But PwC identified a gap in financial institutions' compliance operations in managing reputational risk. The survey found that fewer than one-fifth of respondents considered awareness of compliance-related risks to be high across all parts of the business. Fewer than a quarter were very confident that their organisation is in full compliance with regulatory requirements and internal codes and policies.
PwC said compliance issues are too reactive, with organisations only making internal alterations when rules change. Compliance in financial institutions must move from being a regulatory authorisation function to a strategic function integrated with risk management, said PwC. Financial institutions should strive for a compliance regime that puts consumers first, and embraces internal guidelines as well as outside regulations, said Juan Pujadas, US-based leader of the global financial risk management practice at PwC.
In the best-run financial services organisations, compliance is integrated into general risk management frameworks, and management of regulatory risk is a key part of effective overall compliance. PwC said an infrastructure must be put in place at financial institutions to allow management to track current and emerging compliance issues and to communicate these to internal and external stakeholders. A comprehensive system of internal controls and audit should create an environment of continuous improvement in managing compliance risk.
The findings are the result of research completed by the Economist Intelligence Unit (EIU) on behalf of PwC.