Blog article
See all stories »

What cost compliance?

When regulators lay out massive fines for non-compliance they flood budgets with money, where previously there was (presumably) little or none. When HSBC was fined US$1.9 billion by US regulators it effectively made a US$1.8 billion investment case within the bank for anti-money laundering technology.

However, banks are hard up for cash, what with the Basel III capital adequacy requirements, falling revenues in many lines of business and a degree of paralysis brought about by the shifting sands of regulation.

That made the announcement on 15 September that several banks and financial services firms plan to share customer data in a single data repository sound very sensible indeed. The concept of sharing customer information for these purposes has long been discussed and in the UK ‘informal’ sharing of customer data has been a practice for many years.

It raises a few issues. Firstly, as data security is paramount in jurisdictions like Europe, the ability to share customer data can be held back by regulation or law. Secondly the responsibility to identify suspicious behaviour will still sit with the bank, and outsourcing the task to a third party, in this case Markit and Genpact, could put a bank’s family jewels in the hands of another party, without passing over the responsibility.

From a cost perspective it makes sense, but it does not address some behaviour found in recent cases that have led to fines, such as accepting large cash deposits in a country with a high murder rate and transferring them across a border to a country with a more successful rule of law.

If it goes ahead the project could be a great opportunity to use the new generation of data management technology. The ability to scan through data such as customer records for unusual patterns has greatly been enhanced by use of open-source, Hadoop-type distributed data storage and retrieval architecture, which could be employed by Markit and Genpact to create a very flexible facility, built-to-purpose.

Nevertheless, the management of customer data and identifying where responsibility lies must be paramount.


Comments: (0)