Category Archives: Commercial Banking

SEC “Cybersecurity is one of the greatest risks facing the Financial Services Industry”


Mary Jo White, Chair of the U.S. Securities and Exchange Commission (SEC), delivered a Keynote Address Investment Company Institute 2016 General Meeting in Washington, DC on the 20th May

The Commission is the primary regulator of the mutual fund industry which is comprised of 8,131 mutual funds with approximately $15 trillion in assets held by 54 million U.S. households as of March 2016.

White advised that the current and future health of the markets and the financial security of investors depend on the success of both its regulatory efforts and how well the industry participants do their jobs as fiduciaries and responsible leaders of the marketplace.

She highlighted 3 significant areas of regulation for the asset management industry:

  • controls on conflicts of interest;
  • a robust registration, reporting and disclosure regime; and
  • controls on specific fund portfolio composition risks and operational risks

Looking to the future, White highlighted disclosure effectiveness and ETFs as key areas of focus for the SEC. She also highlighted a number of areas where the sector must take the lead.

White believes a key challenge for the industry is the risk in using technology and service providers. She stressed the importance of firms ensuring that a fund is adequately prepared to promptly and effectively respond to risks that may be triggered by service providers and its own use of technology, including implementing alternative and reliable means to satisfy the fund’s regulatory requirements.

Cybersecurity is a particularly critical element of this challenge – as I have said before, cybersecurity is one of the greatest risks facing the financial services industry.  Cyber risks can produce far-reaching impacts, and robust and responsible safeguards for funds and for their investors must be maintained”.

The Commission has been very active in drawing attention to the issue and examining and enforcing the rules it oversees in respect of cybersecurity. Its regulatory efforts are focused primarily on ensuring that our registered entities have policies and procedures to address the risks posed to systems and data by cyber-attacks.

While no one can prevent all disruptions from cybersecurity events, you should consider the full range of cybersecurity risks to your funds and consider appropriate tools and procedures to prevent breaches, detect attacks and limit harm”.

BRG recently undertook a Cybersecurity Preparedness Benchmark Study. The study examined six main areas:

  • Leadership
  • Information Governance
  • Risk Management
  • Essential Protection
  • Incident Response and
  • Security Culture

For financial services, BRG partnered with the Institute of Operational Risk.

The results of the Benchmark will be released shortly.

For further information, please contact:

USA:                      Faisal Amin

UK/EMEA            Tony Moroney

The views and opinions expressed in this article are those of the authors and do not necessarily reflect the opinions, position, or policy of Berkeley Research Group, LLC or its other employees and affiliates.

Banks not working hard enough for customers


The Competition and Markets Authority (CMA) has set out proposals to reform retail banking, improve competition and get a better deal for customers.

In its provisional decision on remedies, the CMA outlines a wide-ranging package of proposals to tackle the issues hindering competition in personal current accounts (PCA) and in banking services for small and medium-sized enterprises (SMEs); its proposals include new protections for overdraft users.

Alasdair Smith, Chair of the Retail Banking Investigation, said:

For too long, banks have been able to sit back and not work hard enough for their personal and small business customers. We believe the strong and innovative package of measures we are proposing will give customers the information and tools they really need to get a better deal out of the banks. They will also protect those who fall into overdraft from being stung with unexpected fees”.

The CMA believes it is hard for bank customers to work out if they are getting good value due to the complicated and opaque nature of charges, exacerbated by the perceived riskiness of changing banks:

  • 60% of personal customers have stayed with the same bank for over 10 years
  • 90% of SMEs get their business loans from the bank where they have their current account

The CMA considered whether the largest banks should be broken up but it came to the view that this would not address the fundamental competition problems. It also considered whether to get rid of ‘free if in credit’ (FIIC) current accounts but concluded that even though FIIC accounts are not really ‘free’, they do work well for some customers.

