As the world grapples with the impacts of COVID-19, financial institutions are being challenged unlike ever before. In this rapidly shifting operating environment, we’ve seen these institutions take swift action to support government programs, address client needs, and create an effective remote employee workforce. Addressing these needs required urgent and dramatic changes that will have long-lasting impacts.
As the dust has now begun to settle, and the requirement for urgent action lessens, there is a growing need for financial institutions to take a step back and undertake a review of the processes and related controls implemented in recent months. The aim is to ensure control gaps in recently implemented processes are identified and mitigated in the ‘new normal’ business as usual environment.
Driving Factors
The financial services industry has experienced a significant magnitude of change that has occurred in a very short period of time. Three key driving factors of change stand out.
1. Enabling Government Relief Programs
As part of massive government intervention, several programs have been created to help support people and businesses in need. And for a number of these programs, the government has used the banking system as the approval and distribution network for this support. Banks were pushed to react rapidly as government programs were announced. Seemingly, and in some cases quite literally overnight, processes and technology enablers related to application, approval, distribution, monitoring and reporting were developed and implemented.
While the greatest possible care and diligence was taken to support these changes, they were quickly put in place and there is an opportunity to revisit the processes and related controls, and address additional risks that may not have been initially identified. Fraudulent applications, need for government reporting, and capital monitoring are just a few of the changes that are important examples.
2. A Swift Response to Addressing Client Needs
Alongside government intervention, financial institutions have been aggressively developing solutions to assist clients in these unprecedented times. Amidst organization-wide responses, we have seen two primary focus areas. Unsurprisingly, the first has been the easing of client’s financial commitments through payment deferrals on credit products. The second lies within the realm of providing substantially enhanced digital access to services.
In addressing these important needs, many new processes have been put in place across dozens of products and services. In a rush to better serve clients in a time of physical distancing, new digital access services have been established with record speed. While there is no question due diligence was taken during implementation, it is now time to revisit the policies, procedures, risk assessments, and control frameworks to assure management that risks are effectively mitigated.
3. Ensuring an Effective and Compliant Remote Workforce
The third big change in response to COVID-19 is the shift to Working From Home (WFH) for most employees. Prior to COVID-19, WFH was certainly an option for many employees, however there stood a long-held belief that certain categories of internal employees in financial institutions must perform their roles on premises. COVID-19 changed the status quo.
Previously held views around leadership, risk, compliance, culture, and access, that may have restricted WFH in the past, have now been turned upside down as entire on-site groups shifted to WFH overnight. In fact, despite the novelty and disruption, many have reported measurable improvements in productivity and there are signs over the long term, employees are going to want to increase the amount of time they spend working from home. With this significant shift in how and where people work, new controls need to be considered, and existing processes augmented to ensure the WFH workplace remains compliant and productive.
Why Review These Recently Put in Place Processes & Controls?
There is no question that well thought out processes and controls play a significant role in mitigating and managing risk. In the normal course of our work with North American financial institutions, we spend a lot of time assessing, developing, and enhancing process and control frameworks. This work is often related to processes and controls that were developed with great thought over long periods of time. However, in our experience, we consistently see:
- Controls that do not reflect current technology capabilities and/or information access;
- Controls developed in isolation; and
- Processes that are not well mapped across all lines of defense.
In the business environment created by COVID-19, financial institutions have undertaken tremendous efforts to support their clients and employees. We do recognize that sound, ‘in the moment’, approaches to risk mitigation and control frameworks have been created along the way to secure the viability of our financial system. In fact, we believe that much can be learned from the lighter touch controls and monitoring that have proven effective.
However, as we look forward, there is a critical need for a serious second look at the processes and the preventative and detective controls put in place, as well as a review of the monitoring processes employed to ensure that the new and enhanced processes are effective and sustainable.
So, do the processes and controls implemented amid the demands of the COVID-19 crisis effectively mitigate risk? We recommend asking three key questions to determine the answer:
- Do we have the right balance of preventative vs. detective controls?
- What controls can/should we automate to better mitigate and monitor risk?
- Have management controls and escalation points been appropriately tested since implementation?
COVID-19 has thrust a massive amount of change onto financial institutions. The impacts have highlighted the cracks in business continuity planning, have accelerated digitization by years, and transformed remote working. With these changes, financial institutions are facing an increasingly complex risk environment and we believe the current crisis will act as a catalyst for regulators and financial institutions in reevaluating processes, controls, monitoring and oversight.
Optimus SBR’s Financial Services Practice
Optimus SBR is an implementation-focused firm that specializes in cross-functional experience in process redesign, controls, organizational alignment, strategy development, and project management. With over 150 consultants in our Financial Services Practice we bring deep experience across all sectors of the financial services industry. Our responsive, execution-focused approach is valued by North America’s largest banks, insurers, asset managers and pension funds.
If you found this helpful, give us a call, or send us a note.
Carolyn Kingaby, Senior Vice President and Practice Lead
Carolyn.Kingaby@optimussbr.com
416.649.9219
Peter Snelling, Senior Vice President
Peter.Snelling@optimussbr.com
416.649.9128
Bill Carrigan, Director
Bill.Carrigan@optimussbr.com
416.276.2635

Natural Language in Data Visualization: A Showdown Between Tableau and Power BI
Two industry-leading data visualization tools, Tableau and Power BI, both offer the ability to query data using natural language. But how do they stack up?

Steering Through Uncertainty: The Impact of IFRS 17 on Risk Management and Control Strategies
With a strong emphasis on accuracy and integrity, insurers are faced with the task of redefining their control environments and governance structures for financial reporting.

Analytical Data Mart vs. Data Lake: Which Approach is Better for Your Analytics?
Welcome to the world of data-driven organizations where it is crucial to have a well governed repository to efficiently store and manage your valuable data.

Mastering IFRS 17 with a Strategic Target Operating Model
When applied specifically to the realm of IFRS 17, a strategic Target Operating Model provides a high-level view of the end-to-end solution design, processes, controls, and close schedule required to execute the new finance model.

The Push for Companies to Prioritize Leadership Development
Leaders have been expected to do more than ever in the past few years. Navigating through uncertainty, dealing with new challenges, and responding to rapid change have all become commonplace demands for management teams.

Navigating a Hybrid Work Environment with Gen Z Employees
Millennials, who have dominated the workforce for the past decade, are now ceding the stage to the next generation of employees – Generation Z.

Developing Early Career Talent: 5 Strategies for Success
A robust and effective early career talent development program is essential for companies looking to grow their future leaders from within.

How to Capitalize on Your IFRS 17 Investment
With guidance and support insurers can move from IFRS 17 compliance to business as usual (BAU) and fully capitalize on their investment.

Leading & Engaging Gen Zs – The Bold Approach
Gen Zs are the new age workforce that is gradually changing the landscape of the corporate world. Leading and engaging Gen Zs in this environment requires a bold approach.

Optimus SBR Named 2022 Most Admired Corporate Cultures™ Winner!
What a thrill it is to be honoured as a 2022 Most Admired Corporate Cultures™ Winner! This award celebrates the Bold Attitude and Entrepreneurial Spirit each of us embodies.

Power BI vs Tableau – Which is Better?
Although Tableau and Power BI are similar business intelligence tools, there are key differences that organizations should be aware of when considering analytical requirements.

7 Drivers of Economic Development
These seven drivers of economic development bring new money into the municipalities, accelerate the velocity of money within the city, increase the engagement of citizens, and propel the generation of new ideas, technologies, talent, success stories, wealth, and global rankings.