We’ve written previously about the potential of Artificial Intelligence (AI) to transform compliance. The power of AI to process, manage and analyse large volumes of data, accurately, quickly and efficiently means that is very suited to certain elements of compliance.
GDPR is a perfect example. It requires huge volumes of data to be checked for compliance and using an AI-based automated tool makes a great deal of sense. But generally GRC teams have been mostly resistant to the use of AI in compliance.
What is behind this slow adoption and could 2019 be the year that AI truly has an impact on regulatory compliance?

It’s clear to anyone that works in risk management, that it is harder than ever to manage and mitigate risk. The risk landscape in 2019 is increasingly complex and interconnected, and risks are no longer constrained by borders or bound by industries as they once were.

Global forces and global risks shape what happen at a regional level. We have previously made the argument that the Chief Risk Officer has become the most important role in an organisation and that is as true for organisations in Africa and the Middle East as it is for companies in the US, Europe and Asia.

The role of the Chief Risk Officer (CRO) is by no means a new one. Risk has always existed in business and there have nearly always been people in business who’s job it is to manage, minimise and mitigate that risk.
But the past decade has seen the emergence of a greater volume and type of risk than was around previously. The nature of geo-political, regulatory, cyber and technology risks mean that modern businesses face greater challenges than before and this has changed the role of the CRO for good.
It was once a role that existed mostly to mitigate more traditional risks to a business – although an important role, it was relatively low profile and not one that was centre-stage in the business. But because the nature of risk has changed so radically, so have the requirements expected of a CRO.

The pressure on compliance teams in Financial Services (FS) over the past decade has been enormous. Increased regulation, globalisation and a conservative approach to technology in many compliance teams, has left a number of banks and other FS providers struggling to make their compliance function truly effective.

It’s not a situation that is likely to improve in the short-term. Accenture’s 2019 Compliance Risk Study surveyed 151 senior compliance executives at banking, capital markets and insurance institutions globally, and revealed that 71 per cent of financial institutions’ compliance departments are facing a cost reduction target. 64 per cent of those are targeting budget reductions of between 10 and 20 per cent over the next three years – a considerable reduction when you think that many compliance departments would already consider themselves under-resourced.

Insurance is a sector that has been slower than most when it comes to digital transformation and the use of digital solutions to address traditional challenges and introduce new products and services. With methods and processes established decades ago, there is a conservatism that pervades across much of the insurance industry, and it has also been held up by legacy technology that makes digitisation much harder than is desirable.

But market forces over the past five years have combined to make addressing digital transformation more urgent and a key priority for insurers. To respond to these market forces, digital risk and compliance is going to be essential for the insurance industry.

It is not uncommon for CEOs and other board members to talk a good game when it comes to cyber security. They discuss in public the seriousness with which they approach managing cyber security, and talk internally about the need for vigilance and for all employees to be mindful and smart on matters relating to security.

But the reality can be very different. Many CEOs are often just paying lip service to cyber security, without allocating the required investment in staff and infrastructure that modern security and risk management requires.

This past year or so in Europe has witnessed an almost unprecedented number of new regulations that Financial Services (FS) firms must adhere to. We have seen new legislation including GDPR, MiFID II and PSD2 introduced, additional regulatory hurdles to navigate for an FS industry that was already one of the most heavily regulated in the world.

This has significantly increased the pressure on GRC teams within FS firms. Not only is there more regulation but the penalties for non-compliance have increased too, which means compliance functions will be tested like never before.

As one of the world’s foremost GRC providers, recognised by analysts for the strength of our technology and working with an array of blue-chip customers across a variety of industries and territories, we are obviously major advocates for an efficient and effective GRC function.

Remaining compliant with relevant regulation has become a much more involved process over the past decade or so, while at the same time there is more risk to businesses than at any other point in time. Organisations have to do much more to demonstrate compliance and it can be a significant undertaking that requires time, resource and the right technology platform to get right, while managing and mitigating risk is a long-term and on-going task.

At Oxial we choose our partners very carefully, preferring to only work with companies and consultancies that really add value to our own proposition and technology. One such partner is EY, which fits our supervised and digital compliance model particularly well.

With Oxial’s technology to automate controls and processes around compliance legislation, in conjunction with the vast industry expertise and understanding offered by EY’s consultants, there is a powerful proposition for any organisation that wants to approach compliance in a more joined-up and modern way.

We’ve written previously about how Brexit is the ultimate in risk management. Organisations must fully understand their level of exposure to Brexit – what is their supply chain, who do they trade with and what the likely impact of Brexit will be?

They can either make changes ahead of time to mitigate that risk or at least put in place contingency plans for the future. That’s a hard task right now because of the sheer uncertainty involved with Brexit. Even now, with just over a month or so until Brexit takes place, we do not know what form it will take or even if there will be a deal or not.