Banking regulations and compliance
The nature of the banking business—and people’s understanding of what banking is—continues to evolve in ways that challenge industry players as well as state, federal, and global regulators. We recommend organizations keep an eye on the fundamentals while, at the same time, preparing for new laws and regulations in emerging focus areas such as climate, financial inclusion, and digital assets.
Among the topics presented in our 2022 banking regulatory outlook are:
- Regulatory perimeter – Several banking activities occur outside of the federal bank regulatory perimeter and are instead addressed at the state and local levels. This model is coming under increasing pressure with digital developments like stablecoins and decentralized finance. However, absent a crisis, given the closely divided Congress and midterm elections, regulatory advancements may come from agencies instead of through legislation.
- Governance and core risk management – Ensuring that foundational risk management, governance expectations, and strong internal controls (including the three lines) are implemented, operational, and owned by both board and supervisor-level employees remains a critical industrywide call to action, even more so in newly emerging risk areas like remote and hybrid work.
- Compliance and anti-money laundering (AML) – The compliance perimeter now covers new areas such as board governance and third-party risk management, along with detailed requirements in prudential risk management areas such as capital and liquidity management. An effective compliance management system should effectively cover all new and nontraditional areas in addition to the more common ground of consumer protection, AML, and the Bank Secrecy Act. With AML reform underway, banks must strike a balance between maintaining compliance and adopting new approaches.
- Consumers and consumer protection – Building on the momentum and renewed focus on consumer protection, we expect that banking and financial regulators will accelerate consumer-related supervision and enforcement activities in 2022, with particular focus in areas such as fair and responsible banking.
- Capital and liquidity – While capital and liquidity planning will likely continue to be unusually complex in 2022, regulatory expectations remain in flux. The need to demonstrate resilience under stress could require higher capital and liquidity levels along with more sophisticated contingency planning.
- Data infrastructure and technology resilience – More than ever, data is critical to identify and manage emerging risk and develop risk mitigation responses. This results in a need to look at a technology strategy alongside a data strategy and consider integration and legacy systems; data availability across the firm; privacy, protection, and data security; and analytic capabilities and resiliency.
- Cyber and operational resiliency – Increases in cyberattacks, data breaches, and service outages have steered bank leaders and regulators to focus on managing operational and cyber risks.
- Third-party risk management – Third-party risk management (TPRM) is a cornerstone of non-financial risk for banks, and banking regulators understand that the banking ecosystem is expanding and integrating with other industries. This, in turn, is changing the way banks operate their TPRM programs in three areas: agility and responsiveness, consolidation, and expansion.
- Digital assets – In 2022, regulators will likely take a more active role in regulating digital assets in two areas: (1) regulated financial instruments (e.g., deposits, futures, securities), and (2) regulated entities (e.g., banks, broker-dealers, money transmission entities). Flexibility will be essential as the rules unfold, and firms will need to respond quickly.
- Climate – We expect US financial regulators to continue accelerating their climate response in 2022, specifically around seeking to improve the quality of stress test data collected and embarking on cross-agency information-sharing arrangements.
add a comment
