The financial services landscape is ever evolving, and in 2024 organizations are confronting a regulatory environment marked by unprecedented intensity and complex challenges. We’re sharing insights from several aspects of the regulatory sphere as the market is experiencing a surge in intensity, characterized not only by the introduction of net new regulations but by a high volume of issuances spanning across risk management. This includes regulatory compliance, third-party risk, enterprise risk, governance, and data.
Economic fluctuations, election-year discord, and legal actions further drive the intensity of the changes for this year. Key takeaways from our insights include a return to heightened risk standards, elevated expectations, a focus on data and model-like risks, the anticipation of supervisory and enforcement actions, and the enduring relevance of old regulations even in new areas. Regulatory expectations include supervisory intensity, a focus on agility, robust risk accountability, and the rise of risk sustainability across regulatory areas, requiring integration into financial analysis and day-to-day operations.
Regulatory attention continues to zero in on firms deemed "too big to manage," requiring strong liquidity management, resolution planning, and financial controls. Capital and valuations face mounting scrutiny, including risk calculations and stress testing. Threat actors, perpetrators of financial crime, fraud, and misconduct, are under increased regulatory focus, demanding improved detection, mitigation, tracking, and remediation. The spotlight is on fairness principles, emphasizing equitable access, treatment, and proactively dealing with product risks. And responsible systems, which encompass automated systems and innovative technologies, require a balancing act between innovation and trust building. Broad concerns around data, security, privacy, and the potential vulnerabilities within data governance are critical for meeting requirements.
The OCC has taken the lead in unveiling its supervisory strategy for 2024, underscoring an emphasis on 13 key areas.
- Asset and Liability Management
- Credit
- Allowance for Credit Losses
- Cybersecurity
- Operations
- Digital Ledger Technology Activities
- Change Management
- Payments
- Bank Secrecy Act/Anti-Money Laundering/Countering the Financing of Terrorism and Office of Foreign Assets Control
- Consumer Compliance
- Community Reinvestment Act
- Fair Lending
- Climate-Related Financial Risks
The OCC is committed to adapting its focus to address emerging risks and evolving supervisory priorities.
In November 2023, the Supervision and Regulation Report shared current supervisory priorities including activities to:
- Intensify examination efforts on banks' readiness for managing liquidity, interest rate, and credit risks.
- Promote continuous monitoring for firms with a risk profile that may lead to funding pressures.
- Establish the Novel Activities Supervision Program to oversee innovative activities, focusing on crypto-assets and technology-driven partnerships.
In December 2023, the Federal Reserve published their Strategic Plan 2024-2027 and shared their focus on fortifying the financial landscape, ensuring their supervisory and regulatory practices flow with the dynamic nature of the banking sector. The document mentions how their ongoing work assures supervision and regulation are efficient and effective through the following strategic objectives.
- Agile Supervision
- Intensify supervisory programs proportionately with a firm's growth in size or complexity.
- Identify and escalate key supervisory issues swiftly, ensuring prompt resolution.
- Foster a culture empowering supervisors to act decisively in the face of uncertainty.
- Baseline Resilience
- Raise the baseline for resilience by adjusting prudential standards to ensure banks can absorb losses under various conditions.
- Continuously modify and evaluate rulemaking, guidance, and supervisory programs to keep pace with changes in the banking system.
- Ensure the financial system is resilient to both short- and long-term challenges.
- Responsible Innovation
- Support responsible innovation that improves access to financial services while safeguarding consumers, financial institutions, and the financial system.
- Ensure supervision and regulations reflect the risks of novel activities, establishing effective guardrails.
- Promote technological advances to increase access to financial services.
- Transparency and Outreach
- Engage with stakeholders to provide education and timely guidance on relevant regulations and compliance matters.
- Broaden understanding of the Ombuds function to support transparency of the Federal Reserve's regulatory and supervisory actions.
