Brian Parker

A holistic, integrated approach to protecting banks and insurers in the digital age

Both banks and insurers are facing an ever-growing burden of regulation, along with increasing risks from sophisticated fraudsters who continue to bypass and evade controls. As a result, compliance and security risks are escalating, and protecting the business and customers has moved to the top of executive agendas in each industry.

In 2017, CGI conducted in-person interviews with more than 1,300 client executives across 17 countries, including bank and insurance executives. Mounting regulatory and security standards, along with the growing threat of cybercrime, were among the top five trends cited by bank and insurance executives, and addressing each trend were among their top five business and IT priorities.

Moving beyond “siloed” solutions

A key challenge for banks and insurers is how to best manage fast-evolving compliance and security risks in light of other pressures, including the acceleration of digital transformation, increasing consumer expectations and overstretched operations and budgets. Banks and insurers are looking for the right strategy and approach for ensuring the highest level of compliance and protection while also allowing them to invest and drive performance in other strategic areas of their business.

Many organizations have responded to today’s compliance and security challenges by implementing a series of disjointed solutions. This siloed approach, however, has proven to be both costly and inadequate. When it comes to effectively managing regulatory and security risks, a holistic, integrated approach that covers all corporate bases—people, processes and technologies—is required.

Implementing a holistic strategy

The siloed approach some organizations have taken puts more focus on certain critical areas at the expense of other equally important and effected areas.

For example, in response to new regulatory schemes such as the European Union’s General Data Protection Regulation (GDPR), some banks and insurers are spending millions on technology and processes to discover, capture and report relevant data. They also are running into challenges with inconsistent data, data sitting with third parties and poor quality data. This is impacting their ability to properly aggregate data and report risks. As a result, they’re running into unexpected issues that not only require time and effort to resolve but also are difficult to address in isolation.

What’s needed is a holistic compliance and security framework that covers all critical areas, including the following:

  • Risk aggregation and reporting: Encompasses anti-financial crime strategies, operational, financial and vendor risk management, risk governance and technology, IT production controls, and risk model automation
  • Process automation and improvement: Includes robotic process automation, intelligent self-learning and workflow/case management
  • Data analytics, quality and governance: Ensures strong data quality and governance to drive accurate data analytics
  • Cybersecurity, privacy and identity management: Involves the assessment and analysis of potential cyber risks, the continuous monitoring of threats in real-time and the implementation of necessary defenses

A single system can’t cover all of these essential functions, so disparate systems remain unavoidable. However, a single framework or platform with the right digital enablers can bring together core systems to make them function better. The end result is a holistic, integrated approach that delivers a wide range of benefits, including the following:

  • 360 degree view of risk across the enterprise
  • Complete risk profiling and reporting
  • Holistic and faster risk mitigation
  • Improved data accuracy, timeliness, completeness and adaptability
  • Improved regulatory compliance and reporting
  • Improved monitoring, detection and mitigation of financial crime
  • Reduced cost and complexity
  • Increased competitiveness and consumer satisfaction

CGI is working with banks and insurers across the globe to transition from a siloed to a holistic approach to compliance and security. In future blogs, I’ll share more on the key areas that need to be covered by a holistic strategy based on our experience and the results we’re achieving for our clients. In the meantime, if you want to discuss what I’ve outlined above and/or your organization’s specific challenges, feel free to contact me.

Blog moderation guidelines and term of use