Development and evaluation of cognitive risk and regulatory compliance management strategies for financial institutions.

Abstract

This dissertation investigates how the risk and regulatory compliance management activities and business processes of financial institutions can be improved by utilizing cognitive computing technologies. At first, a systemic literature review, expert interviews as well as a survey were carried out with the aim to identify the main fields of action for the enhancement of the risk and compliance management procedures. The systemic review of 2,279 journal articles that deal with cognitive computing technologies in the banking and finance sector showed that risk and compliance management are main topics of interest. In further detail, the evaluation of six interviews and 62 survey forms displayed that the increasing number and complexity of legal requirements is regarded as a burden for the participating executive risk and compliance managers. Consequently, a majority of the participating experts were of the opinion that banks and other financial institutions are required to deal with the implementation of new technological solutions that feature artificial intelligence capabilities in order to deal with this increasing burden more efficiently in the future. These insights were taken as a foundation for the development of two implementation strategies. The first strategy aimed to show that a cognitive computing featured application can facilitate the management of new or extended regulations that are published by banking supervision authorities. The artificial intelligence and machine learning capabilities of the software analyse the content of financial regulations and create a probability-weighted initial list of obligations that result from a legal framework. In addition, based on the information that are stored in the system, the application identifies departments, business lines and controls that could be affected by an obligation. In a consecutive step, the compliance manager analyses the initial technical results and makes adjustments. This use case showed that the processing of legal requirements can be facilitated by the usage of cognitive computing technologies. The expert receives an initial list of obligations that result from a regulation without having to read a legal text line by line first. Therefore, time and cost associated with the management of regulatory requirements can be significantly reduced. The second implementation strategy focused on the optimization of risk management business processes. For the strategy development, a selected process mining application was used to analyse a specific risk management process at a credit institution in Germany. The evaluation of this use case showed that the usage of a process mining application offers compliance managers the opportunity to discover potential non-compliant process executions in detail and in real time. As a result, the compliance manger can react immediately when conspicuous activities are detected. Moreover, inefficiencies and bottlenecks in the real-life execution of risk management business processes can be identified. These insights offer financial institutions the opportunity to enhance their risk management business processes and the associated workload of the individual process participants. To draw a conclusion, the last major step for financial institutions to improve their risk and compliance management activities and business processes was to digitalize them and the next major step is to implement intelligence by using cognitive computing technologies.