Regulatory burden set to increase

The past five years have seen an array of new regulations in the financial sector. And an inevitable consequence of the implementation of Sarbanes-Oxley, Basel II, the Markets in Financial Instruments Directive, Solvency II and International Financial Reporting Standards has been a massive increase in regulatory and compliance spending by financial institutions.

According to a recent Deloitte report, “In Control”, the largest 100 financial firms have seen regulatory and compliance costs rise 30% in the past three years to $56 billion. The regulatory burden has yet to peak, however, with Deloitte forecasting the figure could double to $100 billion by 2010. And this is before the costs of additional regulatory measures implemented in response to the credit crisis have been factored in.

The report suggests there is a disparity in terms of costs, directly related to the size of the institution. Regulatory and compliance spending accounts for approximately 4% of total costs for large firms, but this figure rises to 6% at smaller institutions. Deloitte also says there is evidence of regional disparities, with Anglo-American banks considered leaders, and Asia-Pacific institutions the chief laggards.

The recent surge in costs should not necessarily be considered a burden however; Deloitte believes successful compliance strategies can lead to a competitive advantage.

“Financial institutions are always seeking to find and sustain the correct balance between risk and reward, but lack of triangulation between control, risk and governance is, in most cases, a missing link that needs joining up,” asserts Chris Gentle, London-based associate partner and head of research at Deloitte.

In terms of specific recommendations to improve controls, Deloitte advocates the appointment of a fully accountable board representative to oversee controls, as well as monitoring transactions in real time where possible.

One area of weakness identified by the advisory firm was a lack of certainty over who is in charge of overall governance, control and risk management policy at many institutions. While the audit committee or board of directors would seem the logical choice, only 41% of firms polled said this was the case at their own institutions. Furthermore, only 47% of institutions have undertaken consolidation of governance and controls across borders and operational units within the past few years.

There has been much clamour in the wake of the credit crisis for senior executives to set the tone for a risk management culture, something Deloitte fully concurs with. “Senior management should be visibly involved in communicating messages about behaviour in risk and control culture through the organisation,” stated the firm.

Deloitte’s report replicates many of the themes highlighted in Ernst & Young’s recent 2008 corporate governance survey of the top 500 UK companies. Approximately 35% of directors polled in that survey listed regulation and governance as the number one challenge facing their companies in the next 12 months.

See also: BIS to modify Basel II rules

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact or view our subscription options here:

You are currently unable to copy this content. Please contact to find out more.

Investment banks: the future of risk control

This survey report explores the current state of risk controls in investment banks, the challenges of effective engagement across the three lines of defence, and the opportunity to develop a more dynamic approach to first-line risk control

Op risk outlook 2022: the legal perspective

Christoph Kurth, partner of the global financial institutions leadership team at Baker McKenzie, discusses the key themes emerging from’s Top 10 op risks 2022 survey and how financial firms can better manage and mitigate the impact of…

Emerging trends in op risk

Karen Man, partner and member of the global financial institutions leadership team at Baker McKenzie, discusses emerging op risks in the wake of the Covid‑19 pandemic, a rise in cyber attacks, concerns around conduct and culture, and the complexities of…

Moving targets: the new rules of conduct risk

How are capital markets firms adapting their approaches to monitoring and managing conduct risk following the Covid‑19 pandemic? In a webinar in association with NICE Actimize, the panel discusses changing regulatory requirements, the essentials…

Building resilience into ESG risk management

Risk and resilience continue to play an important role in the navigation of an increasingly uncertain world. Fusion Risk Management explores why it is equally crucial for technology to support organisations in addressing pertinent environmental, social…

You need to sign in to use this feature. If you don’t have a account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here