Firms operating in the financial sector are constantly subject to new, demanding regulations. Brenton Harder of Credit Suisse discusses how banks can respond to this ongoing “attack” by implementing a flexible operating model and management structure.

Financial policies are designed to enforce sufficient regulatory structure and adherence to a set of core requirements, restrictions, and guidelines in order to create an acceptable degree of transparency between banking institutions, individuals and corporations. Given the interconnectedness of the banking industry and the potential impact of large-scale failure on the global economy, it is vitally important for regulatory agencies to maintain control over the standardised practices of banking institutions. Supporters of such regulation often hinge their arguments on the “too big to fail” notion. This holds that many financial institutions (particularly international commercial investment banks) hold too much control over the economy to fail without enormous consequences.

Global governmental regulatory reaction to the recent financial crisis has been particularly uncoordinated across nations and jurisdictions. Even before 2008, just in the USA there were 77 major pieces of new regulations containing 27.7 provisions, on average, increasing to 48.8 in the past two decades. Some of these policies and provisions will have a huge impact on the viability and profitability of existing banking models, while other policies will die a slow death due to complexity, governmental bureaucracy or coordinated corporate resistance. Whatever the case, without transparent and flexible operating models and management structures, many international banks and financial institutions are finding it increasingly difficult to profitably respond to the pace and scale of necessary change to stay ahead of the fragmented regulatory onslaught.

To survive, some banks will just add more people and additional committee bureaucracy in an effort to force required reporting and operating transparency, while others will take a more practical and sustainable route to success.


By leveraging simple BPM planning, banks can quickly organise and manage a coordinated response to the regulatory onslaught they face. To illustrate, it is helpful to study one bank’s response to just one of the many regulatory initiatives undergoing live implementation around the world – Basel III.

Banks fund their assets through a combination of liabilities and equity. If the total value of a bank’s assets exceeds that bank’s liabilities, the amount of that difference is referred to generally as the bank’s capital. Besides preventing insolvency, capital is especially important to protect against the risk of loss that is inherent in banks’ assets, and to protect against the volatility in a bank’s liabilities. Banks fund much of their assets through customer deposits. However, such deposits are a risky source of funding because depositors can generally demand that the bank repay them at any time. If depositors withdraw large amounts of money within a short timeframe, the bank could find itself paying such withdrawals with its capital because most of a bank’s assets, such as loans, cannot be liquidated quickly. If the withdrawals are large enough, the bank may exhaust its capital and find itself insolvent.

In the recent global financial crisis, the risk of insolvency was an important issue confronting several important banks in the United States. Because of their importance, these banks were considered “too big to fail”, as their failure would have posed systemic risk to the financial system. As a result, the government had to intervene and inject capital into these banks in order to prevent the collapse of the entire financial system.

Up until the 1970s, bank regulation lacked, for the most part, international reach. Nations were left to decide for themselves how to best regulate the banks that did business within their borders. This all changed in 1974, when the Herstatt Bank in Germany failed, highlighting the significant risks that accompany international banking and exposing the need for coherent international cooperation between nations to minimise future risks associated with international banking. In response, the member nations of the G-10 established the Basel Committee on Bank Supervision (BCBS) to focus on matters relating to bank supervision and regulation. The BCBS serves as a forum for its members to discuss issues and problems relating to bank regulation. In the course of these discussions, if the members come to a common understanding or agreement on an issue, the BCBS will issue supervisory guidance and standards relating to that issue. However, the issuances of the BCBS are only advisory in nature and are not binding on the members or any other nation. As a matter of best practice, though, the members of the BCBS, as well as many non-members, usually adopt its recommendations in whole or in part. Thus, the promulgations of the BCBS form a type of “soft law”.

