Featured Product

    Operational resilience in the time of COVID-19: SaaS to the rescue

    June 2020

    Operational resilience in the time of COVID-19: SaaS to the rescue

    How technology can enable banks to be agile during the current crisis, future shocks, and remote working

    The coronavirus outbreak generated an unprecedented health crisis that is affecting people and countries all over the world.

    However, the pandemic is causing consequences far beyond the spread of the disease itself. With time, the dramatic socioeconomic impacts due to the lockdown appear clearer and more complex. COVID-19 is putting banks’ operational resilience under pressure. This paper addresses the implications of the coronavirus on banks in terms of regulatory reporting and illustrates how software-as-a-service (SaaS) technology can provide solutions.

    The global spread of the coronavirus resulted in simultaneous supply and demand shocks that suddenly slowed economic activity and brought global economies into great distress. This unpredictable and widespread freeze in economic activity, never seen in prior crises, has created severe and extensive upheavals across many sectors and regions. These have given rise to large-scale substantial pullbacks in consumption and the disruption of business operations, causing significant earnings reductions. As a consequence, layoffs are expected to increase, which eventually will lead to a sharp rise in defaults with long-lasting damage for the worldwide economy. 

    International Monetary Fund (IMF) data1 on real GDP growth highlights that the global economy is expected to contract on average by 3% this year, with the lowest negative peak of 9.1% in the hardest-hit countries such as Italy. Recently, the United Kingdom is expected by the OECD2 to hit 11.5% in 2020, and the country recently reported that its economy shrank by 20.4% in April,3 which represents the largest monthly contraction on record. In addition, according to studies4 published by our sister company, Moody’s Investors Service, this contraction is expected to continue in 2021 when real GDP forecasts will likely remain far less than pre-coronavirus levels in most advanced economies. Particularly alarming is the fact that these expectations are subject to significant downside risks due to the predominant feeling of uncertainty. While some countries have initiated easing of lockdown restrictions, future coronavirus-related developments can cause these to be reinstated at any time. 

    What are the impacts on the regulatory landscape? 
    Firms are under a great deal of pressure. The financial environment has been changing dramatically, forcing financial institutions to rethink and adapt their business models to the new circumstances. To fight the economic turmoil caused by the pandemic, many countries have already put in place huge financial measures to support households, businesses, financial institutions, subnational governments, and financial markets hit by the economic fallout. According to the IMF, the EU allocated about €540 billion (4% of EU27 GDP), whereas the United States allocated about $2.3 trillion (around 11% of GDP) through the Coronavirus Aid-CARES Act.5  

    However, during this period of distress, regulatory reporting burdens turned out to be particularly challenging for financial institutions. Despite the current conditions, banks are still expected to meet many of their regulatory requirements, although delays have been granted. On one hand, many regulators such as the European Banking Authority (EBA) and the Prudential Regulation Authority (PRA) in the United Kingdom allowed the temporary relaxation of regulatory standards for liquidity and capital ratios. These measures include leeway on reporting dates to reduce market stress and encourage financial institutions to continue lending during the period of coronavirus disruption. For example, the EBA—in coordination with the Basel Committee on Banking Supervision (BCBS)—decided to cancel the quantitative investment strategies (QIS) based on June 2020 data; additionally, the implementation of the Basel 3.1 standards has been delayed by one year. 

    Nevertheless, overall regulatory supervision continues to apply, and some institutions may even be required to provide further reporting—either to deliver more frequent submissions of particular reports or additional ad hoc reporting on key prudential metrics to complement the standard reporting. Financial institutions cannot escape their regulatory requirements and must continue to operate as usual despite unprecedented circumstances while their entire workforce is working from home. Whether this change is temporary or may even become more of a new normal in the future, banks must focus right now on improving their operational resilience to successfully face the current crisis and any future crises. 

    However, this significant industry challenge can be overcome. The latest technology solutions available in the marketplace allow banks to achieve the high-quality data and reporting standards required by regulators, while improving business performance and reducing the total cost of ownership. All this can be accomplished remotely, without the need to be on site. 

    Software-as-a-service (SaaS) keeps you always up-to-date 
    One obvious benefit of using cloud-native solutions is their low or non-dependency on installed infrastructures and IT departments. This means dedicated effort is not required for maintaining infrastructure in-house. 

    Plus, remote access offers benefits through a frequent and smooth upgrade process. This has proven to be useful in two areas: software upgrades and regulatory updates. Unlike installed software applications, the software vendor manages all upgrades using a solution that is constantly up-to-date both technically and functionally. 

    To further alleviate banks’ regulatory burdens, a SaaS vendor should be responsible for monitoring the regulatory landscape and adjusting the software accordingly to relieve banks’ expert and IT resources. All regular and extraordinary regulatory requirements introduced during a crisis can be pushed to cloud-native applications ahead of time, saving time, cost, and effort to achieve compliance. By choosing SaaS, the necessity to recognize and implement regulatory updates shifts from a challenge to an opportunity for improving business as usual. 

    SaaS grants flexibility while ensuring performance 
    Scalability of a cloud offering delivers required performance in a time of heightened demand and supplies an almost unlimited capacity of processing resources. As the whole world abruptly moves toward virtual solutions, SaaS providers attract customers with resource flexibility and optimization, and promise to maintain high performance regardless of the frequency of calculations. 

