The financial regulatory standard Basel II came into effect last November, leaving the banks wheezing in the wake of a massive two-year effort to get their data in order. Such an undertaking was opportunity to consolidate and optimize their data stores, but, say analysts, most banks are not capitalizing on this opportunity—or the resulting customer service benefits.
While everyone likes the sound of a “customer-centric business model,” it can, admittedly, be hard to actually get there when managing a complicated compliance project, and chasing down one-sided information secreted away in multiple locations.
Said Doug McKibben, research vice-president of banking with Gartner Research: “Compliance and risk are starting to align. But it’s often still siloed. When it comes to customer relations information aligned with operational risk information or performance data, a recent Gartner study found that less than 50 per cent of businesses are not doing this. All have built their compliance systems separate from their core business functions, so they’re not taking advantages of the opportunities there.”
EDS head of financial services, consulting, and solutions for the Americas Dave Cassie agreed that Canadian banks are not adequately leveraging the knowledge gleaned from Basel II compliance for gain. “It’s now been implemented,” he said, “But they haven’t figured out how to use that wealth of knowledge to translate into value for their shareholders. They’ve already invested all this money into reducing overall risk, which is tied into their operations and sales systems. They should be able to provide better pricing information for their clients, offering risk-adjusted pricing and a much better portfolio.”
According to the analysts, the integration of a good data set and the analytic engines installed as per Basel II compliance could indeed interact with the pricing and operational systems to produce more client-specific products and prices, improving customer service and augmenting marketing and sales data.
TD Bank is one institution that is keeping this goal in mind. “(The) predictive models (we used for our Basel II implementation) are great, but they need maintenance and fine-tuning—they have to be monitored and adjusted as conditions change,” said Daryl Philip, manager of system infrastructure for Basel II. “They can be adapted to decisioning as well as Basel II when it comes to loan information. You can get better customer segmentation, based on risk, and thus better customer pricing.”
As McKibben said, “They need to keep the biggest picture in mind: the customer. They have to relate compliance to how to better achieve their business drivers—generating revenue.”
It always comes back to the business case. Said McKibben: “You need initiative-related compliance that can be embraced by the business, otherwise you’re just throwing away money to the regulatory authorities.” When it comes to business cases, security initiatives should be one of the easier sells, but, when it comes to a nexus of compliance, security, and collaboration, it gets a little tricky.
“The responsibility (for properly-managed data) is even greater as business managers assume more accountability for compliance with business policy and regulations such as Basel II, the Health Insurance Portability and Accountability Act, Payment Card Industry standards and the Sarbanes-Oxley Act,” Kurt Johnson, vice-president of corporate development with the Framingham, Mass.-based enterprise provisioning and access compliance consulting company Courion Corp., told Network World US. “They need to be able to answer questions associated with what data is being shared, who has access, who needs access, and who is ultimately responsible for managing the information.”
TD Bank has been dealing with these access issues in the wake of its own Basel II implementation. Philip said, “We’ve been asking ourselves, ‘How do we know who’s been using these (predictive) models?’ They could get a call from some product area and they’re like, ‘Can you run last month’s results?’ With the models at the customer (data) level, there can be abuse in how they’re used, so we are struggling with that data security and data governance. Who owns it? Who has access to it? We’re getting better, though, after an internal audit.”
Philip’s team is working toward keeping their data as clean as possible and within its own cost centres so that it and the models can’t be used in inappropriate ways. “We’re locking it down a little bit,” he said. “But it’s still a little messy!”