Deloitte Ireland Conduct Risk, Culture and Reg-tech Breakfast Briefing June PDF Free Download

Deloitte Ireland Conduct Risk, Culture and Reg-tech Breakfast Briefing 2018 26 June 2018

Agenda Topic Presenter Timing Introduction Sean Smith 8:00 a.m. 8:10 a.m. Keynote speech - Regulatory Expectations Colm Kincaid, CBI 8:10 a.m. 8:35 a.m. Session 2 Peter Engering 8:35 a.m. 8:55 a.m. Session 3 Nicola Vincent 8:55 a.m. 9:15 a.m. Session 4 Rose-Marie Kennedy 9:15 a.m. 9:35 a.m. Panel Discussion All 9:35 a.m. 9:50 a.m. Close 2

Keynote speech Colm Kincaid Director of Securities and Markets Supervision at Central Bank of Ireland 3

Session 2 Peter Engering Senior Manager, Deloitte Netherlands 5

Session 3 Nicola Vincent Director, Deloitte UK 7

Session 4 Rose-Marie Kennedy Senior Manager, Regulatory Risk, Deloitte Ireland 9

Reflection on the key objectives for this event Regulatory expectations Consideration of the regulatory expectations in Ireland in respect of conduct risk and culture as it relates to conduct; Reflection on other jurisdictions Reflecting on the learnings from other jurisdictions including the UK and Netherlands to understand how the expectations of their Regulatory Authorities have been sufficiently addressed; Reg-tech Reflecting on the impact and use of technology in the regulatory environment and the different solutions that are emerging within financial services. Specific focus on the use of technology to assist and support financial services organisations in complying with their regulatory obligations in respect of conduct risk; Practical steps Sharing of insights into some of the practical steps organisations can take to manage conduct risk and address the challenges in relation to culture. 10

Reflection on the impact and use of technology in the regulatory environment and the different solutions that are emerging within financial services. 11

Capability The Evolution of RegTech. Innovative disruptive technologies are creating a better case for change in credit, lending and Decisioning due to the ability to make achieve significant cost reductions and step-change in the customer experience Machine Learning & Cognitive Analytics Machine Intelligence & Reasoning Robotics Process Automation (RPA) Time Mimics Action Mimics Thoughts Interacts and Thinks Robotics Process Automation (RPA) Advanced text analytics and unstructured processing Machine Learning / AI Natural Language Processing & Generation (NLP & NLG) Intelligent Chatbots Intelligent Assistance 12

Impact on the Risk Operating Model Disruptive technologies can be deployed across all of the key capabilities of a risk function Robotic process automation Process Re-engineering Operational Services Reference Data Sourcing Account On-Boarding Collateral Management Other Op. Services Portfolio Operations Artificial intelligence Intelligent Automation Natural Language Processing/ Generation Risk Sensing Analytical Services Policy and Control Risk Analysis Capital Modelling Modelling and Methodology Model Management Reporting Assessment, Analysis, Approval Underwriting Quality Assurance Credit Risk Control Portfolio Management 13

How does RegTech help us now and what does the future hold? Today - 2018 2019/20 Beyond Cognitive & machine learning and advanced analytics The early exploration of cognitive and AI technologies interpret regulation. Some initial automation of compliance processes. Codifying control self-assessment and policy screening. Advanced analytics and reporting starting to emerge. Early integration of horizon scanning solutions Maturing solutions assessing regulation and automating compliance management. Codified knowledge - effective cognitive engines to digest and interpret regulation automatically. Automated horizon scanning and ingestion / assessment of emerging regulation. Automated links to risk appetite and control performance. Enterprise-wide view of regulatory impact across the organisation. Regulation managed through end-to-end RegTech platform, (beyond GRC ) Emergence of data sharing. Enterprise solutions managing and assessing regulation. Push button, intelligent and automated reporting Distributed and trusted network assessing regulatory compliance in real-time, identifying and alerting explicit, as well as implicit requirements. Significant reduction in back-office monitoring and assessment of regulation. Proactive alerting and impact assessment on change in regulations. Integrated reporting between the enterprise and the regulator. Predictive alerting highlighting impact of external events on the regulatory standing of the organisation, integration of big-data. Industry utility for firms and the ability to data share. 14

