Regulation in the Banking Industry: Blame the Regime, Not the People

Regulation in the Banking Industry: Blame the Regime, Not the People
By

Our regulatory regime is broken. There’s a lack of controls in place, or at best, bad controls in place. Regulation is all about safety and fairness. Yet outdated processes, documentation, and reporting are absolutely killing banks’ ability to support those ideals.

As this quarter’s poster child for the broken regulatory regime, Wells Fargo is getting hammered. And rightly so. But people seem to be pointing fingers in the wrong direction—or at least in an incomplete direction. Sure, the CEO is at fault. Yes, the fired employees are 100% wrong. But, at a global level, I blame the game and the playing field, not just the starring players.

The price Wells Fargo will pay for lying and abusing the trust of its customers goes well beyond the $185M fine. According to a new study released Monday by cg42, the bank stands to lose $99 billion in deposits, $4 billion in revenue and as much as 30% of its customer base. Wells Fargo’s stock took a major hit, its brand is in the gutter and it has lost significant consumer trust.

How we got here

While there really is no monolithic entity called “the government,” I’ll use that as a proxy for the dozens of actors, statutes, and regulatory regimes in the U.S. and abroad. While they are all quite different from one another, they tend to default to metrics that are largely volume-based (“How many reports did you file?”), forcing banks like Wells Fargo to build more pipeline to churn out more reports, so as to not run afoul of the regulators and jeopardize the company’s capacity to execute its primary mission.

It’s a lose-lose for both regulated and regulator. Here’s why:
First, quantity too often trumps quality, sucking resources dry. Banks are forced to produce a surplus of documentation for the sake of documentation, and to undertake process for the sake of process. Regulators are buried in paperwork that only sees the light of day if an external event sparks an investigation outside of the standard reporting regime.

Secondly, the data banks produce is neither liquid nor intelligent. Banks are trying to be compliant using non-liquid data that is exceedingly difficult to search: their officials must dig through disparate databases or stare at old computers screens with pictures of PDFs. Within this regime, compliance is based on post-hoc tail chasing, not in-the-moment analysis.

It’s a mash-up of not enough resources and not enough technology. The bank loses. The regulator loses. But the biggest loser is the customer, whose protection suffers as a result of this ineffective information flow.

The path ahead

Right now, many in the industry view compliance as a necessary evil: a burden that’s annoying and costly. And when you’re forced to do something, the end results tend to suffer. The role of compliance needs to shift. It doesn’t have to be another hoop to jump through. It can and should be a company’s lifeline and intelligence core. What’s the fix? Proactive regulatory enforcement and more efficient regulation. The fix hinges on companies seeing data as an enterprise asset—not just a means to manage risk, but a path to deliver better outcomes, be it regulatory and statutory compliance or revenue generation. The fix also relies on liquid data—data that’s in context, is easily accessible by the entire company, and can be seamlessly joined with other datasets to provide the big and small picture for any demand, on demand. 

By rendering their data more liquid, banks could allocate resources quicker, turn data into insights quicker, better target limited resources to areas most lacking in safety and fairness (tackle the worst first), and ultimately, create real intelligence to identify crimes a whole lot sooner.

Imagine further a regulatory regime that allowed the government to prioritize targets. Instead of applying a limited pool of government analysts and enforcement personnel scattershot, regulators could prioritize workflows, helping to increase the safety and fairness return for regulator man hour. Better data management means better intelligence, which makes for better banks and better oversight.

What’s a fall guy to do?

Intelligence is the only way to prevent an inevitably similar situation to the Wells Fargo scandal from happening again. There are troves of intelligence trapped in compliance data waiting to be unlocked by compliance personnel, who happen to be some of the most creative intelligence analysts in the information business. It might not look like fraudulent account creation or mortgage-backed securities, but somewhere there’s a devil the banks are looking away from in order to make more money. 

At the end of the day, no reasonable financial institution wants to engage in criminal activity. They’re all watching what’s unfolded in Congress the last couple weeks with equal measures of horror and internal scrambling to ensure they too haven't missed something. But it is folly to believe that the same dysfunctional regulatory regime that gave rise to Wells Fargo's troubles isn't creating similar problems elsewhere. 

If regulators don’t impose data infrastructure rules, which at this stage seems unlikely, every financial institution should re-examine how it leverages intelligence inside its organization. While a bank CEO can’t enforce angelic behavior from employees all of the time, that CEO can be vigilant about data intelligence. The press often says, “This should be a wake up call.” That doesn’t cut it.

With today’s sophisticated technology, there’s no reason banks shouldn’t always be awake and alert. The technology is there to automate, integrate, normalize, and process data at a massive scale. With proper infrastructure, real anomalies will be fewer and farther between. Relying on humans to self-report conduct, given the known lag between conduct and its scrutiny, is begging for disaster. 

Data intelligence needs to be more sophisticated. Scrutiny must get smarter. And compliance can no longer be thought of as simply reporting; it must be thought of as profit preservation. Robust vigilance is the only way to preserve the best interests of a bank, its brand, employees and consumers.

If government gets more intelligent, regulated entities will no longer have to modify their entire organization to meet the requirements of an outmoded regulatory mindset that conflates process with substance. By making data more liquid, the regulatory regime gets out of its own way. Banks can prevent catastrophes and consumers will benefit from the safety and fairness that regulation promises. Everyone wins. Everyone except the bad guys.