Banks to improve fundamentals in 2015, Deloitte says

This is in spite of the new challenges and greater competition that they will face, according to the centre’s recent report on the “2015 Banking Outlook: Boosting Profitability amid New Challenges”, which explores key issues of importance for the industry, including some actionable takeaways for industry leaders to consider.

Next year, improved balance-sheet management will become more necessary, and yet more complex. 

With new regulatory requirements such as the liquidity cover ratio and supplementary leverage ratio that were finalised this year, banks – especially the largest ones – will soon be forced to make changes to their balance sheets by holding additional low-yielding assets.

Banks will also have to address the rising-interest-rate environment by managing deposit outflows and reclassifying some securities in their portfolio from available-for-sale to held-to-maturity to avoid unrealised losses hitting capital. 

This effort to protect capital locks in yield on long-term securities, which could thin out interest margins as rates rise.

“Banks will need to manage their balance sheets against multiple – and sometimes conflicting – regulatory metrics simultaneously,” said Ho Kok Yong, financial services industry leader for Deloitte Southeast Asia. 

“This includes, for example, their capital requirements, two liquidity ratios and a leverage ratio, on top of their bail-in-able and stress-testing requirements. In the short term, the challenge of this task is further compounded by the fact that some of these metrics have not yet been finalised.”

 

Compliance demands

As banking regulators step up their pressure on banks, the compliance function is finding itself facing unprecedented demands. Exacerbating the problem is a disjointed and uncoordinated regulatory reporting structure found in many organisations that leads to slow responses, inefficiencies and possible confusion, not to mention the real risk of non-compliance and fines. 

Some leading organisations are looking at establishing central regulatory management offices (RMOs) to drive consistency, streamline execution and improve decision-making. Next year, more banks are expected to embrace the notion of a central RMO.

But regardless of structure, significant risk-based decisions are made throughout the organisation on a daily basis. 

Recognising this, banks are placing a greater emphasis on integrating risk management, compliance and ethics into the organisational culture. 

“The new benchmark of a mature governance programme will be the organisation’s ability to weave risk-intelligent behaviour into the fabric of the bank’s culture,” said Giam Ei Leen, risk and regulatory advisory leader for Deloitte Southeast Asia.

“Impacting culture requires first and foremost a strong ‘tone at the top’. Boards should effectively challenge senior management’s risk assumptions and business plans, documenting such instances for future reference,” she said. 

 

Cyber-security key

“Further, risk management and compliance responsibilities should be reflected in performance management programmes and reinforced in employee training,” Giam added.

With the acceleration in the number and severity of cyber-attacks this year, there is every reason to believe these threats will only become more pervasive, sophisticated and disruptive next year and beyond. 

Even in instances where banks are not the direct targets of such cyber attacks, their integral role in the payment ecosystem leaves them entangled in the often messy aftermath of security breaches, including but not limited to economic and reputational losses.

In 2015, banks are likely to add defensive and offensive measures to their toolkits, borrowing from military and government agencies, given their vast experience in defence and intelligence. 

Competition for specialised talent – in particular those with military and government backgrounds – will intensify, leading to increasing compensation costs for banks. Collaborations within the industry and with government agencies are also likely to increase to facilitate the seamless flow of information as incidents happen.

“With the recent high-profile cyber-attacks on some of the largest industry players in Southeast Asia, banks in the region will need to devote greater resources to enhance their cyber security model,” said Thio Tse Gan, cyber-security leader for Deloitte Southeast Asia. 

“Organisations should look into adopting new methods such as war-gaming, attracting specialised talent and increasing collaboration with other members of the ecosystem, as well as beefing up the intelligence apparatus to detect new threats. 

“Budgetary issues are still likely to remain a concern for some banks, but it might be worthwhile to note that the financial and reputational costs of a cyber-attack incident may well exceed the cost of its prevention.”