The FDIC recently voted in favor of a proposed rulemaking to establish new guidelines aimed at instituting new directives for governance and risk management of supervised banks with a minimum of $10 billion in consolidated assets. According to the proposed guidelines, bank boards are urged to establish risk management programs that are "commensurate with the size, complexity, business model, and risk profile of the covered institution." This closely aligns with the stance adopted by other regulatory bodies, emphasizing the implementation of a three-line defense model for effective risk management. This model involves the clear communication of risk appetite and policies to foster compliance across all levels of the organization. Additionally, the proposed guidelines provide clarification of the FDIC's expectation that governance frameworks should dynamically adapt to the evolving size and complexity of the financial institution.
The SEC adjusted the timing of its 2024 Exam Priorities to align with the commencement of its fiscal year. They have opted to exclude environmental, social, and governance (ESG) investing, which is a change from the past three years. This shift is noteworthy, especially considering the increasing prevalence of C-suite roles (Chief Sustainability Officer, etc.) in financial institutions and the launch of environmental commitments featured on their websites and annual reports. Whether this is this a permanent deviation or just an exception for the current year is yet to be seen. The overarching objective of their examination strategy remains clear — to protect investors and uphold the integrity of U.S. capital markets. This entails addressing emerging risks and ensuring strict adherence to fiduciary standards and regulatory requirements in the following areas.
- Investment Advisers
- Adherence to the duty of care and duty of loyalty by investment advisers to include assessing the processes for determining best interest, economic incentives, and disclosures made to investors.
- Complex products, high-cost and illiquid products, unconventional strategies, and advice to specific client types.
- Investment Advisers to Private Funds will have special attention given to portfolio management risks, contractual requirements, fee and expense calculations, due diligence practices, and compliance with Advisers Act requirements.
- Investment Companies
- Review unexamined entities, recently registered entities, and those not examined for an extended period.
- Registered investment companies, including mutual funds and ETFs, are prioritized for examinations due to their significance to retail investors.
- Fees and expenses, derivatives risk management, liquidity risk management, and compliance with exemptive order conditions.
- Broker-Dealers
- Regulation Best Interest (Reg BI) – reviewing the conduct standards for broker-dealers when recommending securities transactions or investment strategies to retail customers and emphasizing disclosure, care, and conflict of interest management.
- Form CRS to examine broker-dealer relationship summaries for content regarding services, fees, conflicts of interest, and compliance with filing and delivery obligations.
- Self-Regulatory Organizations and Clearing Agencies
- National Securities Exchanges – Examining the exchanges' enforcement of self-regulatory organization rules and federal securities laws, emphasizing order handling, surveillance, and oversight of regulatory service agreements.
- Financial Industry Regulatory Authority (FINRA) – Assessing FINRA's oversight of brokerage firms, its regulatory initiatives like Reg BI and Form CRS, and conducts risk-based examinations.
- Municipal Securities Rulemaking Board (MSRB) – Evaluating compliance with MSRB rules by broker-dealers and municipal advisors.
- Clearing Agencies – Conducting risk-based examinations on registered clearing agencies, assessing risk management, liquidity, and compliance with standards.
Additional risk areas of focus include:
-
Information Security and Resiliency – Assessing practices to prevent interruptions, protect investor information, and comply with the shortened settlement cycle.
-
Crypto Assets and Emerging Financial Technology – Monitoring and examining registrants offering crypto assets, focusing on compliance, risk management, and technological issues.
- Anti-Money Laundering – Reviews programs of broker-dealers and investment companies, emphasizing risk-based procedures and compliance with the Bank Secrecy Act (BSA).
In this dynamic regulatory landscape, organizations must proactively embrace strategies that go beyond meeting compliance requirements. Demonstrating sustainability in risk functions, integrating fairness principles, and adapting to the expanding focus on responsible systems and data security is crucial. Successful navigation of these challenges requires not only meeting regulatory standards but also instilling a culture of innovation, trust, and adaptability. By understanding and addressing these multifaceted challenges, organizations can position themselves not just to comply with regulations, but to thrive in an environment of continuous change and heightened regulatory scrutiny.
North Highland’s experts are ready to help you navigate the changes ahead. Learn more here.