Financial Institutions

Compliance by Design: Banking's Unmissable Opportunity

Financial institutions face a rising tide of compliance regulation requiring them to fight financial crime and ensure proper employee conduct. The industry as a whole has faced hundreds of billions of dollars of fines over recent years for failing to take effective action. Many banks have responded, but at the cost of operational inefficiency and a more challenging customer experience. A consistent weakness in banks’ approach is fragmentation between lines of defense. Often the risk owner doesn’t understand what the compliance function needs, and vice versa. The result is that firms struggle to translate regulatory requirements into daily business processes. History shows that poor compliance leads to punitive outcomes. Banks can reduce that risk through “compliance by design”, which is a systematic approach to integrating regulatory requirements into tasks and processes. BCG recommends a three-step strategy:


• Identify and assess regulatory requirements for the three lines of defense.

• Analyze how the rules apply to individual processes in each line of defense.

• Design and implement a roadmap and ramp up technology.


Financial institutions are especially challenged by the first step, which requires transposition of regulation into detailed processes, data fields, and documentation. Another challenge is effective implementation of technology, from mechanistic tools for control activities to artificial intelligence for trade monitoring. However, banks that get it right are more likely to avoid punitive fines and will operate a more efficient compliance function that offers customers a better service.

Financial Institutions