The financial services industry in Australia is facing great disruption, with the rise of cybersecurity threats, ongoing regulatory pressures, and new industry players like RegTechs and FinTechs.
Shane Baker asks Peter Deans, Chief Risk Officer at BOQ, about high-level strategies CEOs and leaders can use to effectively manage risk and compliance at a time of uncertainty.
With over 25 years experience in senior banking and risk-management roles, Peter is a proven expert in strengthening risk culture and frameworks to future-proof organisations.
How can organisations adjust their approach to compliance to meet current demands?
I think it’s important for organisations to recognise that the increasing regulatory pressures are reflecting a rise in community expectations. At BOQ, we’ve been focusing on regulatory and compliance issues from an ethics perspective.
We encourage people to think about doing the right thing for the bank and customer in any situation. Rather than relying on a compliance framework alone, we’ve been focusing on training and education that encourages people to make ethical decisions.
What are some key leadership qualities that you believe can help organisations stay competitive?
It’s a cliché, but a culture of high performance does start from the top – especially in challenging regulatory and compliance environments. My main advice for CEOs and leaders is to ensure your business is built on sound foundations, with sustainable sales practices, and sustainable target customer segments that can pass muster in this changing environment of increasing regulator, political and community expectations.
What do you believe regulatory bodies could do to assist the market better with compliance/regulation processes?
Many regulators are moving towards more principles-based regulation and this should always be the starting position. I think technology is the best hope for regulators themselves to be more targeted at what they’re looking at.
ASIC, for example, is already looking towards greater use of data analytics to identify anomalies in the areas that it regulates. RegTech also offers a lot of opportunities for both regulators and organisations to better manage regulation and compliance.
In the short term, it’s a matter of looking to access existing technology to innovate and to look at making processes smarter and more efficient.
What is the role of RegTech in helping organisations become more cyber resilient?
Cyber security is clearly the number one enterprise risk facing all organisations today. The experience we’ve had at BOQ, and from observing more broadly across all industries, is that organisations need to quickly focus on getting the cybersecurity basics right. The majority of cybersecurity incidents still come from simple break-down in processes and/or human error.
RegTech offers a lot of scope to improve cyber resilience – but for the immediate threat, getting the basics right is crucial. Large banks and financial institutions clearly have more to protect within their businesses and are more exposed to cyber threats, so they have the scale that enables them to access some of the emerging technologies the RegTech sector. For most organisations, the threat can be dealt with using existing technologies and vendors.
What should organisations be doing to embrace emerging technologies while remaining customer-centric?
One of the lessons learnt from the emergence of FinTech is that the incumbent banking players are too slow to move and, despite the rhetoric, are not as customer-focused as they need to be.
The emergence of FinTech has been a welcome wake-up call to complacency that’s clearly existed across banking and financial services.
In the next 12 months, how can organisations stay ahead of change and disruption?
The changes ahead will involve the increased use of technologies such as cloud computing, as well as the rise of automation. Cloud has many benefits, including lower cost with data security, privacy and regulatory requirements.
Many processes that currently have a significant level of human intervention will move to partial if not full automation. CEOs and leaders can take advantage of these opportunities to reduce error rates and overall time, process and cost, as well as improve the customer experience in the long-term.