Sponsored by ?

This article was paid for by a contributing third party.More Information.

Payment risk: facing the regulators with confidence

Payment risk: facing the regulators with confidence

As banks continue to struggle with controlling their payments functions, Alex Knight, head of Emea at Baton Systems, explains how institutions can overcome this problem by easily activating payment rules that can be immediately applied across multiple business lines simultaneously

Most financial institutions make a surprisingly large number of incorrect, or failed, payments every day. Although the majority of these errors may be small and relatively easy to resolve, over the past few years there have been some very public instances of substantial amounts being sent erroneously, often due to a lack of appropriate controls. Subsequently, the firms in question have then struggled to recover those payments and to mitigate the reputational risk. 

Regulators are taking an increasingly firm stance on payment risk, believing firms that don’t have sufficient control over their payments processes not only risk financial loss but also their ability to honour their obligations on any given day. Ultimately, this form of liquidity risk impacts individual organisations, and also the smooth running of the wider capital markets as a domino effect could easily be activated.

Workflow inefficiencies

For many firms, payments are being made to honour the obligations of a wide range of different business lines.

Post-trade processes at large financial institutions have typically evolved through the addition of new pieces of technology to existing systems. This means that large numbers of disparate legacy systems – more than 100, in some cases – are feeding requests into the payments platform within any one firm. These siloed applications are often unable to support co-ordinated workflow efficiencies, so firms are relying heavily on outdated and manual standalone processes as controls at the business level. 

For most firms, the idea of redefining their payments architecture at an overall level is a huge task. In many cases, they lack a clear horizontal function, system or process to provide control of payments risk across all of the different business lines that are being supported. The risk of making incorrect payments, or of not making them at all, is high, leading to delays and additional costs.

Responding to market conditions

The benefits of being able to implement or amend controls quickly, in response to a changing internal or external environment, have been highlighted recently at both currency and counterparty level. The heightened volatility of the Russian ruble in 2022 created a pressing need for currency-specific rules to be created and updated. Similarly, in 2023, when a global investment bank was recognised by the market to be in distress at an organisational level, most firms were only able to put in controls relating to their separate business lines, rather than creating consistent firm-wide rules.

In both of these cases, controls will almost always have been manual or hard-coded into legacy systems – the latter being a process that often takes weeks, if not months, to implement. By contrast, a ‘no-code’ process would mean rules could be configured by business users, through a user interface, in a matter of minutes and could run across all of a firm’s lines until they were modified or disabled.

Balancing control and flexibility

Now, more than ever, firms need to deliver a level of effective payments supervision that minimises risk and reduces the need for regulatory scrutiny.

At a systems level, firms need a solution that is relatively fast and simple to implement. This requires interoperability with a firm’s existing infrastructure because ripping out and replacing existing payment systems just isn’t a realistic option. Firms also need the solution to operate across all relevant payment types. 

Moreover, a solution that operates in real time allows users to observe and be alerted to changes in counterparty behaviour while keeping abreast of issues around funding or counterparty exposure so they can be resolved before they become major concerns.

Furthermore, the solution needs to provide a payment risk framework that combines the consistency of approach and consistency of data collection with the flexibility that is needed to modify, create, enrich, enable or disable rules as required. Changes often happen very quickly around counterparties, currencies or a firm’s own legal entities and business lines. The ability to swiftly react to these developments is often key for effective risk management. 

Ideally, this means the ability to create or modify rules in a no-code environment but with the benefit of full auditability. Furthermore, supervisors need easy access to all relevant payment information when exception approvals are required.

Finally, the process needs to be completely automated so firms are not relying on individuals to manually identify transactions that require approval. Rather, that identification is always going to be rules-based, where those rules are created according to the currency, counterparty or any other characteristic that can be defined. 

Once a trigger is hit and a payment needs to be manually approved, it is vital there is a full audit trail of that approval process. Again, this needs to be retained at a holistic level across all business lines and payment processes in scope.

In simple terms, a solution with these attributes, such as Baton Core-Payments®, allows financial institutions to supervise and manage payments risk more efficiently and effectively than before by harnessing real-time data and eliminating the need to link multiple legacy systems or implement cumbersome manual processes. This allows business leaders to react quickly to changing market conditions and to inspire confidence in stakeholders as well as regulators.

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here