Channel Strategy for Corporate Banking: Is Your Bank Paying Enough Attention?

According to the GTNews 2016 Transaction Banking Survey Report, 91% of North American corporates are evaluating their cash management partners. Of those, 27% indicated that improving availability of online and mobile banking tools were a major reason for reviewing their bank relationships, and 55% cited the need for an improved customer experience. Clearly, these responses are evidence that large numbers of corporate clients are less than satisfied with the channel tools and the overall digital client experience being offered.  Most of the banks we interviewed for recent research on this topic are hearing loud and clear that clients are looking for more streamlined, convenient, and faster access to banking services and information.  Our recent report, Strategies for Enhancing Corporate Client Experience: The Future of Attended Channels looks at strategies that leading North American and global banks are adopting to achieve the following goals:
  • Build out integrated portals to make invisible the organizational and product silos inherent in corporate banking.
  • Simplify the user experience.
  • Establish an omnichannel approach to providing consistent data and access to transactions across channels.
  • Enhance authentication options, including biometrics.
  • Expand self-service, including the ability to securely exchange documents and open accounts and new services.
While we found broad agreement on importance of the themes described above, we identified other aspects of digital channel strategy that varied widely from bank to bank.  The graphic below summarizes those opportunities for differentiation. Celent recommends that banks take the following steps to optimizing their future investments in attended channels:
  1. Define the Digital Strategy for Corporate Banking, Not Just the Digital Channel Strategy.  In the current environment, attempting to implement a successful strategy for digital channels in the absence of an overall digital transformation strategy for corporate banking is short-sighted.
  2. Understand How Attended Digital Channels Fit into Clients’ Daily Workflow.  Product management and strategy executives at many institutions are driving prioritization in channels based on a set of assumptions about client preferences that may not be valid. Mapping those client digital journeys from onboarding to servicing to managing exception situations for each client persona is critical.
  3. Reexamine the Role of Partners.  In reality, the delivery of services through attended channels has always involved multiple partners, whether the bank has developed an “in-house” solution or offers one or more off–the-shelf vendor solutions. As demands for “non-core” banking functionality grows and technology evolves to enable easier integration with multiple partners, the importance of the bank maintaining control of the user experience layer that is seen and touched by the client becomes even more critical.
The decisions being made today about attended digital channels — whether as a part of a larger digital transformation initiative, enhancing the channel user experience, or establishing a corporate banking portal — will have a significant impact on the ability of corporate banks to attract and retain clients.

Banking Third Party Risk Management Requirements are a Big and Expensive Ask

Celent, through its work with Oliver Wyman, estimates the cost to US financial institutions of undertaking due diligence and assessment of new third party engagements to be ~ $750 million per year. Institutions are paying three times as much as their third party to complete on this exercise. The average cost to an institution to carry out due diligence and an assessment of a new critical third party engagement is $15,000 and takes the institution approximately 16 weeks to complete.

The top ten US banks average between 20,000 and 50,000 third party relationships. Of course, not all of these relationships are active or need extensive monitoring. But the slew of banking regulatory requirements for third party risk management is proving to be complex, all-consuming and expensive for both institutions and the third parties involved. In a nutshell, institutions are liable for risk events of their third and extended parties and ecosystems. The FDIC expresses best the sentiment of worldwide regulators:

“A bank’s use of third parties does not relinquish responsibility… but holds it to the same extent as if the activity were handled within the institution." www.fdic.gov

If an institution doesn’t tighten its third party risk management, it is significantly increasing the odds of a third party data breach or other risk event and will suffer the reputational and financial fallout.

In the first report of a two-part series, just published by Celent, “A Banker’s guide to Third Party Risk Management: Part One Strategic, Complex and Liable”, I show how institutions can take advantage of their established risk management practices such as the Three Lines of Defense governance model, and operational risk management processes to identify, monitor and manage the lifecycle of critical and high-risk third party engagements across functions and levels. It describes the components required for a best-practice program and shows examples of two strong operating risk models being used by the industry that incorporates third party risk management into the enterprisewide risk management program.

Unfortunately, there are few institutions that have successfully implemented strategic third party risk management programs. Most institutions fall between stage 1 and 2 of the four stages of Celent’s Third Party Risk Management Maturity Curve. But continuing to operate without a strategic third party risk management practice will leave your institution in the hands of cyber fate and the regulators.

Globalisation: External Forces Driving Corporate Growth and Expansion

Treasury management plays an important role in a corporation’s globalisation efforts especially in the areas of cash management, banking, foreign exchange risk, and investments. Treasury must address challenges with managing liquidity distributed across markets, currencies, and businesses, especially the need to keep up with regional liquidity nuances and regulatory issues.