What is out there now, and how will RegTech land into the business? Our initial research estimates that there are c.160 established RegTech firms globally, providing technology based solutions to deliver regulatory projects and help businesses comply with current and future regulatory obligations. Services include regulatory reporting, risk management, identity management & control, compliance and transaction monitoring. A view across the RegTech suppliers. Heavy focus on surveillance and analytics. Collaborations and partnerships emerging : Legal & Banking, Compliance and Technology. Blockchain Advanced data management and analytics The growth in AI and cognitive offerings training the technology is critical. Blockchain in its infancy. Next steps for GRC providers a watching brief. Early stage development of industry utility approaches. RegTech Defining a RegTech Roadmap Focus on the enterprise-wide view of how regulation impacts the business joining the dots. Consider how you codify the extensive knowledge that will already exist in your business. Hearts and minds. There is often a cultural journey to go on across the range of stakeholders. Robotics AI/Cognitive Partner with the right people. Engage the regulator. The earlier you can be work in parallel the better. Source: http://bestthenews.com/article/100-regtech-startups-follow-fri-06172016-1424.html 15

How can technology be used to assist and support organisations in complying with their regulatory obligations in respect of conduct risk? 16

WHAT IS BEAT? Behaviour and Emotion Analytics Tool (BEAT) is Deloitte s voice analytics platform that uses cognitive technology and risk algorithms to monitor and produce a risk score for voice interactions based on speech, behavioural and human emotional tendencies. Why did we develop BEAT? Increasing regulatory pressure and scrutiny on customer interactions and outcomes Current review processes are resource intensive and not data driven Reviewing interactions is time consuming (e.g. longer than the call itself) Identified an opportunity to develop a solution to address these issues Initial development was for retrospective assessment, but has a much broader use Have a detailed roadmap and currently being running a number of PoCs across FS organisations What can it do? BEAT is a platform that uses cognitive technology to analyse and monitor voice interactions It has three core functions: 1. Monitors all customer voice interactions 2. Identifies high risk interactions through analysis of customer language and behaviour 3. Maps interactions to outcomes and provides details why It has been developed to analyse over 30 different languages, and 30 different behavioural indicators Why is it different? BEAT is proven in the market and we believe it is unique because: It is the only platform that combines both language and behaviour to assess risk It maps interactions to specific outcomes It utilises machine learning technology to constantly evolve and enhance the algorithms that analyse the interactions the greater the volume the more accurate the risk assessment will be It can be tailored to meet your specific risk requirements and user needs 17

HOW DOES BEAT WORK? BEAT ingests audio data in a variety of formats, and performs a number of analytical processes to produce three outputs which can then be assessed by a user to determine the appropriate next action. INPUTS BEAT PLATFORM OUTUTS LANGUAGE ANALYSIS BEHAVIOURIAL ANALYSIS BEAT Language - Transcription based - Fuzzy searching BEAT Behaviours - Vulnerability - Undermining - Call Dominance Transcription - No Talk Audio data Search Packs - Significant - Cross Talk - Hesitation Machine Learning - OMO - Enhanced Risk Score BEAT Outcomes Meta data Phonetic algorithm - Phonemes - Phonetic searching - Anger - Sadness - Happy - Neutral. Outcome Alert Customer Segmentation 18

HOW CAN BEAT HELP YOUR BUSINESS? BEAT provides multiple benefits over traditional approaches, and has been designed to support multiple use-cases within an operational call centre environment 6 5 BEAT PLATFORM 1 2 3 1. Increased coverage of call monitoring 2. Reduced manual effort and cost, enabling resources to focus on high risk interactions 3. Improved customer service and outcomes through pro-active identification of high risk calls and detailed visibility over interactions 4. Increased processing efficiency 4 5. Enhanced risk identification 6. Can be deployed with minimal integration to existing architecture enabling rapid benefit realisation CALL CENTRE USE-CASES COLLECTIONS CALLS ADVICE CALLS COMPLAINT CALLS PRESSURE CALLS NON-ADVICE CALLS 19

Summary of the insights into some of the practical steps that can be taken to manage conduct risk and address the challenges in relation to culture. 20