One such issue, and one that played an important role in the recent global financial crisis, is the regulation of bank capital. Addressing this issue has been an ongoing process for the BCBS over the past 20 years, and has resulted in the promulgation of capital adequacy standards that national regulators can implement. These standards are known collectively as the Basel Accords, named after the city in Switzerland where the BCBS resides. The Basel Accords have caused disagreement at times, but they are nevertheless important to the formulation of regulatory policy relating to bank capital. In all, the BCBS has produced three such accords. Basel III, published in 2010, is the most recent Accord. Each Accord has purported to improve upon the previous one, but early indications suggest that Basel III is not flawless and so it is not likely to be the last one.

Formally titled A Global Regulatory Framework for More Resilient Banks and Banking Systems, Basel III reflects the BCBS’ attempts to apply lessons learned from the financial crisis and apply them to the existing framework of banking regulation. The primary goal of Basel III is to improve the ability of banks to absorb asset losses without affecting the rest of the economy through a focus on regulatory capital, which is more restrictive and emphasises greater quality.

Under Basel III, Tier 1 capital must be mostly of “core capital”, which consists of equity stock and retained earnings. In addition, many items that were formerly included in a bank’s capital calculation under Basel II, including some forms of subordinated debt, will be excluded under Basel III. Those capital instruments that will no longer qualify as capital under Basel III will be phased out of a bank’s capital calculation over a 10-year period starting in 2013. This transition period will help those banks that do not currently possess the sufficient amount and types of capital comply with the new requirements.


For proactive banks, the transition period has also allowed for the opportunity to implement a process-based infrastructure (BPM) for both project management of short-term tactical changes and the longer-term strategic components necessary for sustained competitive advantage. A large Europeanbased international bank leveraged a four-step process to manage the end-to-end rollout of Basel III across the globe:

Phase 1 – Planning A basic BPM framework is established to build development plan:

  • Use existing BIII rules, business requirements and gap assessments to develop a comprehensive target operating model (TOM) and capability design; „„
  • Define a high-level TOM architecture that structures primary flow around key processes and work streams and gaps; „„
  • Charter projects to close gaps; „„
  • Construct each work stream/key process to include: detailed business requirements (KPIs), calculations, system design, data sources, process flows, detailed project plans, and governance framework; „„
  • Assign process owner to each key process or work stream accountable for end-to-end delivery.

Phase 2 – Governance It is critical to build strong connectivity between the strategic and tactical components of the BPM structure to ensure speed of execution and accountability for actions. Strategic steering elements are necessary in the early phases of structure, and then less so during implementation: „„

  • Build clear line-of-sight between strategic decision-making and tactical work stream execution to ensure implementation speed and minimal change-based resistance; „„
  • Focus on four elements of leadership in speeding the implementation: change management;  project management; design management; BIII expertise.

Phase 3 – Process structure and systems landscape The basic operating structure, maps, and system designs for the BPM platform are put in place following the planning and governance phases. It is very important for management to have a play in the rollout and execution of the structure and landscape stages for consistency. „„

  • Ensure end-to-end connectivity of all processing components with system interfaces; „„
  • Connect all organisational units involved with customer interface and regulatory reporting;
  • Map all process flows and system designs.

Phase 4 – Process Control Steady state control of the process infrastructure is possible only with clearly identified roles and responsibilities. A variety of tools (RACI, RR Maps) can be used to ensure there is consistent coverage for most major contingencies: „„

  • Each work stream breaks down into subprojects with assigned project managers, functional leaders, IT leaders, and clearly identified project teams; „„
  • The executive leader for each work package has overall accountability for delivery and success of each work stream and subproject; „„
  • Project managers actively manage all aspects of the work stream implementation projects;
  • Functional SMEs are essential to the understanding and integration of the work into the project and processes; „„
  • The IT and project teams ensure all elements of the project plans are consistently executed.


By implementing a Business Process Management (BPM) structure, banks can more easily merge disparate technologies and data sources, align operating platforms, and converge management structures in order to function as single operating units with real authority, meaningful controls, and common metrics. Successful banks understand that operating transparency and process accountability have become absolutely essential in providing a coordinated, timely, and viable response to the myriad global governmental agencies demanding meaningful change in the way banks transact services and trades, manage and control risk, protect client confidentiality, prevent criminal activity, and allocate credit.