Partner interview: EY on the future of supervised compliance – part two

In the first part of our Q&A with EY’s Pierre Pourquery, who leads the Control and Compliance solution for Europe, Pierre outlined the challenges faced by companies in banking and financial services (FS) and also discussed the stark need for those companies to change their entire approach to compliance and how they manage it.

In this second part Pierre goes on to explain just how OXIAL and EY are perfectly positioned to help with such a transformation.


Banks can be so big and complex in their structure, how do they even begin to start the process of transforming control and compliance?

Pierre Pourquery:  

That’s very true. Even a mid-sized bank will have multiple locations, in different countries and continents. They have to manage local compliance, as well as global industry compliance and there are many functions that have a role in that process.

These include compliance, risk, front office, audit, legal and the overall senior management team, all of which would a say in, or be actively involved with controls and compliance. All these functions would have multiple sub-functions, so there are a lot of people involved. They are not necessarily unified or communicating about what needs to be done, and there’s not a common methodology, approach, data or processes.


Why do banks have such a complicated structure?

Pierre Pourquery:

That’s a good question! It’s a legacy structure in many cases, and it could be argued that several of these functions are not essential, or certainly could be smaller in scope. Because these structures create complexity and make it much harder to detect risk. With all the layers outlined above, if there is an issue it is only a weak signal that is received. It is so far away from the top and is not strong enough to be noticed.

That’s where OXIAL really adds value, taking these weak signals and amplifying it so that it is strong for senior management to notice and be able to take the appropriate action. Suddenly this makes life much easier for the banks and regulators because they can tell if a control has been put in place relating to a particularly paragraph? With this functionality you can map regulation to business, to risk, to control, and much more, and proving this becomes straightforward.


How pressing is the need for banks to change?

Pierre Pourquery:  

The need is getting more and more urgent, because compliance is taking up too much time and is becoming too costly. In times when compliance was less complex, such an unified approach was less necessary, because the bank was in effect a conglomerate of entrepreneurs that were creating new products every day. So the more innovative, creative entrepreneur you were, the better. Also, they were creating new products where there was no market.

This means that nobody could compare the prices, which in turn meant there was no real constriction – the banker wouldn’t know exactly what the price of the market would be, and nor would their clients. Now things are very different. Clients can compare, regulators want clients to compare and actively encourage them to do so.

So banks have to transform, because other companies from other sectors are going to start making a serious play for their markets. Banks are aware of this of course, and most have started the process, but is it too late? Can they afford it?

Regulation is important, and right now Google and Amazon are not regulated but if they could address that and bring to market a good product, at a good rate, consumers and business alike would use that, I am sure of it.


Will the banking industry as we know it survive?

Pierre Pourquery:  

It will survive in some form, but in five years’ time FS will look very different to how it does now. The smarter banks will find a way to innovate and transform in the way that they need to. The ones that don’t or for whatever reason cannot, will lose massive market share and some will cease to exist. The entire FS industry is at a crossroads and has to make the right decision if it wants to survive.

OXIAL’s New Generation GRC solutions are entirely built to address some of the greatest challenges impacting organisations that are faced with Risk Management, Internal Control and Compliance and Audit. OXIAL’s integrated GRC platform enables organisations to become more efficient and effective in mitigating risk by integrating and automating GRC processes on a global scale.

Featuring intuitive and powerful tools that make it possible to respond to fast-evolving risk environments, OXIAL makes it easy to synchronise corporate governance, enterprise risk management and corporate compliance activities and undertake real- time monitoring across all business and IT processes and company assets. OXIAL operates globally across multiple industries and meets the needs of over 40 customers who have chosen OXIAL to drive business performance and achieve success.

Share This!