Robotics Process Automation (RPA) – A Transformation lever for Risk & Compliance Management
Robotics Process Automation or RPA is one of the digital levers that is quickly becoming a tool of choice for many banks to automate processes that are standardized, invariably and very manually intensive. In addition to the standard benefits of implementing RPA, it also helps banks achieve compliance and a higher level of control over end-user computing processes (EUC). The adoption of RPA technologies is gradually gaining momentum as investments are expected to reach nearly $ 1 billion by the end of 2019, with banking and financial services accounting for around 40%. In addition, it is expected that around 10 to 15% of this expenditure will be consumed by risk and compliance.
The risk and compliance function constantly strives to contain compliance costs, better control processes, maintain the operational flexibility required to achieve compliance and improve system efficiency. The efficiency problems arise mainly from the existence of legacy systems, the need to collect data from multiple business areas (LoBs), and error-prone manual processes. In such a scenario, RPA turns out to be a powerful solution that can help banks with this
- Improve efficiency without tinkering with existing legacy systems
- Provide the flexibility you need to scale to meet compliance needs
- Maintain better control over processes with the requisite auditability
- Automate manual intense efforts and reduce errors.
In the banking and financial services industry, especially in the area of risk and compliance, the introduction of RPA is still in the early stages. Currently, most investments are made in Running Proofs of Concept (POCs) to assess the value or return on investment that RPA implementations bring to the table. As with any technology, RPA adoption can take many forms (see Figure 1).
First, banks looked at RPA for short-term and tactical gains. However, as the RPA technology and concept matures, more and more ways to use RPA for strategic needs are being explored. Examples of this are judgment-based tasks and intelligent rule-based automation. Banks have also begun to integrate RPA with other digital investments in machine learning (ML), natural language processing (NLP), chabot, etc., and are gradually approaching the desired state of cognitive RPA.
RPA as a transformation lever
Initially, RPA solutions were considered tactical fixes. As the digital portfolio evolves, RPA slowly evolves into a transformation lever that combines with cognitive technologies like ML to carry out strategic tasks without affecting the existing IT landscape. This change in outlook can also be seen in the risk and compliance areas, where assumption gradually shifts from simple risk tasks to complex, judgment-based tasks that include review and decision-making. Also, corporate-level banks are investing in RPA rather than going for specific point solutions. These changes clearly show that RPA is becoming more strategic and banks are making RPA investments to improve efficiency and reduce compliance costs.
RPA introduction in risk and compliance
In the area of risk and compliance, the introduction of RPA is still at an early stage. Currently, most of the rollout is in areas such as KYC onboarding and risk and regulatory reporting, where activities are standardized and include data collection, data aggregation, email integration, and simple rule-based automation, to name a few.
As the concept matures, acceptance spreads to areas such as AML warning examinations, credit checks, risk reconciliation and the creation of high-volume, high-frequency risk reports such as daily LCR reporting. These processes typically include complex business rules, unstructured data processing, macros, etc.
The banking industry is currently envisioning a target state where RPA can be combined with cognitive technologies such as ML, NLP, etc. Many banks have started to focus on this and are in the process of identifying use cases that suit them well. In terms of risk and compliance, judgment-based use cases such as limit violation management, risk data quality management, etc. are usually good candidates for Cognitive RPA. While many banks are keen to take advantage of the cognitive RPA capabilities, they are also aware that the nature of the function makes it undesirable to fully automate judgment-based risk and compliance tasks. Although some banks use ML components for risk assessment and decision-making, the results of such cognitive RPA solutions aim to improve turnaround time for risk processes and provide suggestive recommendations to risk analysts. The ultimate decision-making authority remains with the bank’s risk function.
Banks, too, have begun to view the introduction of RPA as transformation initiatives rather than isolated solutions. When banks started experimenting with RPA solutions, their approach was initially operational with very little focus on reusability issues. As the RPA concept evolves, it gets a big boost as more and more banks introduce RPA at the corporate level. Banks are now forming dedicated RPA Centers of Excellence (CoEs) to manage corporate-level RPA programs. The core function of the CoE is
- Establishing standards for identifying and evaluating RPA use cases
- Develop and execute use cases across business areas (LoBs)
- Deploy and manage RPA installations
- Capture and manage reusability aspects that can be used in different RPA use cases for different LoBs
Focus on reusability
Reusability in RPA is another concept that is rapidly gaining momentum. Reusability means capturing and managing aspects of an RPA implementation and then using them in some way for subsequent RPA implementations, which ultimately reduces development effort. Many banks have started to think along these lines and are working to create a framework that will allow the reusability aspects of RPA implementations to be identified. Many third-party RPA tools also offer a library area in which the reusability aspects can be captured and used for subsequent implementations.
Challenges in implementing RPA
- Regulatory uncertainty about the use of RPA solutions. No formal or defined regulatory requirements for using RPA technology for automation have led banks to take a cautious approach to adoption.
- Unstable business processes – Many banks have manual processes that are not very well documented or stable, making it difficult to adopt RPA solutions.
- Most of the initial RPA adoption was in silos, and banks are still in the process of putting in place an enterprise-wide RPA adoption strategy and governance framework.
- RPA technologies change quickly as they continue to evolve
Along the road
As RPA technologies mature, they will present many complex risk and compliance issues for RPA adoption. The future of the RPA market looks bright as the most important aspects that make RPA preferable are that it does not interfere with existing IT investments and provides business users with quick and efficient solutions, which it does for both business and technology -Makes stakeholders attractive.
About the author
Ajay Katara is a Domain Consultant in the Risk Management Practice of the Banking and Financial Services (BFS) Business Unit at Tata Consultancy Services (TCS). He currently leads the BFS Risk Practice portfolio on regulations and robotics process automation. He has more than 13 years of extensive consulting & solution design experience in CCAR consulting, AML, Basel II implementation and credit risk and has worked with several financial firms in different regions. He made a significant contribution to the conception of strategic offers in the area of risk management and made a significant contribution to successfully promoting various consulting assignments. He has also written many editorials, the details of which can be found in his linked profile (https://www.linkedin.com/in/ajaykatara/).