    And this frequency is likely to increase. On one hand, many regulators may naturally want to monitor the stability of the financial sector during the current crisis more frequently. This would require banks to give supervisors data more often than usual. We can see that some regulators are already introducing additional reporting requirements in the context of COVID-19. The National Bank of Belgium (NBB) recently requested Belgian credit institutions to report more details about their loans benefiting from payment moratoriums or government guarantees that must be reported as a part of additional AnaCredit requirements. In addition, loans guaranteed by the Banque de France (BDF) used to support companies during the crisis must be declared by the French credit institutions. Extraordinary reporting requirements have also been introduced in Hungary exclusively between March and December 2020 for enhanced monitoring of lending, liquidity, and portfolio quality of credit institutions to assess the negative effects of the COVID-19 pandemic.  

    On the other hand, it is natural for credit institutions to undergo increased risk monitoring regardless of their regulator’s official requirements. As the current health crisis quickly evolves into an economic one, stress testing and scenario analyses have become hot topics among risk managers. Many are seeking tools and resources to perform scenario analyses to assess the impact of deteriorating economic conditions on their portfolios and performance. As clients turn to SaaS applications, their vendor can support them continuously and deliver the same level of service despite the heightened demand, and without being on site. 

    SaaS brings you the future of regulatory compliance 
    Performance and resource capacity are an absolute must to ensure compliance, especially in times of economic uncertainty and enhanced regulatory scrutiny both from regulators and risk managers. SaaS solutions can go beyond the most necessary measures. 

    Cloud-native technology brings to the table a powerful new advantage: streaming architecture that can be leveraged for efficient business intelligence, which is especially important in times of distress such as the current COVID-19 pandemic. Near-real-time data streaming can be conveniently used to monitor a bank’s portfolio—for example, by populating regulatory reporting templates with the most current data as often as required. 

    This technological advantage can be further leveraged by proper variance analysis capabilities. Populating regulatory reports in near-real-time means that with the right toolkit, a regulatory reporter can compare the latest reporting templates as often as needed to monitor any fluctuations in risk. More importantly, if a SaaS solution gives users capabilities to drill up and down into any variance in reported figures, it is then even easier to understand which reported risk metrics are changing over short periods of time and why. 

    SaaS supports governance 
    It is worth noting that there is more to regulatory compliance than meets the eye. Compliance should never be merely reporting risk metrics to the regulator; it should require also maintaining the highest standards of governance and transparency.  

    However, this is likely to be more difficult to achieve with legacy, on-premises architecture. Many systems need to be connected and integrated, and often manual tasks still persist. Cloud-native solutions, alternatively, are designed to streamline processes and establish high governance standards, which allows institutions to easily maintain high transparency, clear points of responsibility and control, and an overall process even under uncertain conditions. With SaaS, all steps of a process can be easily accessed and monitored even remotely. 

    SaaS is designed to achieve the highest security standards 
    All the benefits of cloud computing—including its ease of access, instant availability, and data streaming—should never be compromised by lowering security standards. During this crisis, cyber attacks are more likely increase, and the more people work remotely, the more they are exposed to such attacks. This makes security a crucial task.  

    Achieving the highest-possible security standards with SaaS should be the pre-requirement when choosing a SaaS vendor.  Cloud-native capabilities can provide end-to-end encryption and effective mechanisms that prevent random access to the application such as IP-whitelisting. They protect data from being compromised by taking advantage of data redundancy and  intra-region replication. With SaaS, such objectives as recovery point objective (RPO) or recovery time objective (RTO) are agreed upon, and a SaaS provider is contractually obliged to always meet them. With a trustworthy provider, data can be retrieved despite any disaster event. 

    Unlike installed solutions, SaaS has been designed from the outset to maintain the highest security standard under the most vulnerable circumstances. With the right vendor, SaaS delivers the exact security standards needed today. 

    SaaS saves money 
    All of these SaaS benefits can be achieved with lower costs. A SaaS offering tends to provide more—calculation and reporting engines, upgrades, expertise, and additional services—for less. Additionally, the subscription model lowers cost of ownership and shifts from capital expenditures to more predictable operational costs. With SaaS, users avoid ongoing extra costs related to maintenance, support, upgrades, or license fees—as ongoing costs will not occur over the subscription fee. Also, scalability enables lower usage of computing resources when not needed, so institutions pay only for what they use.  

    Partner with resilient companies 
    Changing your technology approach is not easy. It is important to keep in mind that achieving business resilience includes operating in an overall resilient ecosystem. The best practice would be to assess not only your own resilience but also the resilience of other parties, and to make sure that you cooperate with partners who will deliver the same level of service despite operational or market uncertainty. 

    One indicator demonstrating a vendor’s resilience is its compliance with market standards, such as EBA guidance for cloud outsourcing. These guidelines are intended to ensure that all outsourced functionality maintains the highest quality, is regularly monitored in terms of various operational risks, and does not weaken security or data protection standards. 

    Summary 
    This current crisis reinforces the reasons to choose SaaS solutions. Financial institutions might have difficulty maintaining business as usual because they are often unprepared in terms of infrastructure and framework that would allow them to operate systems remotely, or to use them efficiently. In this context, cloud technology is a powerful alternative to installed deployment. SaaS lays foundations for a strong operational and business resilience. Not only does it help maintain business as usual, but SaaS also has the potential to improve it while enhancing resilience in stressful times for banks, and preparing them for any unforeseen emergency in the future. Selecting the right solution provider is paramount while aiming to achieve more with less.