This article from Credit Union Times is concise and perhaps not as in-depth as we'd like but it does continue a trend of articles we've read over the past year that have described how the role of Risk and Compliance officers has changed dramatically. The article notes there has been a major shift from an emphasis on analysis to an emphasis on implementation. We have certainly witnessed this in the vendor risk management space in 2012 and 2013 and continue to see it as an important evolutionary success factor in 2014 and beyond.
Because vendor risk management systems automate a lot of the data analysis and reporting, this has enabled a shift of focus toward the creation of quality risk content – vendor assessment data and narrative – and the design and implementation of new workflows with accountability for everyone to complete their vendor management process tasks which contribute to this data. Vendor management is a multi-faceted process that crosses many departmental boundaries and requires strong process design, controls and implementation efforts to be successful. Without accurate and timely task completion, analysis and reporting will not be accurate.
We think this is why more and more banks are relying on us to help them complete tasks like vendor due diligence and monitoring in a high quality, timely manner, and also why they rely on us for insight about how to make sure that everything gets done accurately and on time. Good process design and experience with implementation is helpful. This strategic shift in emphasis for the risk and compliance officer and their need to be able to rely on their partnership with an expert third party risk management solution provider validates our strategic direction and makes us feel good about being able to services our customers' true business needs.
On a closing note, we were surprised to see that the average compliance cost for a financial institution rose by more than 65% in the third quarter of 2013 over 2012. That is even higher than our research which showed it at around 50%. Regardless, this is certainly a sign that financial institutions are tackling, rather than debating, the compliance and regulatory hurdles and challenges they face. As they do this, it will open up the door for regulators to continue to advance guidance that raises the bar. Those not elevating their spending are being left behind. Playing catch up can be not only difficult but a potentially dangerous strategy.