Cognizant, profile picture
Uploaded byCognizant
389 views

Embracing Digital Convergence amid Regulatory-Driven Overhauls

The document discusses the impact of the EU's General Data Protection Regulation (GDPR) on financial institutions and emphasizes the need for strategic organizational change rather than mere compliance. It highlights the convergence of regulations and digital technologies such as AI and blockchain, advocating for a proactive approach to leverage these changes for increased business value. The suggested six-step process aims to align compliance with digital transformation to enhance customer trust and operational efficiency.

Embed presentation

Download to read offline
Embracing Digital Convergence amid Regulatory-Driven Overhauls With the deadline for the EU’s General Data Protection Regulation (GDPR) fast approaching, and other incoming regulations on the horizon, banks and other financial services institutions should use their regulatory and digital programs to drive a step- change in value across their ecosystems. Cognizant 20-20 Insights | February 2018 COGNIZANT 20-20 INSIGHTS
Cognizant 20-20 Insights Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 2
Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 3 EXECUTIVE SUMMARY By any measure, the EU’s General Data Protec- tion Regulation (GDPR) is a ground-breaking piece of legislation with profound implications for companies worldwide. It applies globally, affecting any organisation that interacts with the data of an EU resident. These pervasive implications mean GDPR impacts internal and external stakeholders and requires actions across people, process and platform (both data and technology). But is targeting GDPR compliance enough on its own? We believe the answer is no. Put simply, GDPR demands not just regulatory compliance, but strategic organisational change. Therefore, financial institutions (FIs) should approach GDPR not as a stand-alone compliance issue, but as a change that creates major opportuni- ties to generate higher value through the smart use of digital technologies and thinking. In 2018 alone, the second Payments Services Directive (PSD2), Markets in Financial Instru- ments Directive 2 (MiFID II), upcoming European Commission’s proposed e-privacy law and revi- sions to UK’s Open Banking agenda are all set to revolutionise the industry’s journey to enactment. Approaching any of these regulations in iso- lation risks missing out on their areas of commonality. The main theme that links and aligns them is the need to apply a range of digital technologies in smart and integrated ways. So what we’re seeing is two forms of convergence: regulatory convergence, as new regulations coalesce in terms of impact and imperatives; and digital convergence, as banks and financial services organisations combine new technologies – artificial intelligence (AI), machine learning (ML), blockchain, robotic process automation (RPA) and more – both to protect customers more effectively, and also to transform their own organisations to be leaner, more effective and more efficient. (To learn more about digital strategy at banks, read our white paper, “How Digital 2.0 Is Driving Bank- ing’s Next Wave of Change.”) The message, therefore, is clear: The optimal way to approach these imminent rules is as an interlinked array of new regulations, and then respond through digital convergence that creates higher business and regulatory value. Organisations that approach digital, regulatory and technological convergence appropriately (see our six-step approach in the sidebar, next page) will simultaneously build compliance and customer trust, and thrive in the modern digital age. It is a one-time golden opportunity to accel- erate and escalate the creation of business value through digital. This white paper further enumerates how this can be realised and max- imised. Cognizant 20-20 Insights
Cognizant 20-20 Insights GDPR’S KEY MILESTONES & IMPACTS ON BANKING AND FINANCIAL SERVICES The first step for responding properly to GDPR is to understand the regulation itself, the scale and nature of its impacts and its interrelationship with other regulatory changes. Equipped with these insights, FIs can ensure not only that they are GDPR-compliant, but that their operating model is future-proofed for an increasingly open and digitally-enabled market ecosystem. GDPR aims to unify and strengthen data pro- tection and privacy for all individuals in the European Union (EU). Its goals include giving citizens and residents greater control over their personal data and creating a single region-wide regulatory framework. Figure 1 (next page) shows our proven methodology for addressing all of these impacts in a single program. The changes required by GDPR can be catego- rised into the following main areas: • Appoint a data protection office (DPO) and set up a robust governance process. A DPO must be appointed to advise the data controller/processor and employees, moni- tor regulatory impacts and compliance, and act as the contact point for the supervisory authority. • Transparently demonstrate consent and honor erasure. Firms must have a single view of the customer, review existing personal data consent agreements, obtain explicit consent for data collection, and provide for sharing, rectification or erasure of data on request. Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 4 Quick Take A Six-Step Approach to Linking Regulatory and Digital Convergence 1. Conduct a business impact assessment of forthcoming regulatory changes. 2. Clarify the changes required to deliver the firm’s digital vision. 3. Merge the set of requirements to deliver both goals in line with customer-centricity. 4. Conduct a gap analysis of the ‘as-is’ IT estate against the target to-be state, for greater clarity and simpler data governance. 5. Plan a roadmap for the digital transformation program. 6. Launch an implementation program for completion within the regulatory deadlines.
The post-GDPR environment will also bring a number of important benefits – for example, greater clarity and simplicity to data governance, a single lead authority and a one-stop shop for reporting. And the unified customer view required by GDPR will help to improve customer-centricity. Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 5 • Introduce new categories of personal data. The regulation introduces new categories of personal data such as IP address and social and mental state. It is imperative that organi- sations understand their own use of personal data maps. • Enable data subjects to exercise rights. Under EU rules, data subjects have the right to file a subject access request (SAR) and obtain from the data controller a copy of their personal data, together with an explanation of the categories of data processed. Therefore, controllers must ensure third-party proces- sors are subject to adequate contractual agreements, and must approve any changes in protocol made by processors. • Lay out a process for incident/breach handling. Breaches must be reported within 72 hours, and the regulator requires bian- nual compliance effectiveness audits and comprehensive record-keeping. Compliance management must be active rather than pas- sive. The post-GDPR environment will also bring a number of important benefits – for example, greater clarity and simplicity to data governance, Cognizant’s GDPR Methodology Assessments/ Deep Dives Journey Mapping Data Analysis Delivery Mobilisation, Execution Oversight Organisational Design Covering People Processes Tools Accelerators Technology Enablement GDPR Assistance Services Data Architecture Data Management Security Legitimacy Rights Governance Oversight We are currently working with clients across various stages of GDPR implementation. We are on our own compliance journey, applying the changes required for GDPR through a digital lens. People Governance Oversight Process Consent Rights Data Data Management Security Technology Data Architecture GDPR Readiness Framework DataQualityAssurance Metadata Management Incident Management Policies Standards Consent Objection Erasure Portability Rectification Restriction Access Management, CommitmentandEducation Automated Decision-Making InformationStrategyApproach Processand Controls Master Data Management Content Management Integration Architecture Data Transfer Security Legal Risk Management Organisational Governance Performance Management Lifecycle Management Figure 1 Cognizant 20-20 Insights
The common thrust of all these regulations is to enable better, safer, more efficient and more open use of digital technologies and data. Cognizant 20-20 Insights Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 6 a single lead authority and a one-stop shop for reporting. And the unified customer view required by GDPR will help to improve customer- centricity. Yes, There Are Overlaps GDPR’s obligations and opportunities are influ- enced and overlapped by several other current or forthcoming regulatory initiatives. Foremost among these is PSD2, which is set to revamp Europe’s payments landscape by requiring banks to allow third parties to access their customers’ account information through appli- cation programming interfaces (APIs). Other incoming regulations include Open Bank- ing – which introduces open API standards for UK banking – and the New Payment Architec- ture (NPA) in the UK, which will use the Bank of England’s Real Time Gross Settlement (RTGS) service for net settlement of payments. Mean- while, the e-IDAS has been enacted and MiFID II – the EU’s revised Markets in Financial Instru- ments Directive – launched on 3rd January 2018. And the EU has also released a draft towards a new e-Privacy Directive. The common thrust of all these regulations is to enable better, safer, more efficient and more open use of digital technologies and data. It fol- lows that an approach based on just one aspect of the evolving regulatory environment is not enough. While important, GDPR is just one new regulation among many – and firms need to be cognizant of that. DIGITAL CONVERGENCE: COMPLETING THE JIGSAW Just as a number of regulatory initiatives are converging to create a new supervisory and compliance environment for FIs, several strands of technology innovation are converging to advance digital enablement. The good news is that by harnessing these complementary tech- nologies to drive digital transformation of their organisations, firms across the industry can simultaneously achieve better regulatory compli- ance and higher business value. The evolving technologies can be divided into two main groups – the first comprising robotic process automation (RPA) and narrow AI like chatbots,1 and the second consisting of advanced AI (e.g., machine learning). Alongside these, blockchain is emerging as a transformational technology, heralding a revolution in how companies and individuals interact and conduct transactions. (See the full array of blockchain white papers on our website.) • Use of RPA and AI is growing across the financial services, driven by a rising tide of innovation both by fintechs and also incumbent institutions. (By way of context, multipurpose industrial robot shipments in China – an automated manufacturing power- house – are projected to hit 150,000 this year, up fourfold from 2013.2 ) As in other indus- tries, banks and financial services firms are harnessing the exponential growth in data to power advanced AI-enabled automation, in order to augment human capabilities and create smarter, more productive and more effective processes at lower cost.
By positioning regulations and compliance as an input to digital convergence rather than an output of legacy processes, and harnessing the power of emerging technologies to optimise this convergence across the organisation, firms can turn regulation from a cost burden into a positive driver of business value. Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 7 While many of these innovations began with a primary focus on cost-efficiency, the benefits in terms of regulatory compliance are now also becoming increasingly evident. In the face of regulators’ growing demand for fast, compre- hensive and accurate reporting, robotics and AI enable financial services firms to respond without large investments or heavy manual processing. (For more, read our blog on the topic, “How Banks Can Use AI to Reduce the Regulatory Compliance Burdens.”) • Use of machine learning and chatbots is expanding to provide enhanced and more personalised customer experiences at scale. These technologies, also known as smart virtual personal assistants (SVPAs), learn pro- actively from every human interaction, and are increasingly able to respond appropriately to customers’ subtle – and even subconscious – emotional signals and nuances. Usage of RPA can potentially enable banks to achieve better quality and efficiency. More- over, a key driver will be the expansion of chatbots beyond their initial consumer appli- cations and into enterprise and employee collaboration, yielding corresponding gains in efficiency, effectiveness and compliance. • Meanwhile, blockchain, the smart, decen- tralised, trusted and highly-encrypted way of transacting and interacting, is poised to power the next disruptive wave of dig- ital business. FIs have grasped the scale of the impending change blockchain is poised to unleash. In our recent research study of 1,520 executives representing 578 financial services firms, 91% of respondents said they believe blockchain will be either critical or important to their firm’s future, while 48% said it will fundamentally transform the industry.3 Digital Convergence: Amplifying the Business Benefits … While these strands of digital innovation may have originated as distinct areas of technological evolution, their real power in banking and finan- cial services lies in combining and integrating them to transform what the industry does and how it does it. The fact that these technologies are also pivotal to meeting the challenges and opportunities of GDPR and other regulations means the business case for leveraging them to drive enterprise-wide digital transformation is not just compelling, but unanswerable. … While Reducing Time to Market… Figure 2 (next page) illustrates how we see these technologies coming together. By positioning regulations and compliance as an input to digi- Cognizant 20-20 Insights
Cognizant 20-20 Insights Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 8 tal convergence rather than an output of legacy processes, and harnessing the power of emerg- ing technologies to optimise this convergence across the organisation, firms can turn regula- tion from a cost burden into a positive driver of business value. Additional value is increased still further by the impact of digital convergence on speed to market for new products and services (e.g., by using tools that enable the business and technology estate to more effectively collab- orate), as well as on other key aspects ranging from customer experience and loyalty to inter- nal collaboration, productivity and employee engagement. … And Embedding Digital as a Way of Life In this way, firms can reap the maximum busi- ness benefits from GDPR while remaining fully customer-focused and -centric, and delivering a seamless end-user experience that will keep cus- tomers loyal and satisfied. But that’s not all. At a higher level, firms that achieve this will be able to fully embrace the new reality of “digital as a way of life” that increasingly pervades the global cus- tomer and business ecosystem, from individual consumers to the biggest multinationals. How Digital Convergence Enables Regulatory Compliance and Generates Business Value Business Benefits Robotics AI Machine Learning Chatbots Blockchain Strategies for Data Analytics Self-Learning Predictive Models Synergies Seamless Ledger Payment Processing Digital Convergence Regulations Compliance Figure 2
Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 9 A ROADMAP FOR THE FUTURE Our distinctive point of view on the linkage between digital and regulatory convergence has resulted in a unique framework – one that can help FIs shape more effective regulatory strategies while delivering digital at scale. It is based around the three key dimensions of time to market, compliance and business value (see Figure 3). The Six-Step Approach We believe FIs should unify and address the CxO agendas for delivering digital at scale in conjunc- tion with regulatory and compliance agendas by institutionalising the six steps outlined on page 4. This is a great mechanism to drive a step change in value across their ecosystems. 1. Undertake a business impact assessment across the whole range of current and forth- coming regulatory changes, by aligning with the organisation’s mission and vision. 2. Overlay this assessment with the changes required by the firm’s digital transformation, with a view to enhance time to market while reducing costs. 3. Combine these sets of changes to estab- lish a single set of organisational and system requirements to deliver against both goals. 4. Assess the ‘as-is’ IT estate/organisation against the target ‘to-be’ state, and conduct a gap analysis for what’s needed both to comply with regulations and boost organisational perfor- mance. 5. Use the outputs from the gap analysis to plan out a roadmap for the digital convergence. 6. Launch an implementation program timed for completion within the deadlines set by the regulations. Value Maximisation: An Illustration BusinessValue Time to Market With digital convergence: a journey redefined Without digital convergence: a typical journey Gain in business efficiency effectiveness, lower time to market and enhanced customer experience Regulatory and Compliance Initiatives Figure 3 Cognizant 20-20 Insights
Cognizant 20-20 Insights Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 10 FOOTNOTES 1 “The Expanding Role of Chatbots in Enterprise Collaboration,” Cognizant, July 2017, https://www.cognizant.com/whitepa- pers/the-expanding-role-of-chatbots-in-enterprise-collaboration-codex2575.pdf. 2 https://www.strategyand.pwc.com/trends/2016-manufacturing-trends 3 L. Varghese, F. McCraw, “Financial Services: Building Blockchain One Block at a Time,” https://www.cognizant.com/whitepa- pers/financial-services-building-blockchain-one-block-at-a-time-codex2742.pdf. Kapil Lodha Consulting Director, Cognizant UKI Kapil Lodha is a Consulting Director with Cognizant UKI. He has over 16 years of experience in banking and financial services, with specialisation across digital, payments, regulations and compliance. Kapil has worked on numerous large-scale transfor- mational programs with tier-one banks and financial institutions in UK/Europe. He holds M.B.A. and B.Tech. degrees and a certifi- cation from Carnegie Mellon University. Kapil can be reached at Kapil.Lodha@cognizant.com | Linkedin: www.linkedin.com/in/ kapil-lodha-628a31a1/. ABOUT THE AUTHOR
Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 11 Cognizant 20-20 Insights
World Headquarters 500 Frank W. Burr Blvd. Teaneck, NJ 07666 USA Phone: +1 201 801 0233 Fax: +1 201 801 0243 Toll Free: +1 888 937 3277 European Headquarters 1 Kingdom Street Paddington Central London W2 6BD England Phone: +44 (0) 20 7297 7600 Fax: +44 (0) 20 7121 0102 India Operations Headquarters #5/535 Old Mahabalipuram Road Okkiyam Pettai, Thoraipakkam Chennai, 600 096 India Phone: +91 (0) 44 4209 6000 Fax: +91 (0) 44 4209 6060 © Copyright 2018, Cognizant. All rights reserved. No part of this document may be reproduced, stored in a retrieval system, transmitted in any form or by any means,electronic, mechan- ical, photocopying, recording, or otherwise, without the express written permission from Cognizant. The information contained herein is subject to change without notice. All other trademarks mentioned herein are the property of their respective owners. Codex 3180 ABOUT COGNIZANT Cognizant (NASDAQ-100: CTSH) is one of the world’s leading professional services companies, transforming clients’ business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innova- tive and efficient businesses. Headquartered in the U.S., Cognizant is ranked 205 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @Cognizant.

More Related Content

PDF
Driving change
byReem Allos, MS JD
 
PDF
Security, GDRP, and IT outsourcing: How to get it right
byN-iX
 
PDF
Explain your algorithmic decisions for gdpr
byPierre Feillet
 
PDF
Data Beyond Borders 2.0
byFairTechInstitute
 
PDF
GDPR- Get the facts and prepare your business
byMark Baker
 
PDF
Is Ukraine safe for software development outsourcing?
byN-iX
 
PDF
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
bySymantec
 
PPTX
*Webinar* CCPA: Get Your Business Ready
byMoEngage Inc.
 
Driving change
byReem Allos, MS JD
 
Security, GDRP, and IT outsourcing: How to get it right
byN-iX
 
Explain your algorithmic decisions for gdpr
byPierre Feillet
 
Data Beyond Borders 2.0
byFairTechInstitute
 
GDPR- Get the facts and prepare your business
byMark Baker
 
Is Ukraine safe for software development outsourcing?
byN-iX
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
bySymantec
 
*Webinar* CCPA: Get Your Business Ready
byMoEngage Inc.
 

What's hot

PDF
Information governance a_necessity_in_to
byAnne ndolo
 
PPTX
NetSquared London - GDPR for charities
byTech Trust
 
PDF
BigId GDPRcompliance
byFatime Traoré
 
PDF
Achieving Digitalization in a Document Intensive Energy Market
byCTRM Center
 
PDF
Regulators on the Move – Recent Treasury and Comptroller Actions: How They Af...
byWinston & Strawn LLP
 
PDF
Information Security and Data Privacy Practices
byGigya
 
PDF
Managing Consumer Data Privacy
byGigya
 
PDF
General Data Protection Regulation & Customer IAM
byUbisecure
 
PPTX
California Consumer Privacy Act: What your brand needs to know
byOgilvy Health
 
PDF
How GDPR Guidelines Regulate Marketing Automation and Customer Engagement
byRay Business Technologies
 
PDF
UXPSystems_whitepaper_Privacy_Nov182016
byAndrey Plotnikov
 
PDF
Presentation by Laila Medina, Ministry of Justice, Latvia
byOECD Governance
 
PDF
Trends in legal tech 2018
bySecure Privacy
 
PDF
A Pratical Guide to GDPR - F.Coin
byFranco Coin
 
PDF
GDPR, what you need to know and how to prepare for it e book
byPlr-Printables
 
PDF
Gdpr in a nutshell
byMatthew Butler
 
Information governance a_necessity_in_to
byAnne ndolo
 
NetSquared London - GDPR for charities
byTech Trust
 
BigId GDPRcompliance
byFatime Traoré
 
Achieving Digitalization in a Document Intensive Energy Market
byCTRM Center
 
Regulators on the Move – Recent Treasury and Comptroller Actions: How They Af...
byWinston & Strawn LLP
 
Information Security and Data Privacy Practices
byGigya
 
Managing Consumer Data Privacy
byGigya
 
General Data Protection Regulation & Customer IAM
byUbisecure
 
California Consumer Privacy Act: What your brand needs to know
byOgilvy Health
 
How GDPR Guidelines Regulate Marketing Automation and Customer Engagement
byRay Business Technologies
 
UXPSystems_whitepaper_Privacy_Nov182016
byAndrey Plotnikov
 
Presentation by Laila Medina, Ministry of Justice, Latvia
byOECD Governance
 
Trends in legal tech 2018
bySecure Privacy
 
A Pratical Guide to GDPR - F.Coin
byFranco Coin
 
GDPR, what you need to know and how to prepare for it e book
byPlr-Printables
 
Gdpr in a nutshell
byMatthew Butler
 

Similar to Embracing Digital Convergence amid Regulatory-Driven Overhauls

PPTX
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
byCIO Edge
 
PDF
7 Key GDPR Requirements & the Role of Data Governance
byDATUM LLC
 
PDF
Enterprise Data World 2018
byjadams6
 
PPTX
General Data Protection Regulation (GDPR) Implications for Canadian Firms
byaccenture
 
PDF
Whos role is it anyway
byIRIS
 
PDF
GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...
byAlan McSweeney
 
PPTX
Data Governance in the age of Social Media
byExperian
 
PPTX
WSDFSDFDFSDFSDFSDFDSFSDGGGGSGASGDDGGDGDSGSG
bydetoate2
 
PPTX
GDPR How to get started?
byPeter Witsenburg
 
PDF
Big Data LDN 2017: Applied AI for GDPR
byMatt Stubbs
 
PDF
GDPR (En) JM Tyszka
byJean-Michel Tyszka
 
PPTX
DevOps vs GDPR: How to Comply and Stay Agile
byBen Saunders
 
PDF
Beyond GDPR Compliance - Role of Internal Audit
byOmo Osagiede
 
PDF
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
byGary Dodson
 
PDF
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
byITCamp
 
PPTX
Using GDPR to Transform Customer Experience
byMongoDB
 
PPTX
Operational impact of gdpr finance industries in the caribbean
byEquiGov Institute
 
PDF
Teleran Data Protection - Addressing 5 Critical GDPR Requirements
byChris Doolittle
 
PPTX
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
byCodemotion
 
PDF
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
byDATUM LLC
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
byCIO Edge
 
7 Key GDPR Requirements & the Role of Data Governance
byDATUM LLC
 
Enterprise Data World 2018
byjadams6
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
byaccenture
 
Whos role is it anyway
byIRIS
 
GDPR - Context, Principles, Implementation, Operation, Impact on Outsourcing,...
byAlan McSweeney
 
Data Governance in the age of Social Media
byExperian
 
WSDFSDFDFSDFSDFSDFDSFSDGGGGSGASGDDGGDGDSGSG
bydetoate2
 
GDPR How to get started?
byPeter Witsenburg
 
Big Data LDN 2017: Applied AI for GDPR
byMatt Stubbs
 
GDPR (En) JM Tyszka
byJean-Michel Tyszka
 
DevOps vs GDPR: How to Comply and Stay Agile
byBen Saunders
 
Beyond GDPR Compliance - Role of Internal Audit
byOmo Osagiede
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
byGary Dodson
 
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
byITCamp
 
Using GDPR to Transform Customer Experience
byMongoDB
 
Operational impact of gdpr finance industries in the caribbean
byEquiGov Institute
 
Teleran Data Protection - Addressing 5 Critical GDPR Requirements
byChris Doolittle
 
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
byCodemotion
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
byDATUM LLC
 

More from Cognizant

PDF
Using Adaptive Scrum to Tame Process Reverse Engineering in Data Analytics Pr...
byCognizant
 
PDF
Data Modernization: Breaking the AI Vicious Cycle for Superior Decision-making
byCognizant
 
PDF
It Takes an Ecosystem: How Technology Companies Deliver Exceptional Experiences
byCognizant
 
PDF
Intuition Engineered
byCognizant
 
PDF
The Work Ahead: Transportation and Logistics Delivering on the Digital-Physic...
byCognizant
 
PDF
Enhancing Desirability: Five Considerations for Winning Digital Initiatives
byCognizant
 
PDF
The Work Ahead in Manufacturing: Fulfilling the Agility Mandate
byCognizant
 
PDF
The Work Ahead in Higher Education: Repaving the Road for the Employees of To...
byCognizant
 
PDF
Engineering the Next-Gen Digital Claims Organisation for Australian General I...
byCognizant
 
PDF
Profitability in the Direct-to-Consumer Marketplace: A Playbook for Media and...
byCognizant
 
PDF
Green Rush: The Economic Imperative for Sustainability
byCognizant
 
PDF
Policy Administration Modernization: Four Paths for Insurers
byCognizant
 
PDF
The Work Ahead in Utilities: Powering a Sustainable Future with Digital
byCognizant
 
PDF
AI in Media & Entertainment: Starting the Journey to Value
byCognizant
 
PDF
Operations Workforce Management: A Data-Informed, Digital-First Approach
byCognizant
 
PDF
Five Priorities for Quality Engineering When Taking Banking to the Cloud
byCognizant
 
PDF
Getting Ahead With AI: How APAC Companies Replicate Success by Remaining Focused
byCognizant
 
PDF
Crafting the Utility of the Future
byCognizant
 
PDF
Utilities Can Ramp Up CX with a Customer Data Platform
byCognizant
 
PDF
The Work Ahead in Intelligent Automation: Coping with Complexity in a Post-Pa...
byCognizant
 
Using Adaptive Scrum to Tame Process Reverse Engineering in Data Analytics Pr...
byCognizant
 
Data Modernization: Breaking the AI Vicious Cycle for Superior Decision-making
byCognizant
 
It Takes an Ecosystem: How Technology Companies Deliver Exceptional Experiences
byCognizant
 
Intuition Engineered
byCognizant
 
The Work Ahead: Transportation and Logistics Delivering on the Digital-Physic...
byCognizant
 
Enhancing Desirability: Five Considerations for Winning Digital Initiatives
byCognizant
 
The Work Ahead in Manufacturing: Fulfilling the Agility Mandate
byCognizant
 
The Work Ahead in Higher Education: Repaving the Road for the Employees of To...
byCognizant
 
Engineering the Next-Gen Digital Claims Organisation for Australian General I...
byCognizant
 
Profitability in the Direct-to-Consumer Marketplace: A Playbook for Media and...
byCognizant
 
Green Rush: The Economic Imperative for Sustainability
byCognizant
 
Policy Administration Modernization: Four Paths for Insurers
byCognizant
 
The Work Ahead in Utilities: Powering a Sustainable Future with Digital
byCognizant
 
AI in Media & Entertainment: Starting the Journey to Value
byCognizant
 
Operations Workforce Management: A Data-Informed, Digital-First Approach
byCognizant
 
Five Priorities for Quality Engineering When Taking Banking to the Cloud
byCognizant
 
Getting Ahead With AI: How APAC Companies Replicate Success by Remaining Focused
byCognizant
 
Crafting the Utility of the Future
byCognizant
 
Utilities Can Ramp Up CX with a Customer Data Platform
byCognizant
 
The Work Ahead in Intelligent Automation: Coping with Complexity in a Post-Pa...
byCognizant
 

Embracing Digital Convergence amid Regulatory-Driven Overhauls

  • 1.
    Embracing Digital Convergence amid Regulatory-Driven Overhauls Withthe deadline for the EU’s General Data Protection Regulation (GDPR) fast approaching, and other incoming regulations on the horizon, banks and other financial services institutions should use their regulatory and digital programs to drive a step- change in value across their ecosystems. Cognizant 20-20 Insights | February 2018 COGNIZANT 20-20 INSIGHTS
  • 2.
    Cognizant 20-20 Insights Embracingthe Digital Convergence Opportunity Amid Regulatory Overhauls | 2
  • 3.
    Embracing the DigitalConvergence Opportunity Amid Regulatory Overhauls | 3 EXECUTIVE SUMMARY By any measure, the EU’s General Data Protec- tion Regulation (GDPR) is a ground-breaking piece of legislation with profound implications for companies worldwide. It applies globally, affecting any organisation that interacts with the data of an EU resident. These pervasive implications mean GDPR impacts internal and external stakeholders and requires actions across people, process and platform (both data and technology). But is targeting GDPR compliance enough on its own? We believe the answer is no. Put simply, GDPR demands not just regulatory compliance, but strategic organisational change. Therefore, financial institutions (FIs) should approach GDPR not as a stand-alone compliance issue, but as a change that creates major opportuni- ties to generate higher value through the smart use of digital technologies and thinking. In 2018 alone, the second Payments Services Directive (PSD2), Markets in Financial Instru- ments Directive 2 (MiFID II), upcoming European Commission’s proposed e-privacy law and revi- sions to UK’s Open Banking agenda are all set to revolutionise the industry’s journey to enactment. Approaching any of these regulations in iso- lation risks missing out on their areas of commonality. The main theme that links and aligns them is the need to apply a range of digital technologies in smart and integrated ways. So what we’re seeing is two forms of convergence: regulatory convergence, as new regulations coalesce in terms of impact and imperatives; and digital convergence, as banks and financial services organisations combine new technologies – artificial intelligence (AI), machine learning (ML), blockchain, robotic process automation (RPA) and more – both to protect customers more effectively, and also to transform their own organisations to be leaner, more effective and more efficient. (To learn more about digital strategy at banks, read our white paper, “How Digital 2.0 Is Driving Bank- ing’s Next Wave of Change.”) The message, therefore, is clear: The optimal way to approach these imminent rules is as an interlinked array of new regulations, and then respond through digital convergence that creates higher business and regulatory value. Organisations that approach digital, regulatory and technological convergence appropriately (see our six-step approach in the sidebar, next page) will simultaneously build compliance and customer trust, and thrive in the modern digital age. It is a one-time golden opportunity to accel- erate and escalate the creation of business value through digital. This white paper further enumerates how this can be realised and max- imised. Cognizant 20-20 Insights
  • 4.
    Cognizant 20-20 Insights GDPR’SKEY MILESTONES & IMPACTS ON BANKING AND FINANCIAL SERVICES The first step for responding properly to GDPR is to understand the regulation itself, the scale and nature of its impacts and its interrelationship with other regulatory changes. Equipped with these insights, FIs can ensure not only that they are GDPR-compliant, but that their operating model is future-proofed for an increasingly open and digitally-enabled market ecosystem. GDPR aims to unify and strengthen data pro- tection and privacy for all individuals in the European Union (EU). Its goals include giving citizens and residents greater control over their personal data and creating a single region-wide regulatory framework. Figure 1 (next page) shows our proven methodology for addressing all of these impacts in a single program. The changes required by GDPR can be catego- rised into the following main areas: • Appoint a data protection office (DPO) and set up a robust governance process. A DPO must be appointed to advise the data controller/processor and employees, moni- tor regulatory impacts and compliance, and act as the contact point for the supervisory authority. • Transparently demonstrate consent and honor erasure. Firms must have a single view of the customer, review existing personal data consent agreements, obtain explicit consent for data collection, and provide for sharing, rectification or erasure of data on request. Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 4 Quick Take A Six-Step Approach to Linking Regulatory and Digital Convergence 1. Conduct a business impact assessment of forthcoming regulatory changes. 2. Clarify the changes required to deliver the firm’s digital vision. 3. Merge the set of requirements to deliver both goals in line with customer-centricity. 4. Conduct a gap analysis of the ‘as-is’ IT estate against the target to-be state, for greater clarity and simpler data governance. 5. Plan a roadmap for the digital transformation program. 6. Launch an implementation program for completion within the regulatory deadlines.
  • 5.
    The post-GDPR environmentwill also bring a number of important benefits – for example, greater clarity and simplicity to data governance, a single lead authority and a one-stop shop for reporting. And the unified customer view required by GDPR will help to improve customer-centricity. Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 5 • Introduce new categories of personal data. The regulation introduces new categories of personal data such as IP address and social and mental state. It is imperative that organi- sations understand their own use of personal data maps. • Enable data subjects to exercise rights. Under EU rules, data subjects have the right to file a subject access request (SAR) and obtain from the data controller a copy of their personal data, together with an explanation of the categories of data processed. Therefore, controllers must ensure third-party proces- sors are subject to adequate contractual agreements, and must approve any changes in protocol made by processors. • Lay out a process for incident/breach handling. Breaches must be reported within 72 hours, and the regulator requires bian- nual compliance effectiveness audits and comprehensive record-keeping. Compliance management must be active rather than pas- sive. The post-GDPR environment will also bring a number of important benefits – for example, greater clarity and simplicity to data governance, Cognizant’s GDPR Methodology Assessments/ Deep Dives Journey Mapping Data Analysis Delivery Mobilisation, Execution Oversight Organisational Design Covering People Processes Tools Accelerators Technology Enablement GDPR Assistance Services Data Architecture Data Management Security Legitimacy Rights Governance Oversight We are currently working with clients across various stages of GDPR implementation. We are on our own compliance journey, applying the changes required for GDPR through a digital lens. People Governance Oversight Process Consent Rights Data Data Management Security Technology Data Architecture GDPR Readiness Framework DataQualityAssurance Metadata Management Incident Management Policies Standards Consent Objection Erasure Portability Rectification Restriction Access Management, CommitmentandEducation Automated Decision-Making InformationStrategyApproach Processand Controls Master Data Management Content Management Integration Architecture Data Transfer Security Legal Risk Management Organisational Governance Performance Management Lifecycle Management Figure 1 Cognizant 20-20 Insights
  • 6.
    The common thrustof all these regulations is to enable better, safer, more efficient and more open use of digital technologies and data. Cognizant 20-20 Insights Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 6 a single lead authority and a one-stop shop for reporting. And the unified customer view required by GDPR will help to improve customer- centricity. Yes, There Are Overlaps GDPR’s obligations and opportunities are influ- enced and overlapped by several other current or forthcoming regulatory initiatives. Foremost among these is PSD2, which is set to revamp Europe’s payments landscape by requiring banks to allow third parties to access their customers’ account information through appli- cation programming interfaces (APIs). Other incoming regulations include Open Bank- ing – which introduces open API standards for UK banking – and the New Payment Architec- ture (NPA) in the UK, which will use the Bank of England’s Real Time Gross Settlement (RTGS) service for net settlement of payments. Mean- while, the e-IDAS has been enacted and MiFID II – the EU’s revised Markets in Financial Instru- ments Directive – launched on 3rd January 2018. And the EU has also released a draft towards a new e-Privacy Directive. The common thrust of all these regulations is to enable better, safer, more efficient and more open use of digital technologies and data. It fol- lows that an approach based on just one aspect of the evolving regulatory environment is not enough. While important, GDPR is just one new regulation among many – and firms need to be cognizant of that. DIGITAL CONVERGENCE: COMPLETING THE JIGSAW Just as a number of regulatory initiatives are converging to create a new supervisory and compliance environment for FIs, several strands of technology innovation are converging to advance digital enablement. The good news is that by harnessing these complementary tech- nologies to drive digital transformation of their organisations, firms across the industry can simultaneously achieve better regulatory compli- ance and higher business value. The evolving technologies can be divided into two main groups – the first comprising robotic process automation (RPA) and narrow AI like chatbots,1 and the second consisting of advanced AI (e.g., machine learning). Alongside these, blockchain is emerging as a transformational technology, heralding a revolution in how companies and individuals interact and conduct transactions. (See the full array of blockchain white papers on our website.) • Use of RPA and AI is growing across the financial services, driven by a rising tide of innovation both by fintechs and also incumbent institutions. (By way of context, multipurpose industrial robot shipments in China – an automated manufacturing power- house – are projected to hit 150,000 this year, up fourfold from 2013.2 ) As in other indus- tries, banks and financial services firms are harnessing the exponential growth in data to power advanced AI-enabled automation, in order to augment human capabilities and create smarter, more productive and more effective processes at lower cost.
  • 7.
    By positioning regulationsand compliance as an input to digital convergence rather than an output of legacy processes, and harnessing the power of emerging technologies to optimise this convergence across the organisation, firms can turn regulation from a cost burden into a positive driver of business value. Embracing the Digital Convergence Opportunity Amid Regulatory Overhauls | 7 While many of these innovations began with a primary focus on cost-efficiency, the benefits in terms of regulatory compliance are now also becoming increasingly evident. In the face of regulators’ growing demand for fast, compre- hensive and accurate reporting, robotics and AI enable financial services firms to respond without large investments or heavy manual processing. (For more, read our blog on the topic, “How Banks Can Use AI to Reduce the Regulatory Compliance Burdens.”) • Use of machine learning and chatbots is expanding to provide enhanced and more personalised customer experiences at scale. These technologies, also known as smart virtual personal assistants (SVPAs), learn pro- actively from every human interaction, and are increasingly able to respond appropriately to customers’ subtle – and even subconscious – emotional signals and nuances. Usage of RPA can potentially enable banks to achieve better quality and efficiency. More- over, a key driver will be the expansion of chatbots beyond their initial consumer appli- cations and into enterprise and employee collaboration, yielding corresponding gains in efficiency, effectiveness and compliance. • Meanwhile, blockchain, the smart, decen- tralised, trusted and highly-encrypted way of transacting and interacting, is poised to power the next disruptive wave of dig- ital business. FIs have grasped the scale of the impending change blockchain is poised to unleash. In our recent research study of 1,520 executives representing 578 financial services firms, 91% of respondents said they believe blockchain will be either critical or important to their firm’s future, while 48% said it will fundamentally transform the industry.3 Digital Convergence: Amplifying the Business Benefits … While these strands of digital innovation may have originated as distinct areas of technological evolution, their real power in banking and finan- cial services lies in combining and integrating them to transform what the industry does and how it does it. The fact that these technologies are also pivotal to meeting the challenges and opportunities of GDPR and other regulations means the business case for leveraging them to drive enterprise-wide digital transformation is not just compelling, but unanswerable. … While Reducing Time to Market… Figure 2 (next page) illustrates how we see these technologies coming together. By positioning regulations and compliance as an input to digi- Cognizant 20-20 Insights
