Learnings from the ABA Risk & Compliance Conference

North Highland was present at the latest ABA Risk & Compliance Conference, sponsoring a booth and attending over a dozen sessions to learn about the latest trends in the market. The conference draws approximately 2,500 attendees per year and facilitates meaningful conversations between Financial Services industry leaders and risk & compliance experts. Check out this year’s major themes and our key takeaways below.

The Risks of AI

• Senior management cannot ignore the responsibility for AI decision-making. Leaders must be acutely attuned to decisions generated based on the data, for AI within their organization as well as among third-party providers.
• Gaining a deep understanding of the inputs and outputs of GenAI models is critical to minimizing the risks of AI. Factors such as data governance, data input drift, explainability, model output drift, and policy risks are all critical components.
• Use the same risk and controls self-assessment (RCSA) framework across the organization because risks are risks and require controls to mitigate them – agnostic of technology/platforms.
• Create a horizontal panel of AI SMEs that meet to discuss their observations and the resulting questions.
• Develop AI quality assurance processes to ensure bad data doesn’t produce bad outputs.  

Risk & Data Governance

• Financial institutions (FIs) should have a risk-based approach in determining the various levels of data and records to apply the correct rules for governance.
• An FI should have a comprehensive inventory of data, where it is housed, and the systems that use it.
• Removing duplicate data can reduce storage costs and the time it takes to locate data, increasing efficiency.

Fees: From Overdraft to NSF

• Regulatory agencies are cracking down on unanticipated fees and those that result from operational issues within FIs.
• The spotlight is on check representment Non-Sufficient Funds (NSF) fees, which are considered unfair if unavoidable for the consumer.
• Banks should rewrite policy changes that are oriented toward the consumer, and should ensure that operational challenges do not compound the occurrence of fees.

Third-Party Risk Management

• A recent publication by the Federal Regulators provides consistent guidance for the oversight and management of third-party vendors for FIs.
• Banking as a Service (BAAS) has exploded in popularity and with it comes an onslaught of new risks. The risks span payment process providers, digital wallet providers, lending platforms, and e-commerce platforms.
• Key risks include operational failures (systems and service disruptions), compliance and regulatory (non-compliance with laws and regs), financial risks (liquidity management), and technology risks (cyber and data breeches).
• Proactive and comprehensive enterprise risk management programs are critical to helping manage these risks.

Combatting Top Fraud Risks

• Top fraud risks, including Identity Theft, Phishing Attacks, Account Takeover, Synthetic Identity Fraud, and Business Email Compromise, remain consistent over the last year.  
• The key challenge in combating these trends is the competing desires from consumers and FIs. One wants frictionless transactions and the other wants to reduce fraud losses.
• FIs are required to implement defense mechanisms make it more difficult for criminals to commit fraud. Another way to combat fraud trends is customer education, but the investment required to comprehensively educate people on existing and emerging trends is costly.

Feeling the pressure of ongoing regulations affecting the financial services industry?