Event

Risk management and compliance top agenda at BankTech

Megha Banduni reports on the BankTech Congress held recently and various issues discussed at the meet

Regulatory compliance issues have made risk management a must for financial institutions. In the past, companies witnessed huge losses and eventually disruption of business as they did not manage risks properly. Learning from the past experiences, banks are getting more conscious and paying more attention to compliance. This being the background, Marcusevans organised BankTech Congress 2006, a two-day seminar on seizing opportunities, overcoming challenges and introducing innovations in the banking industry. The Congress also highlighted issues such as performance and risk management, financial crimes and strategic IT business alignment.

The seminar showcased the market needs, various challenges, and compliance issues while coming out with solutions for the these issues by conducting sessions addressed by industry’s key position holders.

Some of the key speakers at the seminar were Micky Lo, MD, Aspac IT Risk Management, JP Morgan Chase Bank, V K Ramani, President, IT, UTI Bank, Soumitra Agarwal, Marketing Director, Network Appliance, G M Shenoy, Senior Vice-president, NSE, Anuj Bhargava, Chief Innovation Officer, HSBC, Ashok Rao B, Chief, Corporate Audit Group, INGVysya Bank, Dhruv Singhal, Head, Professional Services, BEA Systems, Michael Leung, Senior VP and CIO, Bank of America, and R Bhaskaran, CEO, Indian Institute of Banking and Finance (IIBF).

Regulatory issues

Performance and Risk Management was the area of focus at the seminar. Moreover, it covered issues like managing IT risk, impact of changing business and technology on IT security, regulatory challenges, and threat and vulnerability management. The speakers also highlighted how integrating IT components and focussing on internal audit is a must for creating value among the organisations.

R Bhaskaran of IIBF while giving an update on Basel II implementation expressed that organisations need to focus on risk and asset management. He pointed out that the New Basel Capital Accord more commonly known as Basel II is a concept that speaks about improving risk and asset management to avoid financial disasters.

Bhaskaran said, “According to Basel II, internationally active banks should have capital on the basis of risk. With RBI also issuing guidelines that stipulates all commercial banks to comply with Basel II norms by March 2007, this is something they cannot ignore.”

He also stressed on the role of technology in risk management. “Technology has a crucial role in the issue. Sheer number and volume of loan accounts warrant a good IT-driven process to estimate risk and pricing of each sector. IT will help in estimating risk, not in management, that will be policy-driven,” he added.

Similarly, Ashok Rao B of INGVysya Bank emphasised on holding internal audit for adding value to an organisation’s risk management. He added that the need for risk management stems from issues such as regulatory compliance, changing business and IT environment, stakeholder’s expectations and efficient use of capital.

Data and DR

Managing data is another key issue for banking institutions. IT departments must provide access to this data to maintain service levels to their end-users, and capture and retain it in a manner that can quickly be recalled to satisfy industry-specific regulations.

In an effort to address regulatory compliance, today banks are re-examining their storage systems. Soumitra Agarwal of Network Appliance gave tips on how to select the right storage, and what are the challenges, and benefits of various storage applications.

Building a robust disaster recovery system is equally important. G M Shenoy of NSE touched upon this subject. While explaining the need for a robust DR system he said, “The biggest single risk to business continuity is the lack of conviction that a risk actually exists.”

While citing a recent survey conducted by the University of Texas he said, “94 percent of companies which do not have a tested crisis plan go out of business after a severe loss of service. And 80 percent of businesses that suffer a serious disruption and lack planning, will cease public trading within 18 months of the event.” He added, “business continuity planning is what companies and organisations require to do to avoid becoming history.”

A business continuity plan is important as it allows better service to customers, continuity in business operations, avoids direct/indirect losses and most importantly grows due to the increasing reliance on information technology. Shenoy gave the instance of the DR facility at NSE.

The changing role of the CIO

Michael Leung of Bank of America spoke about the changing role of a CIO. The session discussed the CIO as a facilitator of change and innovation. Various issues like strategic IT banking positioning, leadership skills for a CIO, and technology innovation for seizing new growth opportunities were discussed.

The role of a CIO is definitely changing from Chief Information Officer to chief innovation officer. He plays a key role in a company’s regulatory policy. Leung said, “The key skills that a CIO should have are the ability to anticipate, strategise, organise, deliver and measure. While making any strategy, the CIO should identify what kind of a bank it is—innovative bank, mass customisation bank, mass production bank or continuous improvement bank.”

Compliance is mission-critical

Compliance is no more a cost-oriented process forced upon organisations. It is now taken seriously for smooth business operations, though limited to large organisations where IT is mission-critical.

The meet intended to understand risk and compliance in the banking industry and what role IT has to play in it. It gave a thorough review on financial frauds in banks and threats such as phishing and pharming, and how to deal with them.