Central Bank Expectations of Boards & INED s Effective culture is still rooted in old fashioned values of doing the right thing and creating an environment where people can speak up and are comfortable in expressing their views. A truly independent non-executive director helps foster a good culture within a firm and can help challenge aspects of culture which may not be best practice. INEDs, therefore, can be a positive influence, shaping the values, behaviours and standards the firm aspire to achieve. Culture Sylvia Cronin, Director of Insurance Supervision The board taking responsibility for the culture of the firm and understanding the behaviours that culture drives for example through the establishment of an ethics subcommittee to the Board; or a measurement or monitoring by the board of the firm s culture through engagement with management, employee surveys or employee focus groups. Driving consistent communication of the desired culture from the Board, recognising the importance of tone from the top, to all staff levels of an institution. Deputy Governor Ed Sibley It is important to stress that the culture of a firm is the responsibility of that firm. Culture and attitudes can be changed for the better when strong leadership is provided. Director General, Financial Conduct Derville Rowland Challenge Consumer Compliance Confidence From both an INED s as well as the Central Bank s perspective, joining a board as an INED is a serious commitment and carries considerable responsibility. The INED must act in the best interests of the Company as a whole, not only for shareholders but considering all stakeholders. One of the most important attributes of an independent board member is their ability to bring fresh, unencumbered and independent perspective to ensure that the interests of the firm as well as consumers are protected. The importance of a truly independent thought process cannot be overstated. Sylvia Cronin, Director of Insurance Supervision At the Central Bank of Ireland we think of culture as the assumptions, values, expectations and beliefs, which drive the behaviours of staff. The question of how firms can effect real cultural change for the better is not one to which there are always simple answers, though much of the current thinking focuses on the importance of a firm s purpose, leadership and governance in influencing the culture. We will engage with the firms boards and senior management to ensure there is a clear focus from the top on embedding and measuring firms own cultural change programmes. Director General, Financial Conduct Derville Rowland 21

Culture in financial services firms Key areas of focus for the CBI The tone from the top The role of the leadership in setting, communicating and challenging the firm s culture Mindsets and behaviour Mindsets and behaviours that reflect the firm s target culture and values Purpose and strategy A clear sense of purpose and alignment between strategy, culture and values. Culture Governance and controls A culture that reinforces good governance and controls Individual accountability Enhanced individual accountability for specific roles and responsibilities Remuneration and incentives Remuneration and incentives that promote good outcomes for the firm, customers and the market 22

Embedding a more Customer-Centric Culture What is needed? A change of culture Conduct risk appetite A clear statement of conduct risk appetite with supporting policies and procedures will help employees understand acceptable behaviours. Responsibility & Accountability Clear responsibilities and ultimate accountability throughout the organisation Make it personal Metrics linked to objectives, performance ratings, pay and incentives Celebrate success stories Identify conduct champions within the 1 st line Hold regular training and communication events Assurance reviews Lead from the top Senior management and executives need to demonstrate the values through their decision making 23

What next? Practical considerations Reflect on the reward structures in place to support the cultural objectives of the organisation and how these are incorporated into Performance Management Consideration of the optimum governance required to support and provide oversight for the organisation s culture Articulate very clearly the culture of the organisation Establishment of a Management Information ( MI ) Dashboard for the Board & Risk Committee, reflecting on the quality, relevance and frequency of receipt. Consider the use of external benchmarking and independent challenge Clear communication of the roles, responsibilities and ultimate accountabilities/ ownership for culture Request a culture Health-check to identify potential vulnerabilities and areas of concern 24

Compliance is not simply about ticking a box, it is ensuring regulated firms are doing the right thing in the right way, and considering the spirit as well as the letter of the requirements. Ed Sibley, Director of Credit Institutions Supervision Address to the Association of Compliance Officers of Ireland 14 March 2017 2017 Deloitte. All rights reserved 25

Feel free to contact us Sean Smith Partner, Regulatory Risk, Risk Advisory - Ireland Email: seansmith1@deloitte.ie Phone: +353 (0) 1 417 2306 Rose-Marie Kennedy Senior Manager, Regulatory Risk, Risk Advisory - Ireland Email: rkennedy@deloitte.ie Phone: +353 (0)1 417 8933 27

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ( DTTL ), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as Deloitte Global ) does not provide services to clients. Please see www.deloitte.nl/about to learn more about our global network of member firms. Deloitte provides audit, consulting, financial advisory, risk advisory, tax and related services to public and private clients spanning multiple industries. Deloitte serves four out of five Fortune Global 500 companies through a globally connected network of member firms in more than 150 countries and territories bringing world-class capabilities, insights, and high-quality service to address clients most complex business challenges. To learn more about how Deloitte s approximately 245,000 professionals make an impact that matters, please connect with us on Facebook, LinkedIn, or Twitter. This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the Deloitte Network ) is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on this communication. 2018 Deloitte The Netherlands

Deloitte Ireland Conduct Risk, Culture and Reg-tech Breakfast Briefing June 2018