Mike Russo
Senior Solution Principal, Global Banking Unit
SAP Financial Services

For banks, the regulatory landscape has never looked more fluid, nor more demanding. There’s the Financial Accounting Standards Board’s new Current Expected Credit Loss (CECL) accounting standard to contend with, along with ongoing adjustments by the Consumer Financial Protection Bureau (CFPB) to the Unfair, Deceptive, or Abusive Acts and Practices (UDAAP) standard. Meanwhile, the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) continues to levy massive penalties under the recently updated Bank Secrecy Act (BSA), even as regulators contemplate additional refinements to how they enforce that law. And let’s not overlook the annual Comprehensive Capital Analysis and Review (CCAR) stress-testing exercise mandated by the Federal Reserve.

Besides tracking the patchwork of policies, requirements and enforcement actions from FinCEN, FASB, the CFPB and the Fed, banks also must keep a close eye on developments from the Federal Deposit Insurance Corporation (FDIC) and the Office of the Comptroller of the Currency (OCC), as well as those at the state level. And that’s just in the United States. Institutions that operate abroad face similarly escalating scrutiny and compliance responsibilities like the newly revised market-risk FRTB (Fundamental Review of the Trading Book) reporting requirements.

It’s a daunting regulatory environment to say the least and one that puts the onus squarely on banks’ ability to capture, maintain and securely govern their data. Because, as Deloitte notes, “banking regulators, rather than easing up on their expectations, are demanding higher levels of accountability from boards of directors (boards) and senior management.” Those demands “will likely require significant attention and action from leadership.”

Much of that action will focus on fundamental improvements to, and integration of, digital data-management and analytic capabilities. Banks are already moving strategically on that front. Instead of settling for tactical, shorter-term technology fixes, an all-too-tempting route for banks in the face of extreme regulatory uncertainty, one of the banks with which SAP works recently completed a comprehensive, enterprise-wide effort to transform the digital infrastructure it relies on for compliance, reporting and data management. Because it operates in dozens of geographic markets around the world, this bank has to deal with a compliance workload as varied and large as its footprint. Yet, as much as the bank’s modernization initiative is aimed at addressing mounting compliance responsibilities, the bank’s leadership views it more broadly as a strategic difference-maker. As an exec who’s managing the program recently told me, “We are able to better manage the balance sheet and get more yield out of the balance sheet and manage liquidity better. It gives us more frequent and better and more granular information and insight. That’s information our treasury group and our business can turn into basis points here and there. The business case was there. This thing pays for itself if you go about it the right way.”

Here’s a look at some of the capabilities, approaches and technology upgrades that enable a data-management infrastructure and reporting modernization effort to pay off over the long run.

The Golden Data Source

The focal point of these initiatives is the creation of a single repository of data from risk, treasury, finance and regulatory perspectives and from across the entire data supply chain — a universal shared asset (my bank client terms it a “golden source”) containing data with clear provenance that is current, unimpeachably accurate, secure and accessible, with self-service, analytics and modeling capabilities attached to it. Such a resource — which requires a powerful yet flexible enterprise-level platform — enables banks to break down siloes to respond to regulations like the CECL, which, Deloitte notes, “promises to be one of the most significant accounting projects of the next five years. Right now, it may seem like there’s plenty of time to comply with CECL. But the significance and widespread impact of this new standard demands that companies take an early and disciplined approach to CECL implementation.”


Regulators in some markets now require institutions to deliver supporting data in a matter of days or even hours instead of weeks or months, and to do so via aggregated data dumps rather than prescribed templates. Meeting this just-in-time expectation forces banks to move away from data infrastructure that supports traditional cyclical reporting to one that enables continuous accounting and even allows regulators direct, secure access to data.


As varying as regulators’ requirements dictate the format in which data must be delivered, institutions need to be able to normalize data so it is conforming and readily accessible across formats. Artificial intelligence and machine learning can help an institution meet these configuration and consistency challenges.


Regulators expect to be able to drill down as deeply as they need into the data a bank provides, right down to the contract level in some instances.


Banks’ growing reliance on the cloud and third-party contractors has regulators rightfully more concerned about data security. Institutions need the ability to demonstrate data security and sovereignty.


Black-box models, opaque data provenance and information that lacks a clear lineage throughout its journey cross the data supply chain are becoming increasingly problematic from a compliance standpoint. Institutions need to be able to show regulators how the models they use are validated, defend the integrity of their reporting data and demonstrate how their underlying processes work.


The ongoing evolution of banking regulation around the globe puts a premium on dynamic, integrated scenario-planning, risk-modeling, stress-testing, forecasting and reporting capabilities

Armed with capabilities like these, institutions not only will be well-equipped to keep pace with the speed of regulatory change, they’ll be better positioned to gain a competitive advantage by making more intelligent use of their data.

Mike Russo has been in his current role as senior solution principal at SAP Financial Services for 15 years. He has more than 35 years experience in the financial services and financial software industries.