The CMA remains concerned however that competitive pressures are weak and that to transform the market, customers should be provided with the right information so that they can determine which bank offers them the best value. This includes the development of new online comparison tools and an improved current account switch service (CASS).

Its proposals include new measures targeted at overdrafts, with a particular focus on users of unarranged overdrafts; in 2014 this contributed £1.2 billion to bank revenues. Going forward, banks may need to set a monthly maximum charge and to alert customers they are going into unarranged overdraft in order to give them the opportunity to avoid the charges.

The CMA also wants to harness big technology to empower customers to compare and switch accounts e.g. the ability for bank customers to click on an app and get comparisons tailored to their individual circumstances and information on that bank offering the best deal. It estimates that personal and SME bank customers could benefit to the tune of £1bn over 5 years.

No doubt the Financial Conduct Authority (FCA) will be watching closely as many of the issues being tackled by the CMA also fall under the heading of Behavioural Economics i.e. some errors made by consumers are persistent and predictable.

The FCA believes that consumers do not always make choices in a rational and calculated way. In fact, most human decision-making uses thought processes that are intuitive and automatic rather than deliberative and controlled.

Academic literature identifies ‘behavioural biases’ as specific ways in which normal human-thought systematically departs from being fully rational.

For its part, the FCA is particularly interested in how:

  • consumers make predictable mistakes when choosing and using financial products
  • firms respond to these mistakes
  • behavioural biases can lead firms to compete in ways that are not in the interests of consumers

Firms play a crucial role in shaping consumer choices. Product design, marketing and/or sales processes can exacerbate the effects of biases and cause problems. Biases can also create de facto market power.

Making financial services work well for consumers is an overall strategic objective for the FCA. And as firms will be aware, the CMA and the FCA have a MOU in respect of their concurrent powers to enforce consumer protection legislation in financial services.

Boards and senior executives need to ensure their actions do not result in customer detriment and/or a distortion of competition. Conduct Risk has not gone away. If anything it has a sharper focus under the Senior Managers (Certification) Regime.

The CMA invites submissions in writing by 7 June and will publish its final report on the retail banking market investigation by 12 August 2016.

See BRG white paper: The Behavioural Regulators’ Agenda

The views and opinions expressed in this article are those of the author and do not necessarily reflect the opinions, position, or policy of Berkeley Research Group, LLC or its other employees and affiliates.

US Treasury Intent on Improving Online Marketplace Lending

US Treasury 2.PNG

The US Treasury Department has issued a white paper “Opportunities and Challenges in Online Marketplace Lending”.

Online marketplace lending refers to the segment of the financial services industry that uses investment capital and data-driven online platforms to lend either directly or indirectly to consumers and small busi­nesses.

This segment initially emerged as a “peer-to-peer” marketplace, with companies giving individual investors the ability to provide financing to individual borrowers. As products and business models have evolved, the investor base for online marketplace lenders has expanded to institutional investors, hedge fund, and financial institutions. In recognition of this shift in investor base, the market is no longer accurately described as a “peer-to-peer” market.

Treasury now refers to these companies as “online marketplace lenders.” In its white paper, it provides an overview of the evolving market landscape, reviews stakeholder opinions, and provides policy recommendations.

It also acknowledges the benefits and risks associated with online marketplace lending and highlights certain best practices applicable both to established and emerging market participants.

Several common themes emerged, including the following:

  1. Use of Data and Modelling Techniques for Underwriting is an Innovation and a Risk: While data-driven algorithms may expedite credit assessments and reduce costs, they also carry the risk of disparate impact in credit outcomes and the potential for fair lending violations. Importantly, applicants do not have the opportunity to check and correct data potentially being used in underwriting decisions.
  2. An Opportunity Exists to Expand Access to Credit: The online marketplace lending is expanding access to credit in some segments by providing loans to certain borrowers who might not otherwise have received capital. Distribution partnerships between online marketplace lenders and traditional lenders may present an opportunity to leverage technology to expand access to credit further into underserved markets.
  3. New Credit Models and Operations Remain Untested: New business models and underwriting tools have been developed in a period of very low interest rates, declining unemployment, and strong overall credit conditions. However, this industry remains untested through a complete credit cycle.
  4. Small Business Borrowers Require Enhanced Safeguards: Commenters drew attention to uneven protections and regulations currently in place for small business borrowers.
  5. Greater Transparency Can Benefit Borrowers and Investors: Responses strongly supported and agreed on the need for greater transparency for all market participants including pricing terms for borrowers and standardized loan-level data for investors.
  6. Secondary Market for Loans is Undeveloped: Although loan originations are growing at high rates, the secondary market for whole loans originated by online marketplace lenders is limited.
  7. Regulatory Clarity Can Benefit the Market: A large number argued that regulators could provide additional clarity around the roles and requirements for the various market participants.

The white paper also introduces a number of recommendations for consideration by the federal government and private sector participants:

  1. Support more robust small business borrower protections and effective oversight;
  2. Ensure sound borrower experience and back-end operations;
  3. Promote a transparent marketplace for borrowers and investors;
  4. Expand access to credit through partnerships that ensure safe and affordable credit;
  5. Support the expansion of safe and affordable credit through access to government-held data; and
  6. Facilitate interagency coordination through the creation of a standing working group for online marketplace lending.

The white paper identifies potential trends that will require on-going monitoring. These include the evolution of credit scoring, the impact of changing interest rates, potential liquidity risk, increasing mortgage and auto loans originated by online marketplace lenders, potential cybersecurity threats, and compliance with anti-money laundering requirements.

Critically, the business models and data-driven algorithms supporting this industry have largely developed in favourable credit conditions. Treasury believes it is important to consider policies that could minimize borrower risks and increase investor confidence in a less favourable credit environment.

A few other points of note:

  • The Consumer Financial Protection Bureau (CFPB) began accepting consumer complaints against marketplace lenders in March
  • The US Supreme Court is embroiled in a case that has major implications for online marketplace lenders: Madden -v- Midland Finance. At issue is whether the National Bank Act, which pre-empts state usury laws regulating the interest a national bank may charge on a loan, continues to have pre-emptive effect after the national bank has sold or otherwise assigned the loan to another entity
  • The ousting of the chief executive of LendingClub after a board review will increase the pressure for further regulatory scrutiny of the online marketplace/peer-to-peer lending businesses

Looking forward, it’s not “what you are” but “what you do” which is likely to determine the regulatory and governance framework for online marketplace lenders; and the expectations of directors and senior executives.

Consumer protection will be centre stage of the evolving regulatory agenda.

The views and opinions expressed in this article are those of the author and do not necessarily reflect the opinions, position, or policy of Berkeley Research Group, LLC or its other employees and affiliates.

BRG Develops Cybersecurity Preparedness Benchmarking Study

Cyber Risk Preparedness Benchmark StudyEMERYVILLE, CA – Leading strategic advisory and expert consulting firm Berkeley Research Group in conjunction with the Institute of Operational Risk has launched its Cybersecurity Preparedness Benchmarking Study (CPBS).

BRG Director Faisal Amin is leading the study and is supported by Michael Champion, a cyber expert in BRG’s London office. The study offers participants an opportunity to gauge their companies’ security capabilities and readiness in the case of a cybersecurity breach.

“As with every industry, financial services accepts that there are only two kinds of company when it comes to cybersecurity: those who have been hacked and those who don’t know they’ve been hacked”, said Tony Moroney, Managing Director for Governance, Risk and Culture in BRG’s international financial services team.

“With the increased sophistication of cyber criminals and constantly evolving technology, it is impossible to prevent a breach altogether. Companies must seek to mitigate the damage that a cyber breach may cause their company through detailed analysis of their technology, processes and critically, their people.