As an outgrowth of globalisation, four key external forces impact opportunities and challenges for corporate growth and expansion: economic uncertainty, geopolitical climate, regulatory environment, and technology evolution.

Eight years on from the 2008–2009 financial crises, global economic growth remains sluggish, hovering between 3.1% and 3.4% since 2012. There are numerous examples of geopolitical events exacerbating volatility, uncertainty, and risks arising from the increasing interconnectedness of regions caused by globalization. New regulations impact treasury organizations in many ways, including in-house banking, intercompany transactions, and transfer pricing documentation.

Corporate treasury organizations continue to lean on technology to facilitate change and mitigate complexity arising from global expansion. Cloud-based treasury management systems (TMS) provide an opportunity to implement specific modules on a subscription pricing basis. Governmental agencies, banks, and fintechs are collaborating to evolve complex corporate treasury services.

As discussed in the new Celent report “Globalisation: External Forces Driving Corporate Growth and Expansion," although firms are in different stages of their globalisation journeys, they can benefit from working with their banking partners to adopt strategies and tactics that address the external factors affecting corporate growth and expansion. Universal banks understand geographic differences and nuances, and are in a unique position to advise firms seeking to expand their businesses globally. This report is the sixth in an ongoing series of reports commissioned by HSBC and written by Celent as part of the HSBC Corporate Insights program.

Stop Throwing Money at Cybersecurity

cyber-operational-risk-150x1501 Most cyberattacks succeed because of weaknesses in people, processes, controls and operations. This is the definition of operational risk. Therefore, it makes sense to tackle cyber risk with the same tools you use to manage operational risk.

We continue to prove that the approach of the IT department managing cybersecurity is not working. Cyber risk is typically treated in parallel with other technology risks; the IT department is motivated to focus on securing the vulnerabilities of individual system components and proffers a micro view of security concerns.

My new Celent report on Treating Cyber Risk as an Operational Risk: Governance, Framework, Processes and Technologies”, discusses how financial institutions are advancing their cybersecurity practices by leveraging their existing operational risk frameworks to centralize, automate and streamline management, technologies, processes, and controls for a sounder and more resilient cybersecurity.

The report identifies and examines the steps required to achieve a risk-based approach to a sustainable and, ultimately, a measurable cyber risk management strategy:

1. Establish a long-term commitment to drive a top-down, risk-based approach to cybersecurity.

2. Recognize that the traditional approach of the IT department managing cybersecurity is limited and that most cyber risks are weaknesses in people, processes, controls, and operations.

3. If you have not already, consider deploying the NIST cybersecurity framework and tailor the framework to fit your individual cybersecurity requirements. The framework lets you take advantage of your current cybersecurity and operational risk language, processes and programs, industry standards and industry best practices. Both cyber and operational risk should be informed by and aligned with the institution’s enterprise-wide risk management framework.

4. Move your organization along the cybersecurity maturity curve by building dynamic risk models, based on shared industry data and assumptions, to measure and monitor cyber threats and pre-empt those attacks.

5. Stop throwing money at the problem. Educate decision-makers on why and how breaches happen. Do not purchase in siloes or under pressure, select the right expertise to identify the issues and carry out due diligence on products.

6. Use the NIST’s five functions to navigate and manage cybersecurity technology requirements and purchases.

7. Know what technology you want from your vendors; know what advice to seek from your consultants.

8. Acknowledge that cybersecurity is the responsibility of every employee and human behavior is the most basic line of defense. Institutions cannot hesitate in the goal to educate their employees, third parties and customers.

Against the Odds: Improving Euro Area Commercial Lending Indicators

Over the past several months the European Union has weathered a number of challenges – Brexit, political turmoil, the migrant crisis, and sluggish GDP growth among them. But surprisingly, the latest European Central Bank (ECB) data doesn’t reflect any negative shocks on credit supply and demand.

The latest Euro Area Bank Lending Survey found that competitive pressures are the main factor behind the easing of credit standards on loans to enterprises, including a narrowing of interest rate margins. At the same time, demand for loans by enterprises is increasing, driven by merger and acquisition activities, inventories and working capital, and continued low interest rates. Although demand is strengthening, alternative financing sources dampened demand for bank financing slightly.

Euro Area Bank Lending Survey

Looking at the top half of this chart, there is no question that banks ratcheted up credit standards like pricing, covenants, cash flow, and capital during Europe’s two recessionary periods. At the same time, businesses of all sizes stopped seeking credit. There is just no appetite for companies to take on additional liabilities during a period when consumers aren’t spending and the economy is shrinking.

More recently, in early 2014 both sides of the credit standards and demand equation crossed the middle point. Since then, credit standards have leveled off while credit demand from enterprises has risen slightly, especially for small-to-medium enterprises (SME).

