Automating Breach Reporting

Over the next few years, the adoption of automation and AI technologies will transform the risk & compliance as firms increasingly interact with ever-smarter machines. These technologies, and that human-machine interaction, will bring numerous benefits in the form of higher productivity, reduction of cost for compliance, risk, but they will also change the skills required of risk and compliance workforce.

Non-financial risks like conduct are now a top issue because of the range of adverse events that have come to light and the huge cost to the industry from a variety of conduct and compliance events with sizable financial and reputational costs. Many are strengthening risk assessment and measurement of compliance and conduct risk, increasing accountability for conduct risks in the business lines, strengthening the first and second line of defence monitoring and testing, and embedding conduct risk into the business model, strategy analysis and HR processes.

Automation of first and second line of defence will change control monitoring, risk forecasting and breach reporting. Some of the capabilities areas that automation will bring immidiate benefits are

• Maintaining a breach register and comprehensive information necessary for an investigation
• Factors that determine the nature of the breach and whether it is reportable
• Understanding the frequency of similar previous breaches and evidence that remediation actions have been taken in the past
• The impact of the breach and predictive risk-based supervision
• Recognizing the customer and potential loss to them
• Breach report preparation
• Meeting the reporting timeframe
• Prevention of breach

Overall this will support improved governance and a systematic and disciplined approach. It will provide adequacy and effectiveness of risk management and control process i.e. ability to clearly articulate, measure and prevent.