“Regulators expect firms to understand both strategic and operational risks and to be able to provide assurances regarding their firms’ cybersecurity preparedness”.

Faisal Amin added, “We’ve created this in-depth study to enable companies to understand their security culture structures to improve their security and protect valuable intellectual properties.

“All too often cybersecurity is delegated (or relegated) to IT and security teams. Clearly the technology is a core aspect of what needs defending in any cybersecurity plan but it is not the only source of the problems. As we’ve seen with some of the major hacks in the past year, a company’s processes, supply chain and people can be the source of breaches both malicious and unintended. We have created this study to investigate the source of problems and will be benchmarking companies and industries to monitor trends.”

“CSOs and CISOs have had difficulty measuring and communicating the effectiveness of their security and compliance investments”, said George Clark, Chairman of the Institute of Operational Risk. “Cyber risk has emerged as the most common operational risk concern cited by respondents in a recent survey of op risk practitioners. The CPBS study offers a solution to this challenge. We are delighted to have partnered with BRG on this important initiative.”

The study will deliver security scorecards and specific benchmarks to survey respondents and will aid firms to strengthen their security performance management program based on objective, fact-based metrics, as well as compare how their security programs measure against internal organizational goals, approved risk-management profiles, industry peers and best-practice companies.

The study is open until the end of February. A broad range of industries will be represented in the study. Information submitted by respondents will be held in the strictest confidence. All study results will be anonymous and will be shared only with participants.

Additional information about the CSP study can be found on the BRG website.

About Berkeley Research Group, LLC

Berkeley Research Group, LLC ( is a leading global strategic advisory and expert consulting firm that provides independent advice, data analytics, authoritative studies, expert testimony, investigations, and regulatory and dispute consulting to Fortune 500 corporations, financial institutions, government agencies, major law firms and regulatory bodies around the world. BRG experts and consultants combine intellectual rigor with practical, real-world experience and an in-depth understanding of industries and markets. Their expertise spans economics and finance, data analytics and statistics, and public policy in many of the major sectors of our economy, including healthcare, banking, information technology, energy, construction and real estate. BRG is headquartered in Emeryville, California, with offices across the United States and in Asia, Australia, Canada, Latin America and the United Kingdom.

About the Institute of Operational Risk

The stated mission of the Institute ( is to promote the development and discipline of Operational Risk and to foster and maintain investigations and research into the best means and methods of developing and applying the discipline and to encourage, increase, disseminate and promote knowledge, education and training and the exchange of information and ideas.

Boards ultimately have responsibility for Sales Incentives and Customer Outcomes


FinCoNet, the International Financial Consumer Protection Organisation, has published its Report on Sales Incentives and Responsible Lending, outlining key findings on the topic.

It is no real surprise that sales incentives are a key driver of both culture and behaviour towards consumers. Key findings of the report include: Continue reading Boards ultimately have responsibility for Sales Incentives and Customer Outcomes

Standard Variable Rate – Do Nothing is No Longer an Option

 “Generally speaking, everyone is more interested in doing nothing than doing anything.” —Gertrude Stein

It is doubtful that Stein, a leading American poet and writer of the early 20th century, was referring to mortgage lending in the UK when she wrote about the temptation of inactivity, but this sentiment arguably sums up the default position of lenders with regard to over a quarter of a trillion pounds of Standard Variable Rate (SVR) back books. Continue reading Standard Variable Rate – Do Nothing is No Longer an Option

Catching the Careless Nudists: New ways to predict problem behaviour (Part 2)

iStock_000012107875XLargeWe would all like to think that our offices are full of positively motivated people, yet the reality is that some of our staffs behave in various ways that do not conform to expected good behaviour. Each individual’s behaviour is constantly adjusted due to both positive and negative reinforcement. Behavioural economics may simply confirm some of our suspicions at a surface level, but it also adds deeper insights. For example… Continue reading Catching the Careless Nudists: New ways to predict problem behaviour (Part 2)