BS&T Executive Summit 2006

Technology Is Becoming Further Intertwined With Compliance Efforts

This list of regulations to which financial institutions must comply is ever increasing. Names such as Sarbanes-Oxley, Gramm Leach Bliley and Basel have become common vernacular for bankers.

What it means to be in compliance is constantly in flux, and the costs of being non-compliant are great. And while each new regulation brings its share of burden in the form of costs and lost resources, they each can be seen as an opportunity, if handled properly, according to experts.

But things are changing when it comes to compliance -- banks are starting to realize that the "compliance burden" is here to stay, so they're figuring out ways to turn those billions of dollars in investments into increased value for the bank -- by not only leveraging the required investments but also gaining valuable customer, financial and competitive insights. During the last session on Monday morning at the BS&T Executive Summit, two bank executives shared their unique views on the subject.

As technology, services and fulfillment compliance executive for Bank of America, Rose Corvo's main goal is to automate compliance wherever possible, she said during her presentation on "Unlocking Value Via Regulatory Compliance," as the session was titled. Corvo handles the dual roles of managing technology for compliance and managing the compliance for technology.

"My target is to implement compliance program requirements into technology groups," Corvo explained. She also hopes to utilize technology to automate Bank of America's compliance of regulations, policies and procedures; leverage technologies across the enterprise to gain maximum benefit; and enable benefits on the business side of the bank.

"We must eliminate wherever possible the reliance on people to do the right thing," she said. Yet, automation alone is not enough. The complete approach to unlocking value via regulatory compliance includes thinking about compliance in broad, not narrow, terms; implementing an enhanced regulatory change management process to build in automated compliance; partnering with CIOs to implement strong compliance culture and programs; building compliance into foundational processes; and actively looking for automation opportunities in existing process and technologies. "We cannot afford to overlook the off-setting business value to be gained from regulatory compliance efforts," Corvo said. Regulatory compliance will unlock value via increased revenue, reduced expenses and a strengthened reputation, she added.

"Automation of compliance, leveraging existing tools and exploring synergies is not a luxury -- it is a necessity," Corvo emphasized in concluding her presentation.

Ron Hoffer, VP and senior IT- audit manager at Union Bank of California, spoke during the compliance session as well on the role of technology in a regulated environment.

Unlike Corvo, Hoffer pointed out there are limits to what technology can do in terms of compliance. For example, he said, technology cannot take the place of people. There are a number of things that technology can do though, he said, including controlling who accessed information.

Hoffer stressed that banks need to be clear where technology is the primary control, for example with SOX, and that technology is always supporting business goals.