Banks are confronted by an ever increasing volume of compliance challenges. These challenges are fuelled by an increase in analytical complexity associated with regulatory and accounting requirements. This increase in analytical complexity has made solutions more complex to implement in an effective and efficient manner. Furthermore, the deadlines of these new regulatory requirements can be years apart and the requirements are often targeted on a specific business function, which makes it difficult to create synergies between compliance solutions.

Time and time again, in an attempt to comply with new policies and requirements, banks have added models, people, applications and processes to existing operations. These are often short-sighted tactical fixes, designed to merely meet the deadline in question (the most recent example of such a change is IFRS 9). Different teams solving pressing problems in different departments has hampered any sense of strategic implementation and most banks will admit they make do with a mixture of irreconcilable systems, controls, data feeds and interfaces.

While understandable, the tactical approach leads to significant operational and compliance risks, as well as costly inefficiencies; and these challenges rob management of the ability to fully understand the commercial impact of the underlying regulations.

After years of tactical implementations banks are at a tipping point. One more ad hoc solution, and the edifice could crumble. Now is the time to re-examine the cost, sustainability and efficiency of the overall approach – and to ask if there aren’t better solutions available.

Enabling Strategic Transformation

The only way to tackle costs and reduce the growing operational and compliance risks in the long run, is to apply some rational design (and strategic investment in technology) to the process. We are seeing more and more financial institutions embarking on strategic transformation programmes to tie their risk analytics into their overall systems design. The aim of these programmes is to create synergies between analytics and wider business requirements (e.g. improving the speed to market of credit risk models to better manage capital requirements). These change programmes are not limited to any specific function and cover multiple functional areas such as Front Line, Portfolio Management, Finance and Risk (Capital and Impairment Management, Risk Appetite, Stress Testing, Decision Science and Risk Strategy).

Technological and Business Model Change

In most banks, the traditional risk infrastructure is constraining modelling choices as certain more sophisticated solutions require robust data as well as processing power. Therefore limitations may lead to further compliance challenges. To take just one example, many banks have found their existing infrastructure would not be able to support the forecasting and stress testing requirements of IFRS 9. These challenges and associated overhead are usually driven by fragmented and inefficient processes run on a cacophony of spreadsheets, codes, systems, visualisation tools supported by manual processes and are simply unsustainable (we’ve given a flavour of the typical problem in the top half of the figure below).

Banks aspiring to cut costs and simplify the compliance task should be investing in a single, coherent, high performance infrastructure. This means implementing a collection of tools, each fit for a specific purpose, and supporting integration with one another. As an example imagine an environment where you can manage the end to end model execution process from a single tool that helps to orchestrate the different steps in the workflow. The orchestration tool interacts with your data warehouses, your model execution tools as well as your reporting tools. Each tool is targeted to your specific business requirements and the platform as a whole supports synergies across the business (as illustrated in the bottom half of the figure below).

In order to drive these synergies, the new platform needs built-in flexibility as it may require tailoring to the requirements of each business function – and we shouldn’t expect any let up in new regulation. The platform should also create a more robust, controlled and governed environment, that that allows you to evidence reconciliation and audit trails to regulatory supervisors. Here’s where the single, coherent infrastructure helps. The use of an integrated orchestration tool creates a golden thread between applications in the end to end process. Furthermore, as the analytical complexity of modelling solutions increases and banks find better ways of estimating risk, any new technology platform should not constrain the banks capability to execute and deliver new models.


From our conversations with clients, firms are targeting the following features from their integrated risk platforms:

  • A clear link between modelling and IT architecture, where the latter should provide controls, efficiency and analytical methodology benefits such as speed and transparency;
  • A simulation capability for ad hoc processing, “what-if” analysis and an additional drill-down capability to understand calculation outcomes and results;
  • A modular structure that separates functional processes and calculations into independent and interchangeable modules (e.g. a specific model may be used in both IFRS 9 and stress testing);
  • A sustainable infrastructure to provide management with the flexibility to manage models, business rules and parameters in a transparent manner, providing a clear audit trail for internal and external review; and
  • A rational alignment between Business MI and Regulatory Reporting.

Moving towards such an environment is how banks can simultaneously cut costs, lower compliance risks and pursue their business strategies. Quicker cycle times, greater automation and fewer manual interventions will save money and free up staff for more productive purposes, such as analytics, portfolio management. This in turn frees up teams to focus on value add analytics and insight, as opposed to cranking the handle on manual processing. Furthermore, as each firm moves from a fragmented process to an integrated solution, the management time required to establish controls, complete reviews and create reports will reduce.

To achieve these objectives, risk modelling methodologies, reporting requirements and infrastructure should be in complete alignment. This requires a robust change delivery programme, which would allow banks to achieve their wider strategic objectives such as efficiency, digitalisation, and employee engagement.

Will IFRS 9 and IFRS 9 Stress Testing be the catalyst? 

IFRS 9 is already significantly increasing the complexity of impairment calculations and giving banks a taste of the compliance challenge to come:

  • The control and work-flow requirements need to provide an auditable and governed process for incorporating Expert Credit Judgement (ECJ).
  • Using the same data for stress testing, portfolio management, risk appetite and IFRS 9 impairment is already throwing up complex problems.

Current tactical IFRS 9 implementations are not expected to be sustainable and banks recognise that more needs to be done to reduce the operational and compliance risks of these solutions. Therefore, a number of large firms in the UK are looking at IFRS 9 optimisation and transformation programmes - even before the tactical solutions “go live” – as this provides an opportunity for a wider revamp of risk platforms.

How we can help you

Deloitte has unparalleled technical knowledge, breadth and depth of experience in the area of Risk Modelling, Risk and Capital System Implementation and Operating Model Change. We are uniquely placed to work together with clients who are interested in better understanding the benefits of a strategic change in their current risk operating model. Drawing on our deep technical expertise in both modelling and infrastructure configuration we can offer you a seamless and cost efficient service that meets the needs of your business. It’s what we do that makes the difference.

Our relationship with SAS

Deloitte works globally with SAS as a Platinum Partner, implementing SAS solutions for regulatory requirements at banking clients around the world. In mature markets, we have found SAS to be the natural technology provider for IFRS 9, with new platforms structured to meet these technology demands. SAS has substantial experience across the industry in related credit risk areas (such as Capital, Forecasting and Stress Testing) which offers great synergies, making SAS technology a natural choice for a strategic risk infrastructure change programme.



Damian Hales - Partner, Risk Advisory, Deloitte

Damian is a Partner, within the Risk and Regulation practise and has over 21 years’ experience in the financial sector and specialises in Credit Risk Management across the full credit lifecycle (from origination to collections and recoveries), IFRS 9, Capital management and Programme Management. Damian leads Deloitte’s Credit Risk and Impairment Transformation offerings, sits on Deloitte’s IFRS 9 Steering Group and is a regular speaker at conferences on these topics.

Email | LinkedIn


Thomas Clifford - Director, Risk Advisory, Deloitte

Tom is a Director in the Financial Analytics team within Deloitte’s Risk & Regulation Group. He specialises in credit risk modelling across the banking sector, having implemented, reviewed and applied credit risk models across the full spectrum of Retail, Commercial, Corporate and Wholesale lending operations.

Email | LinkedIn


Edward Venter - Manager, Risk Advisory, Deloitte

Edward Venter is a Manager in Deloitte’s Financial Risk Measurement team within Risk Advisory, specialising in the development and application of credit risk modelling to support financial institutions on capital allocation, loan impairment modelling and financial risk management.

Email | LinkedIn


Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.