Despite the ups and downs in credit demand and standards, loan outstandings to non-financial corporations has been surprisingly resilient, even during euro area recessionary periods.

ECB Loans to Non-Financial Corporations

The June ECB reflected slight growth over the past quarter, at the end of which the UK voted to leave the European Union. Time will tell whether Brexit and the expected negative impact to eurozone growth will dampen demand and subsequent loan growth for euro area commercial lending.

Security, fraud, and risk Model Bank profiles: Alfa Bank and USAA

Banks have worked hard to manage the different risks across their institutions. It has been and will remain costly, time consuming and a top priority. Celent profiles two award-winning banks who have modelled excellence in their use of risk management technologies across their banks.

They demonstrated:

  1. Degree of innovation
  2. Degree of difficulty
  3. Measurable, quantitative business results achieved
(Left to right, Martin Pilecky, CIO Alfa-Bank; Gary McAlum, SVP Enterprise Security Group USAA; Joan McGowan, Senior Analyst Celent)

(Left to right, Martin Pilecky, CIO Alfa-Bank; Gary McAlum, SVP Enterprise Security Group USAA; Joan McGowan, Senior Analyst Celent)

ALFA-BANK: SETS THE STANDARDS FOR BASEL COMPLIANCE IN RUSSIA

Alfa-Bank built a centralized and robust credit risk platform to implement Basel II and III standards, simultaneously, under very tight local regulatory deadlines. The bank decided to centralize all corporate credit-risk information onto a single platform that connected to front office systems and processes. Using Misys FusionRisk, Alfa-Bank was able to implement a central default system with a risk rating and risk-weighted asset calculations engine. The initiative is seen as one of the most important initiatives in the bank’s history. The successful completion of the project has placed Alfa-Bank at the forefront for setting standards and best practice methodologies for capital management regulations for the Russian banking industry and Central Bank.

USAA: SECURITY SELFIE, NATIVE FINGERPRINT, AND VOICE SIGNATURE

The game-changer for USAA is to deliver flawless, contextual customer application services that are secured through less intrusive authentication options. The use of biometrics (fingerprint, facial and vocal) to access its mobile banking application positions USAA to be able to compete with Fintechs across the digital banking ecosystem and offer exceptional service to its military and family members.

USAA worked with Daon Inc. to provide biometric solutions paired with its “Quick Logon” dynamic security token technology, which is embedded in the USAA Mobile App for trusted mobile devices. Biometric and token validation focus on who the user is and who the verifiers are and it addresses increasing concerns around the high level of compromise of static user names, passwords, and predictable security questions from sophisticated phishing attacks, external data breaches, and off-the-shelf credential-stealing malware.

For more information on these initiatives, please see the case study abstract on our website.     

Congratulations to Celent Model Bank 2016 Winners!

Last week many of us at Celent were in New York attending our Innovation and Insight Day on April 13th. It is Celent's flagship event during which we announce Model Bank and Model Insurer winners and celebrate their achievements. In addition, the program includes keynote speeches from industry leaders and Celent analysts, plenty of opportunities to network with peers, and even to experience some of the latest technologies first hand, courtesy of our sponsors.

The theme of this year's event was "Financial Services Reborn", and the Museum of American Finance on Wall Street provided an inspiring setting to celebrate innovation in financial services. Craig Weber, Celent CEO, kicked off the proceedings drawing insightful parallels between the battle of Alamo and the future of financial services. It must have been the first time in Craig's career that he had to come up on stage to the soundtrack of hip hop music, an extract from the Broadway musical "Hamilton", but it set the tone for the rest of the day – to expect the unexpected and to be open to new ideas.

Both of our guest speakers – Nadeem Shaikh, Co-Founder and CEO of Anthemis Group, and Leanne Kemp, Founder and CEO of Everledger – thrilled the audience and opened everyone's eyes to the opportunities presented by Fintech and Blockchain respectively, while our colleague Will Trout spoke eloquently about consumer-led convergence. A big 'thank you' to all the speakers, as well as the sponsors supporting the event!

The rest of the day was all about celebrating the achievements of Model Bank and Model Insurance award winners. As many of this blog's readers know, the vision for Celent’s Model Bank research, now in its ninth year, is to spotlight effective uses of technology in banking. This year we received a record number of submissions – well over 100 – that came from all over the world; the nominations were spread equally between North America, EMEA and APAC. The award winners come from four continents and nine countries and range from credit unions and microfinance institutions to the world's largest banks.

