Handling the Governance Risk and Compliance Albatross as it Comes
Common consensus was that only death and taxes were certainties in life. Today, however, I am not so sure as other certainties have reared their heads to challenge this, one of these is the ever changing and evolving regulations affecting all aspects of life.
Every industry that we specialize in has its own degree of continual change and regulatory stress that require focused expertise to understand. For NIIT it is critical that we stay abreast of this continual change so that we can advise our clients on (1) how to remain compliant and (2) how to derive business value-add from their investments.
Take for example the recent changes within the financial services domain around the London Interbank Offered Rate (LIBOR) and California Consumer Protection Act (CCPA).
Since 1986 LIBOR has been used as a reference rate to price or hedge financial products across 5 currencies. It is calculated on the unsecured overnight rates banks charge other financial organizations daily. These rates are submitted by 15 global banks, administered by the Intercontinental Exchange (ICE) and overseen by the UK regulatory body Financial Conduct Authority (FCA).
Since the financial crash of 2008, there has been a significant reduction in the volume of interbank unsecured term borrowing, since this is the basis for LIBOR it has called into question its ability to continue playing its designated role. This, along with the concern over the ability to manipulate has seen a concerted push to replace with alternate reference rates. In 2017 the FCA announced that LIBOR panel bank submissions will become discretionary from December 2021, meaning that the submitting banks are no longer compelled to provide rates, thereby creating uncertainty on its future.
It is estimated that the total notional value of products today is worth $250Tn. It is also worth noting that; as well as corporations and institutions, an estimated 15-20 million retail customers hold products that reference LIBOR. Firms are waking up to the need to act.
Replacing LIBOR is a major challenge, the sheer number of contracts that need to be reviewed and subsequent actions taken is daunting, firstly, they need to determine which out of the 1000’s, sometimes millions of contracts referencing LIBOR will mature prior to 2022, which have fallback criteria, what the fallback criteria is and then decide whether action required. Once shortlist of contracts identified, these must be re-negotiated, resulting in amendment or novation.
However, the resolution is significantly more complicated, firstly, replacement reference rates are not economically equivalent (e.g. Secured Overnight Financing Rate for USD, which as name implies factors in credit risk), secondly these new rates are at different states of readiness and thirdly, inertia by the firm and other parties to renegotiate contracts due to profit & loss reset implications. On this last point, there is also the financial, regulatory and reputational risk arising from such change. All of this has to be addressed before you get into the implementation, the impact on downstream legacy systems that use LIBOR.
Again, the complexity is compounded by firms use of LIBOR for adjacent processes, it is integral to risk management, valuations/mark-to-market, funding costs and accounting. It is hard to overestimate the challenges faced by those impacted.
Similarly, the CCPA or The California Consumer Privacy Act is a piece of consumer privacy legislation which passed into California law goes into effect on January 1, 2020. The bill, also known as “AB 375,” has been described by some as “almost GDPR in the US.” There’s a rising potential for this law to be adopted nationally as lawyers are in consensus that companies will just apply the CCPA nationwide—especially in the light of larger societal trends in favor of privacy.
To comply with the CCPA, businesses that have other companies process their data will need to update their third-party contracts including inserting standard-contractual clause language; requiring vendor data inventories; using due diligence questionnaires; providing records of processing; requiring the syncing of consumer response processes; requiring onsite assessment and auditing; and requiring mapping of the specific data elements shared with each third party, including designating those transfers that qualify as “selling.”
Both of these current regulations require a skilled understanding of the business and legal impacts of the impending adoption as well as a robust technology solution suite that relies on data integrity, reconciliations, character recognition, automated intelligence (including workflows), intelligent operations and a hyper-sensitivity to uncovering new competitive opportunities while digging into the details.
The GRC market is projected to reach a value US$ 47.1 Billion by 2024, expanding at a CAGR of around 11% during 2019-2024. We, at NIIT Technologies, have embraced the constant that GRC is an ongoing certainty and are currently driving deep domain solutions across all our focus industries, leveraging our advisory teams and technical business units to solve the business problems with amplified outcomes and immediate impact.
These aforementioned regulations are not the only regulations that are looming over the heads of our clients like a “Sword of Damocles.” Further, there are new requirements for Sustainability, Environmental, Social and Governance (ESG) investment, and Explainable AI (EXI) reporting methods that continue to focus on social and privacy issues. Additional new regulations such as the New York Department of Financial Services (NYDFS) Cybersecurity Regulation require financial services companies to establish and maintain a risk-based cybersecurity program and supporting capabilities. The SEC Rule 613, or CAT NMS (National Market System) Plan requires that a comprehensive Consolidated Audit Trail (CAT) enabling regulators to efficiently and accurately track all activity throughout the US for listed equities and options be phased in throughout 2020-2021. Specific to the insurance industry are the changes to the AM BEST rating to include innovation scoring and new changes to IASB and FASB standards for best estimate cash flows and resultant cash flow projection for mortality purposes for IFRS17 and LDTI modelling. As the travel industry further evolves, revolutionary changes in the use of Artificial Intelligence (AI), Virtual reality (VR) and Machine Learning (i.e. predictive analytics) and facial recognition software will struggle to keep up with the same privacy, fraud, compliance and risk issues faced by all industries.
NIIT Technologies is positioned as a strong partner to address the GRC albatross and have invested in the skills and experience needed to provide the requisite solutions for the future.