in digitizing their front office and better navigate the uncertainty of regulations—now and in the future.

To learn more about regulatory compliance for banking and securities, read the full report: Reimagining the role of the first line of defense.

Back to top

Get in touch

Monica Lalani
Principal | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP

Richard Rosenthal
Senior Manager | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP

Tim Barney
Senior Manager | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP

Malik Dzirlo
Senior Manager | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP

Rohan Kakar
Senior Consultant | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP

Irena Gecas-McCarthy
Principal | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP

David Wright
Managing Director | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP

Chris Spoth
Managing Director | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP