If you work in risk or compliance, you work in a part of the banking sector which has been expanding in both size and importance for the past seven years and looks certain to keep growing for the foreseeable future. Banks across the world are piling more resources into their ‘middle office‘ risk and compliance teams to avoid facing massive fines from regulators and, more fundamentally, to reduce the chances of sparking another financial crisis.
Risk professionals at investment banks perform a variety of different functions – the three main categories are credit, market and operational risk – but ultimately they are all tasked with ensuring that the firm doesn’t exceed its risk appetite in its pursuit of profits. Their job is to identify potential risks in advance (before an investment decision is made, for example), analyse them, and then either accept them or take precautionary steps to reduce or mitigate them. Risk management teams are often referred to as the “second line of defence” in a bank’s overall risk strategy – sitting between management (the first line) and internal audit (the third).
Risk management employs a lot of people because banks are exposed to risk in every decision they make – all financial markets are inherently risky and uncertain. The degree of risk varies hugely between different financial products and services, however. While plain vanilla retail deposits or US Treasury bonds may raise few concerns, risk managers will be working overtime if their bank is preparing to underwrite a billion-dollar stock listing for a client which could impact its capital base.
Lehman Brothers collapse was largely caused by banks’ poor credit-risk management
The consequences of risk management failures can be dire – ranging from clients losing money and ending their relationship with the bank, to the bank itself suffering huge losses or even bankruptcy. The 2008 financial crisis that that led to the collapse of Lehman Brothers and triggered a global economic downturn was largely caused by banks’ poor credit-risk management.
While risk managers try to stop a bank’s employees indulging in behaviour that might have catastrophic consequences, compliance teams are there to ensure that banks are working in line with the regulations imposed in the countries in which they operate.
The financial crisis provided the impetus for governments and financial regulators to toughen up their approach to regulating the banking sector. In the US, for example, the Obama administration introduced the Dodd-Frank Act to rein in banks considered ‘too big to fail’. And regulators have also been imposing record fines on banks for compliance breaches. In 2014 BNP Paribas agreed to pay $8.9bn for violations of US sanctions linked to Iran and other countries.
As the compliance burden has become more onerous, banks have been forced to hire thousands of new compliance professionals. HSBC alone recruited more than 2,200 compliance staff in the first half of 2015 and the global supply of compliance professionals is struggling to keep up with demand.
A career in compliance typically requires building strong relationships with the local regulator(s) in your country, such as the Securities and Exchange Commission in the US. In the UK the financial-watchdog role is split between the Bank of England, the Financial Conduct Authority and the Prudential Regulation Authority. The Securities and Futures Commission regulates Hong Kong, while Singapore is under the watchful eye of the Monetary Authority of Singapore. As well as individual country regulators, European banks are also overseen by the European Securities and Markets Authority and the European Banking Authority.
Increasingly, however, local compliance teams need to have expertise in overseas regulations which have a global reach. The Foreign Account Tax Compliance Act (FATCA) is a 2010 US law, but its provisions affect US taxpayers abroad and banks from London to Hong Kong have been hiring people to work on FATCA compliance. Similarly, banks in all major financial centres need staff with experience of Basel III, a regulation that places more stringent demands on the amount of capital banks are required to hold.