Spiralling compliance cost is compounding the pressure on Australia's financial services sector to set a risk management methodology under the New Basel Capital Accord (Basel II) by the end of this year.
Australian Basel II experts estimate it will cost banks, insurers, trust fund managers, some commercial real estate providers and other financial institutions between $90 million and $140 million each over the next two to three years to establish a satisfactory risk profile under Basel II.
Banks will need to be compliant by 2007, according to the Australian Prudential Regulatory Authority (APRA).
In the lead-up to Basel II's implementation, banks face significant time pressures involved in gap analysis, data management and international compliance reporting expected to ramp up through to 2005.
Operationally, the challenge for organisations lies in having to build out databases, reporting systems and integration technologies such as extraction, transformation and loading technologies to take advantage of proposed risk management standards, according to Meridien Research.
Released in January 2001, Basel II sets the minimum capital requirements for financial institutions to cover the risk in their systems and processes, refines their internal assessment process and will mandate disclosure processes to encourage safe banking practices.
Under Basel II the operational risk in banks' systems includes information and physical security, business continuity planning and HR security, Steve Katz, the former CIO and privacy officer of Merrill Lynch & Co, told Computerworld.
"Banks will need a set of metrics to look at the components of their operation and the risks they have to manage. Some portion of that risk will be offset by transferring it to insurance companies, which will want to ensure they accept the metrics as well," he said.
Navigating a cautious environment in 2003 due to an economic slowdown, greater competition within the industry and new regulations for mitigating risk like Basel II, IS and risk officers from the finance sector are pressured to lower operational costs, operate on lower margins and optimise their infrastructure, according to Gartner.
"Non-compliance [with Basel II] is not an option", said UK-based Unity Trust Bank's head of internal audit and compliance Neil Hartley.
Gartner analysts Ben Pring and Peter Redshaw suggest financial firms will need IT services, not just software, which delivers value in many different forms.
"Service improvements, for example, may be through delivering lower operating and transaction costs, by removing the risk associated with complex IT systems, by generating new revenue streams, or by adding the flexibility to cope with future demands and trends," the analysts said in a recent research note.
However, Gartner observes few financial services providers have the internal resources to deal with these demands. Thus much of the pressure will be passed on to IT service providers. Effectively, they will be required to deliver more services - functions, applications, processes and value - than ever before for less money.
IS and finance executives leading Basel II compliance within their organisation will need to ensure there is greater transparency when reporting on operational and credit risks to other organisations such APRA, to partners and competitors, and to the public for legal reasons and in order for regulators to maintain a competitive industry, said SAS Australia and New Zealand general manager, financial services, Malcolm Lister.