Celent Model Bank 2016 winners are:

  Model Bank 2016 Categories

  Award Winners

  1. Digital Banking Transformation

  Citizens Bank, US

  DenizBank, Turkey

  Garanti Bank, Turkey

  Santander, US

  2. Omnichannel Banking

  BECU, US

  Beyond Bank, Australia

  Standard Chartered Bank, Korea

  3. Digital Payments and Cards

  Bank of America Merrill Lynch, US

  RBC, Canada

  4. Corporate Payments and Infrastructure Modernization

  Bank of China, China

  CBW Bank, US

  5. Cash Management and Trade Finance

  CIBC, Canada

  HBL (Habib Bank), Pakistan

  6. Security, Fraud, and Risk Management

  Alfa-Bank, Russia

  USAA, US

  7. Legacy Transformation

  Sberbank, Russia

  Umpqua Bank, US

  Vietnam Bank For Social Policies, Vietnam

  Model Bank of the Year

  Eastern Bank, US

As always, we published a series of reports with detailed case studies of all winning initiatives. Celent research subscription clients can access the Model Bank of the Year and individual category reports via our website.

This year we also introduced a new award, Model Bank Vendor. We wanted to acknowledge the vendor role in helping multiple clients achieve technology or implementation excellence, one of our judging criteria, and to extend our appreciation to the entire vendor community, which is instrumental in the ongoing success of the Model Bank program. Celent recognized two companies as Model Bank Vendors for 2016:

  • EdgeVerve Systems
  • Nucleus Software

Congratulations to all our award winners! We are grateful to have been exposed to so many extraordinary initiatives and the talented individuals responsible for their success. We look forward to continuing with the Model Bank program next year to identify and award the most impressive banking technology initiatives from around the world, and will begin accepting nominations again in September – stay tuned!

 

A good recipe from the Brazilian banking industry in times of need

The world seems convulsed these days. No matter where you live, something significant is developing around you or about to burst.

Brazil has not been the exception. Economic slowdown and corruption allegations involving high officers in government and the private sector, have led to massive social protests. The Panama Papers only to continue to build a lack of trust on things changing easily. But Brazil is a huge economy, with very talented people and industries that can compete at world-class level. Some things need to change for sure; with a trusted leadership is just a matter of time for Brazil to come back to the right path.

On a positive note from the financial sector, early this year FEBRABAN, the Brazilian banking industry’s main federation, and Brazil’s top five banks entered into a memorandum of understanding with LexisNexis®Risk Solutions by which the latter will provide technical services for a new credit intelligence bureau that will modernize the current Brazilian credit risk information ecosystem.

The effort has the objective of financially including more Brazilians in the long run and efficiently assessing consumer credit risk, with the potential to "change lives, generate sustainable economic expansion in a world-class economy, all the while providing financial institutions with the tools to assess and manage risk more effectively" as indicated in LexisNexis®Risk Solutoins press release. It will make possible for the credit intelligence bureau to process and analyze complex, massive data sets in a matter of seconds. It is expected that the ability to process quickly large volumes of transaction data will help the credit intelligence bureau to effectively manage financial payment experiences, resulting in a bureau with a sophisticated infrastructure.

This decision by FEBRABAN, Bradesco, Banco do Brasil, Caixa Econômica Federal, Itaú Unibanco and Santander comes very handy in order to offset the effects of the country's economic moment by expanding the potential market and providing financial solutions to people that are seeing its purchasing power affected. Banks are not alone in coming up with positive initiatives as insurers have also made moves along these lines.

It’s good to see that, from the banking perspective, Brazil does not stay arms crossed waiting to see what happens; instead they are trying a good recipe to be applied in times of need: Seeking efficiency and growth, by financially including more people into the system through a more effective risk assessment.

 

Large FIs spent $25M rolling out failed risk management frameworks during the 2000’s. So why try again?

Large financial institutions spent in excess of $25 million on rolling out failed enterprise risk management frameworks during the 2000’s. So why try again? Well for many obvious reasons, the most notable of which has been the large scale failure of institutions to manage their risks and the well-editorialized consequences of those failures. The scale of fines for misconduct across financial services is staggering and damage to the banking industry’s reputation will be long-lasting. Major Control Failures in Financial Services blog Source: publicly available data Regulators and supervisors are determined to stop and reverse these risk failures, specifically, the poor behavior of many bankers. Regulators are demanding that the Board and executive management take full accountability for securing their institutions. And there is no room for failure. This is the only way that risks can be understood and, hence, managed across the enterprise. There is no denying that risk management frameworks are hard to implement but Celent believes the timing is right for the industry to not only secure their institutions and businesses but to innovate more safely and, slowly, win back the trust of their customers. My recently published report Governing Risk: A Top-Down Approach to Achieving Integrated Risk Management, offers a risk management taxonomy and governance framework that enables financial institution to address the myriad of risks it faces in a prioritized, structured and holistic way. It shows how strong governance by the Board is the foundation for a framework that delivers cohesive guidance, policies, procedures, and controls functions that align your firm’s risk appetite to returns and capital allocation decisions.