A good recipe from the Brazilian banking industry in times of need

A good recipe from the Brazilian banking industry in times of need

The world seems convulsed these days. No matter where you live, something significant is developing around you or about to burst.

Brazil has not been the exception. Economic slowdown and corruption allegations involving high officers in government and the private sector, have led to massive social protests. The Panama Papers only to continue to build a lack of trust on things changing easily. But Brazil is a huge economy, with very talented people and industries that can compete at world-class level. Some things need to change for sure; with a trusted leadership is just a matter of time for Brazil to come back to the right path.

On a positive note from the financial sector, early this year FEBRABAN, the Brazilian banking industry’s main federation, and Brazil’s top five banks entered into a memorandum of understanding with LexisNexis®Risk Solutions by which the latter will provide technical services for a new credit intelligence bureau that will modernize the current Brazilian credit risk information ecosystem.

The effort has the objective of financially including more Brazilians in the long run and efficiently assessing consumer credit risk, with the potential to "change lives, generate sustainable economic expansion in a world-class economy, all the while providing financial institutions with the tools to assess and manage risk more effectively" as indicated in LexisNexis®Risk Solutoins press release. It will make possible for the credit intelligence bureau to process and analyze complex, massive data sets in a matter of seconds. It is expected that the ability to process quickly large volumes of transaction data will help the credit intelligence bureau to effectively manage financial payment experiences, resulting in a bureau with a sophisticated infrastructure.

This decision by FEBRABAN, Bradesco, Banco do Brasil, Caixa Econômica Federal, Itaú Unibanco and Santander comes very handy in order to offset the effects of the country's economic moment by expanding the potential market and providing financial solutions to people that are seeing its purchasing power affected. Banks are not alone in coming up with positive initiatives as insurers have also made moves along these lines.

It’s good to see that, from the banking perspective, Brazil does not stay arms crossed waiting to see what happens; instead they are trying a good recipe to be applied in times of need: Seeking efficiency and growth, by financially including more people into the system through a more effective risk assessment.

 

Large FIs spent $25M rolling out failed risk management frameworks during the 2000’s. So why try again?

Large FIs spent $25M rolling out failed risk management frameworks during the 2000’s. So why try again?
Large financial institutions spent in excess of $25 million on rolling out failed enterprise risk management frameworks during the 2000’s. So why try again? Well for many obvious reasons, the most notable of which has been the large scale failure of institutions to manage their risks and the well-editorialized consequences of those failures. The scale of fines for misconduct across financial services is staggering and damage to the banking industry’s reputation will be long-lasting. Major Control Failures in Financial Services blog Source: publicly available data Regulators and supervisors are determined to stop and reverse these risk failures, specifically, the poor behavior of many bankers. Regulators are demanding that the Board and executive management take full accountability for securing their institutions. And there is no room for failure. This is the only way that risks can be understood and, hence, managed across the enterprise. There is no denying that risk management frameworks are hard to implement but Celent believes the timing is right for the industry to not only secure their institutions and businesses but to innovate more safely and, slowly, win back the trust of their customers. My recently published report Governing Risk: A Top-Down Approach to Achieving Integrated Risk Management, offers a risk management taxonomy and governance framework that enables financial institution to address the myriad of risks it faces in a prioritized, structured and holistic way. It shows how strong governance by the Board is the foundation for a framework that delivers cohesive guidance, policies, procedures, and controls functions that align your firm’s risk appetite to returns and capital allocation decisions.

The Best News About RDC in a Long While

The Best News About RDC in a Long While
I just finished two remote deposit capture (RDC) related reports last week – and yes, they took way too long to complete. The first was a comparison of vendor solutions and the second an analysis of the state of RDC with projections for the future. Having been immersed in RDC for a bit (OK months) I got to thinking. There’s some great news in the world of RDC! For example: • The vast majority of RDC deploying financial institutions still have not suffered any economic losses attributable to RDC. • Even though commercial RDC is a mature market, there remains a significant upside for participating banks in terms of selling additional clients. • Vendor solutions continue to improve at a rapid pace, particularly in terms of providing financial institutions tools to manage risk. • Mobile RDC is experiencing explosive growth behind terrific consumer awareness and strong concept scores. In a July 2013 Celent consumer survey, mRDC was the second most valued capability in mobile banking, exceeded only by account aggregation (seeing all one’s accounts in one place). • Banks are gradually relaxing mRDC eligibility criteria and deposit limits in response to consumer demand and favorable operational experience. And, I could go on. But the most encouraging news in my opinion is that compliance worries are mostly a thing of the past – in both retail and wholesale banking lines of business at most banks. For several years, compliance was “Job #1” for RDC product managers. Thankfully, those days are largely behind us. At last, delivering value and growing the business has returned to the RDC agenda, and it has done so in significant ways. In October 2013, Celent surveyed US banks and credit unions about RDC adoption, risk, attitudes and priorities. We’ve done so annually since 2010. On question asks respondents to rank the importance of RDC priorities. We ask the same question in the context of commercial RDC (treasury management departments) as well as small business RDC (small business or retail lines of business). 2012 was good news. 2013 even better news – after years of a compliance dominated agenda, client adoption solidly returned to the #1 spot. The figure below graphs the percent of respondents ranking each priority as “most important”. Note the year-to-year changes. SMB RDC priority 2013 Don’t get me wrong, compliance will remain an imperative in all areas of banking, but it should no longer dominate bank’s RDC project list. More than anything else, this will be a harbinger for good RDC things to come.

