Unraveling Risk and Compliance Trends in 2024

Over the last few years, risk and compliance function has been a top priority for many banks and financial services organisations, with initiatives spanning across adoption of newer regulatory compliances, stress testing, model risk management, and focus on emerging risks like climate risk, to name a few. Come 2024, as per industry reports, the spend in risk and compliance is expected to grow by 14% in 2024 with the spotlight around heightened regulatory scrutiny, newer regulatory initiatives, and technological adoptions to drive optimisation and efficiencies within the function which will eventually help to meet the business demands and expectations for 2024 and beyond.

Some of the top focus areas which will be on the radar of the risk and compliance office are mentioned below.

1. Finalisation of Basel III end game for US banks – The Basel III end game will bring a host of changes and compliances which will be targeted towards US banks with asset sizes of USD 100bn or more. The changes predominantly will be in capital management, adoption of regulatory models and reporting. The changes will have an impact on bank’s existing policies and controls which need to be aligned to the new regulation. It will also encompass additional data requirement for reporting purposes. The heightened capital requirements may also have an impact on the lending and trading activities of the banks.
2. Increased regulatory scrutiny – In the backdrop of failure of a few banks in early 2023, there may be increased regulatory scrutiny of banks in terms of existing risk policies, risk controls, risk data management, model management and regulatory reporting, which may result in remediation programs across the pain areas which will be highlighted by the regulators in their findings through MRA’s (matters requiring attention) or MRIA’s (matters requiring immediate attention).
3. Focus on data governance – Regulators continue to focus on organisations data governance policies, procedures and controls which are key aspects for efficiently managing data collection, data usage, data sharing with third parties and data protection. Many banks and financial institutions are continuing to invest and strengthen their existing data capabilities around data privacy, data traceability, and newer data reporting requirements.
4. Leveraging Gen AI – Generative Artificial Intelligence or Gen AI adoption is gaining a lot of traction. Many banks are looking to invest and leverage Gen AI based interventions in risk and compliance processes as well. As the adoption is in the developing stages, Gen AI is currently being leveraged more as an enabler to achieve efficiency in the existing processes. Some notable use cases for adoption include knowledge compounding , narrative generation in regulatory reporting and automating business requirements for compliance.
5. Greater focus on cyber risk management – Increasing digital reliance is making banks and financial institutions more vulnerable to cyber threats, which is resulting in more investments in areas of cyber threat detection and response systems.
6. Third Party Risk Management (TPRM) – Mitigation of third-party risk is becoming increasingly challenging given the interconnected business environment. Also, many financial institutions are becoming increasingly reliant on third parties to ensure smooth business operations, scale up internal teams, increase efficiencies and introduce innovations. Apart from regulatory guidance, banks are also continuing to invest and establish a robust and a well-defined TPRM framework to manage the TPRM lifecycle encompassing onboarding, due diligence, monitoring, and reporting.
7. Environmental Social and Governance (ESG) initiatives – Banks are increasingly adopting ESG as integral components within their business strategies. Within risk management, banks are incorporating ESG criteria in their risk assessment processes to evaluate long term sustainability of investments, which aligns with the social expectations and also mitigate risks associated with environmental factors.

The risk and compliance landscape in 2024 is marked by dynamic shifts and strategic adaptations. Artificial intelligence and data analytics will continue to play a pivotal role in enhancing risk assessment and compliance processes. The recognition of the interconnected nature of risks has led to a holistic approach, with a heightened focus on environmental, social, and governance (ESG) considerations. Looking ahead, the trajectory suggests sustained investments in technology, agile compliance strategies, and a commitment to ESG principles. These trends collectively reflect an industry-wide shift towards more tech-driven, holistic, and adaptive risk and compliance practices in 2024.

The views and opinions expressed in this article belong solely to the authors and do not represent those of the authors’ employer organisation.

The author, Ajay Katara, is a Consulting Partner and Heads the RegTech Portfolio in the Banking Risk Management area at Tata Consultancy Services (TCS). He has extensive experience of more than 19 years in Business Consulting, Transformation and Solution design space, cutting across regulatory compliances like Basel, CCAR, AML, BSA, to name a few, and has worked with several financial enterprises across geographies. He has significantly contributed to the conceptualisation of strategic offerings in the risk management space and has been instrumental in successfully driving various consulting engagements.