  • 8.
    Cognizant 20-20 Insights Embracingthe Digital Convergence Opportunity Amid Regulatory Overhauls | 8 tal convergence rather than an output of legacy processes, and harnessing the power of emerg- ing technologies to optimise this convergence across the organisation, firms can turn regula- tion from a cost burden into a positive driver of business value. Additional value is increased still further by the impact of digital convergence on speed to market for new products and services (e.g., by using tools that enable the business and technology estate to more effectively collab- orate), as well as on other key aspects ranging from customer experience and loyalty to inter- nal collaboration, productivity and employee engagement. … And Embedding Digital as a Way of Life In this way, firms can reap the maximum busi- ness benefits from GDPR while remaining fully customer-focused and -centric, and delivering a seamless end-user experience that will keep cus- tomers loyal and satisfied. But that’s not all. At a higher level, firms that achieve this will be able to fully embrace the new reality of “digital as a way of life” that increasingly pervades the global cus- tomer and business ecosystem, from individual consumers to the biggest multinationals. How Digital Convergence Enables Regulatory Compliance and Generates Business Value Business Benefits Robotics AI Machine Learning Chatbots Blockchain Strategies for Data Analytics Self-Learning Predictive Models Synergies Seamless Ledger Payment Processing Digital Convergence Regulations Compliance Figure 2
  • 9.
    Embracing the DigitalConvergence Opportunity Amid Regulatory Overhauls | 9 A ROADMAP FOR THE FUTURE Our distinctive point of view on the linkage between digital and regulatory convergence has resulted in a unique framework – one that can help FIs shape more effective regulatory strategies while delivering digital at scale. It is based around the three key dimensions of time to market, compliance and business value (see Figure 3). The Six-Step Approach We believe FIs should unify and address the CxO agendas for delivering digital at scale in conjunc- tion with regulatory and compliance agendas by institutionalising the six steps outlined on page 4. This is a great mechanism to drive a step change in value across their ecosystems. 1. Undertake a business impact assessment across the whole range of current and forth- coming regulatory changes, by aligning with the organisation’s mission and vision. 2. Overlay this assessment with the changes required by the firm’s digital transformation, with a view to enhance time to market while reducing costs. 3. Combine these sets of changes to estab- lish a single set of organisational and system requirements to deliver against both goals. 4. Assess the ‘as-is’ IT estate/organisation against the target ‘to-be’ state, and conduct a gap analysis for what’s needed both to comply with regulations and boost organisational perfor- mance. 5. Use the outputs from the gap analysis to plan out a roadmap for the digital convergence. 6. Launch an implementation program timed for completion within the deadlines set by the regulations. Value Maximisation: An Illustration BusinessValue Time to Market With digital convergence: a journey redefined Without digital convergence: a typical journey Gain in business efficiency effectiveness, lower time to market and enhanced customer experience Regulatory and Compliance Initiatives Figure 3 Cognizant 20-20 Insights
  • 10.
    Cognizant 20-20 Insights Embracingthe Digital Convergence Opportunity Amid Regulatory Overhauls | 10 FOOTNOTES 1 “The Expanding Role of Chatbots in Enterprise Collaboration,” Cognizant, July 2017, https://www.cognizant.com/whitepa- pers/the-expanding-role-of-chatbots-in-enterprise-collaboration-codex2575.pdf. 2 https://www.strategyand.pwc.com/trends/2016-manufacturing-trends 3 L. Varghese, F. McCraw, “Financial Services: Building Blockchain One Block at a Time,” https://www.cognizant.com/whitepa- pers/financial-services-building-blockchain-one-block-at-a-time-codex2742.pdf. Kapil Lodha Consulting Director, Cognizant UKI Kapil Lodha is a Consulting Director with Cognizant UKI. He has over 16 years of experience in banking and financial services, with specialisation across digital, payments, regulations and compliance. Kapil has worked on numerous large-scale transfor- mational programs with tier-one banks and financial institutions in UK/Europe. He holds M.B.A. and B.Tech. degrees and a certifi- cation from Carnegie Mellon University. Kapil can be reached at Kapil.Lodha@cognizant.com | Linkedin: www.linkedin.com/in/ kapil-lodha-628a31a1/. ABOUT THE AUTHOR
  • 11.
    Embracing the DigitalConvergence Opportunity Amid Regulatory Overhauls | 11 Cognizant 20-20 Insights
  • 12.
    World Headquarters 500 FrankW. Burr Blvd. Teaneck, NJ 07666 USA Phone: +1 201 801 0233 Fax: +1 201 801 0243 Toll Free: +1 888 937 3277 European Headquarters 1 Kingdom Street Paddington Central London W2 6BD England Phone: +44 (0) 20 7297 7600 Fax: +44 (0) 20 7121 0102 India Operations Headquarters #5/535 Old Mahabalipuram Road Okkiyam Pettai, Thoraipakkam Chennai, 600 096 India Phone: +91 (0) 44 4209 6000 Fax: +91 (0) 44 4209 6060 © Copyright 2018, Cognizant. All rights reserved. No part of this document may be reproduced, stored in a retrieval system, transmitted in any form or by any means,electronic, mechan- ical, photocopying, recording, or otherwise, without the express written permission from Cognizant. The information contained herein is subject to change without notice. All other trademarks mentioned herein are the property of their respective owners. Codex 3180 ABOUT COGNIZANT Cognizant (NASDAQ-100: CTSH) is one of the world’s leading professional services companies, transforming clients’ business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innova- tive and efficient businesses. Headquartered in the U.S., Cognizant is ranked 205 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @Cognizant.