Improving Security of Mobile Payments

Improving Security of Mobile Payments
A couple of weeks ago the European Central Bank (ECB) published a draft document for public consultation on Recommendations for Security on Mobile Payments. These recommendations were developed by the European Forum on the Security of Retail Payments, SecuRe Pay. This document follows similar recommendations for internet payments, and for payment account access services. Creation of standards and guidelines around payments is always a good thing, and that applies to security in mobile payments. However, the ECB is careful not to “set specific security of technical solutions. Nor does it redefine, or suggest amendments to, existing industry technical standards.” In my view, this is absolutely correct – mobile payments remains an incredibly diverse and rapidly developing landscape, and to attempt to impose specific security requirements on all of them would be a mistake. Instead, ECB focuses on five guiding principles for mobile payment service providers:
  1. Identifying, assessing and mitigating the specific risks associated with providing mobile payment services.
  2. Using strong customer authentication and registration controls.
  3. Implementing a robust data protection mechanism to protect sensitive data wherever it is transmitted, processed or stored.
  4. Implementing secure processes for authorising transactions, as well as robust processes for monitoring transactions and systems
  5. Engaging in enhancing customer understanding and providing information on security issues related to the use of mobile payment services with a view to enabling customers to use such services in a safe and secure manner.
Most banks already have policies and processes to manage operational risk, conduct risk assessments, monitor and report incidents, etc., so for most it shouldn’t too challenging to incorporate these requirements into existing practices. The biggest challenge for them is likely to be ensuring that their partners also follow these guidelines and take appropriate security measures. However, again, banks are already responsible for managing risk emanating from third party relationships. On the other hand, the risk management framework and requirements set out in these recommendations is likely to require investment from start-ups and other new PSPs over and above what they might be doing today around security. At least on the surface, one of the potentially more onerous provisions appears to be the requirement that PSPs and mobile payment services providers implement a notification procedure in the event of security incidents. In reality, it will depend how this will be implemented. Somebody needs to be aware of all security incidents, but most providers have or will develop escalation mechanisms and reporting structures to determine who needs to get what information when. So, could these measures be the key to widespread uptake of mobile payments? I don’t think so – security is a must have rather than a positive incentive. In other words, lack of security would be a significant barrier to customer adoption, but security alone will not lead to an increased adoption – you need more tangible elements of customer and merchant value proposition and a workable business model across providers for that. To the extent that these proposals will help educate consumers and address their concerns around security, they will be useful. And if they are effective, they will play an “invisible role” by helping to prevent and manage security incidents, thus minimizing the barriers for customer adoption. I think most mobile payments providers are already taking security seriously. However, as we at Celent always say, there is usually a tradeoff between security and usability. And even the best security will not be able to prevent incidents entirely. Hence, the ECB is absolutely correct to focus not just on ensuring that incidents are minimized, but also on risk management framework and on what needs to be done when bad things do happen, as they inevitably will.

Celent Banking Innovation and Insight Day Recap

Celent Banking Innovation and Insight Day Recap
Last Thursday, we hosted our annual Banking Innovation and Insight Day at the Westin Times Square in NYC. Celent Senior Analyst Bob Meara opened up to a packed house with his presentation on top tech trends. This set the stage for the day as we moved into more specific subjects including, social media, risk management, core banking, mobile payments, and more. We had a good number of journalists in attendance to cover the event. Bank Systems & Technology was first out of the gate with a story, and wrote up a detailed piece on the social media panel that I moderated (Citi, USAA Execs Share Social Media Best Practices). I also had the honor of presenting awards to the 18 banks that were selected for our 2010 Model Bank initiative (group photo below). If you would like to obtain a copy of the 2010 Model Bank report please click here. If you are interested in submitting a nomination for our 2011 Model Bank report, or for more information on Model Bank, please visit www.celentmodelbank.com.

IMG_2010

All presentations from the event are available for Celent clients to download on our web site. We invite you to review what folks had to say about the event on Twitter If you would like to see a few photos from the event please visit our Flickr photostream.
www.flickr.com
Feedback on the event has been extremely positive. I would like to thank all of our attendees, distinguished panelists, and dynamic presenters for contributing to a successful event!