Introduction: The Reserve Bank of India (RBI) issued a crucial directive (RBI/2023-24/117) on January 31, 2024, targeting a profound transformation in the internal compliance monitoring function across various financial institutions. The RBI observed the varying degrees of automation in Supervised Entities (SEs) and highlighted the necessity for comprehensive and integrated technological solutions to enhance the efficiency of compliance monitoring.
Detailed Analysis:
1. Current State of Compliance Monitoring: The RBI recently evaluated compliance monitoring in select Supervised Entities, revealing a spectrum of automation levels, from macro-enabled spreadsheets to workflow-based software solutions. However, manual intervention still significantly shapes the compliance monitoring process.
2. Directive for Streamlining: Recognizing the need for improvement, the RBI mandates the implementation of enterprise-wide, workflow-based solutions/tools. These tools should facilitate communication and collaboration among stakeholders, identify, assess, monitor, and manage compliance requirements, escalate non-compliance issues, record approvals for deviations, and offer a unified dashboard view to Senior Management.
3. Implementation Timeline: Financial institutions are advised to conduct a comprehensive review of existing compliance tracking and monitoring processes. Necessary changes or the deployment of new systems should be completed by June 30, 2024. The RBI emphasizes the flexibility for Regulated Entities (REs) to choose tools/mechanisms based on their size and operational complexity.
4. Monitoring Mechanism: The RBI recommends the establishment of a monitoring mechanism to assess the progress of implementing enhanced compliance monitoring solutions. This ensures that financial entities actively engage in the streamlining process and meet the specified deadline.
Conclusion: The RBI’s directive signifies a strategic move towards bolstering the compliance monitoring function through advanced technology. Financial institutions are urged to embrace this transformation, reviewing and enhancing their systems to meet the evolving regulatory landscape. The article underscores the critical aspects of the RBI’s directive and the impact it holds for the entities under its supervision.
This comprehensive analysis provides insights into the RBI’s directive, the current state of compliance monitoring, the proposed changes, and the imperative for financial institutions to adopt advanced solutions for enhanced compliance tracking.
***
Reserve Bank of India
RBI/2023-24/117
DoS.CO.CSITEG.SEC.No.9/31-01-015/2023-24
January 31, 2024
The Chairman/Managing Director/Chief Executive Officer
Scheduled Commercial Banks (excluding Regional Rural Banks);
Small Finance Banks; Payments Banks;
Primary (Urban) Co-operative Banks (Tier III and IV);
Upper- and Middle-Layer Non-Banking Financial Companies
(including Housing Finance Companies);
Credit Information Companies and
All India Financial Institutions (EXIM Bank, NABARD, NaBFID, NHB and SIDBI)
Madam/ Dear Sir,
Streamlining of Internal Compliance monitoring function – leveraging use of technology
RBI had recently carried out an assessment in select Supervised Entities (SEs) of the prevailing system in place for internal monitoring of compliance with regulatory instructions and the extent of usage of technological solutions to support this function. It is seen that SEs have adopted varying levels of automation to support this function, ranging from use of macro-enabled spreadsheets to workflow-based software solutions. The review brought out that automation of the compliance monitoring process in SEs remains a work in progress with various aspects of this function being carried out with significant manual intervention. There is, thus, a need to implement comprehensive, integrated, enterprise-wide and workflow-based solutions/ tools to enhance the effectiveness of this function.
2. Such a solution/ tool should, among other things, provide for effective communication and collaboration among all the stakeholders (by bringing business, compliance and IT teams, Senior Management, etc. on one platform); have processes for identifying, assessing, monitoring and managing compliance requirements; escalate issues of non-compliance, if any; require recording approval of competent authority for deviations/ delay in compliance submission; and have a unified dashboard view to Senior Management on compliance position of the Regulated Entity (RE) as a whole. The RE, based on the size and complexity of its operations, may decide on the tools/ mechanism it would prefer to deploy for monitoring of compliance and development of the unified dashboard.
3. Accordingly, REs are advised to carry out a comprehensive review of the existing internal compliance tracking and monitoring processes and institute necessary changes to existing systems or implement new systems latest by June 30, 2024.
4. An appropriate monitoring mechanism may also be put in place to review the progress of its implementation.
5. Please acknowledge receipt.
Yours sincerely,
(T K Rajan)
Chief General Manager
