The rise of ratchet regulation

Across areas as diverse as financial advice, retirement outcomes, operational resilience and the UK’s Consumer Duty, this new generation of regulation sets an expectation that organisations will assess their own strengths and weaknesses and put in place plans to drive continuous improvement. But many are struggling to make the changes required.

In contrast to past risk and regulatory developments, regulations are no longer written as rules that stay fixed until the next regulatory review. They’re now seen as a framework enabling regulators to respond rapidly to changing conditions by expecting companies to understand risks and respond proactively. Now, firms need to foster a culture of continuous improvement in risk management practices. Addressing the evolving nature of the most significant threats, such as cyber and economic crime, necessitates a proactive approach. Yet financial services organisations tend to lack mature mechanisms to treat risk and regulation as a constantly moving target, while simultaneously using their responses to create real value for customers.

Instead, we often see mandatory change approached in a way that focuses narrowly on compliance and misses the wider business potential. This can lead to a scenario where a significant portion of a change budget is spent with minimal positive impact.

Getting ahead of regulatory requirements can lead to strategic business benefits that are consistent with regulatory direction, using the change budget to deliver more than just minimum mandatory compliance. This is an area of potential advantage for banks, insurers, and wealth managers that can leverage higher risk and regulatory standards to improve business outcomes and enhance customers’ lives.

But even for those that see the opportunity, incumbent banks face significant barriers to better managing regulatory change. This is due to challenges ranging from a cultural tendency to prioritise short-term compliance and high-profile risk over changes that will deliver long-term strategic advantages, to uncertainties around the boundary between customer support and regulated advice.

So how can incumbents implement improvements in a way that maximises value in a complex, fast-changing environment?

The answer lies in embracing organisational agility when implementing new regulation and making changes to structures and processes. Organisational agility enables firms to prioritise effectively, tackling the required changes in smaller chunks while being able to take a more holistic approach to change. It also enables firms to get ahead of the curve on risk and regulation – making changes faster, at lower cost, in a way that maximises brand value.

To leverage an agile approach effectively, financial services firms should:

1. Develop a dynamic view

Build a forward-looking picture of the dynamic risk and regulatory landscape in which you operate. As stakeholders develop more flexible views of risk and mitigation, take a continuously evolving view of the risks you face and the regulatory expectations that need to be met. This requires an ongoing commitment to gathering the internal and external data needed to make better decisions.

2. Assess current change capabilities

Critically question whether your change capabilities are fit for purpose in a fast-changing risk and regulatory environment. Institutions with a history of waiting for regulatory certainty before making changes should consider a new approach. More flexible implementation will help maximise the efficiency of investments, to continuously adapt to ongoing stakeholder expectations, and link risk and regulation investments to wider changes in how firms operate.

3. Adopt organisational agility

Adopt an agile approach that allows the firm to anticipate new requirements, not just react to them. Embracing organisational agility will not only help to keep pace with risk and regulation, but also unlock the benefits of taking a proactive approach. For example, some banks pre-empted the regulation requiring reimbursement of fraud victims and made their reimbursement policy a market differentiator. Doing this in parallel to investment in fraud prevention could yield a positive business benefit that a wait-and-see approach to regulatory compliance cannot.

Pivoting to agility will require a shift in culture, skills, and mindset, investment in horizon scanning, and scenario planning, it will also require the resources to embed risk and regulatory goals into wider transformation strategies. The rewards will include lower risk premiums, better supervisory engagement, reduced costs of change, and better customer outcomes.

Organisational agility is key to building trust with customers and regulators, and to maximising the long-term value of change programmes. In an environment of ever-changing risk and regulatory expectations, the winners will be those that stay on the front foot through a commitment to continuous, forward-looking change and innovation.