Financial institutions must increasingly focus on compliance and cybersecurity, with a global focus.
Such issues are explored in a Deloitte report on risk management innovation, which examines critical regulatory topics facing Canadian financial institutions, and how trends such as innovation, automation and analytics are becoming increasingly important to stay compliant and competitive.
For example, the report discusses regtech, including blockchain.
“Blockchain is playing a crucial role in solving some of [financial institutions’] key risk issues, such as central clearing and settlement systems,” says the report.
Though Canada often plays catch up with its global peers when it comes to regulating technologies, Canadian financial institutions are leaders in blockchain implementation.
“This is an advanced capability relative to other global regions because it involves such a large consortium of organizations,” says the report.
Global regulatory challenges
The large number of global players makes for constantly evolving regulation, and financial firms need to be able to deal with diverging frameworks, the report says.
“At a minimum they will need globally coordinated approaches to understand overlaps, incompatibilities and potential synergies,” say the authors of the report’s foreword, who are regulatory specialists.
A pivotal cybersecurity regulatory issue for the coming year will be the General Data Protection Regulation (GDPR), says the report.
The European Union (EU) legislation, set to come into force May 25, 2018, sets ground rules and provides guidance on how organizations must handle and protect clients’ personal data.
“The GDPR will affect Canadian [financial institutions] that have EU operations and/or process the personal data of EU-based customers or employees,” says the report.
The penalties for non-compliance will be the heaviest in the world—up to 4% of annual turnover for significant violaters. “And EU regulators will have greater enforcement powers than their Canadian counterparts,” says the report.
It also says a firm can differentiate itself as a leader in data privacy if its compliance is full and effective.
For full details on challenges firms face and how they must adapt, read the full report.