Robotics Process Automation (RPA) – A Transformation lever for Risk & Compliance Management (2023)

Overview

Robotics Process Automation or RPA is one of the digital levers that is fast becoming a tool of choice for many banks to automate processes that are standardized, low on exception, and highly manual intensive. Along with the standard benefits that an RPA implementation brings in, it also helps banks achieve compliance and attain a greater degree of control over end user computing (EUC) processes. The adoption of RPA technologies is gradually gaining momentum with investments pegged to touch nearly USD 1 billion by the end of 2019 with the banking and financial services sector accounting for approximately 40%. Furthermore, approximately 10 to 15% of these spends is expected to be taken up by the risk and compliance area.

The risk and compliance function is constantly grappling to contain compliance costs, gain better control of processes, maintain the required operational agility to achieve compliance, and improve system efficiency. The efficiency issues arise mainly due to the presence of legacy systems, the need to collate data from multiple lines of business (LoBs), and error-prone manual processes. In such a scenario, RPA comes across as a powerful solution that can help banks to

• Improve efficiency without tinkering with the existing Legacy systems
• Provide required agility to scale as per compliance needs
• Maintain better control on processes through required auditability
• Automate manual intensive efforts and reduce errors.

RPA adoption levels in Banks –

In the banking and financial services industry, especially in the risk and compliance area, the adoption of RPA is still at a nascent stage. Currently most of the investments are being made in running proofs of concept (POCs) to assess the value or the return on investment RPA implementations bring to the table. Like any technology, RPA adoption can occur in many forms (see Figure 1)

Initially banks looked at RPA for short term and tactical gains. However, with RPA technology and the concept gaining maturity, more and more possibilities of leveraging RPA for strategic needs are being explored; examples include judgment based tasks and intelligent rule-based automations. Banks have also started looking to integrate RPA with other digital investments in the areas of Machine Learning (ML), Natural Language Processing (NLP), Chabot’s etc. and are gradually progressing towards the desired state of Cognitive RPA.

RPA as a Transformational Lever

Initially RPA solutions were considered tactical fixes. However, as the digital portfolio continues to evolve, RPA is slowly evolving into a transformational lever that combines with cognitive technologies like ML to carry out strategic tasks without impacting the existing IT landscape. This change in outlook can also be observed in the risk and compliance areas where adoption is gradually moving from simple risk tasks to complex judgement based tasks that involve review and decisioning. Also, banks are investing in RPA at an enterprise level, rather than opting for specific point solutions. These changes clearly indicate that RPA is becoming more and more strategic in nature and banks are undertaking RPA investments to improve efficiencies and save compliance costs.

RPA adoption in Risk and Compliance

In the risk and compliance area, RPA adoption is still in an early stage. Currently, most of the adoption is happening in areas such as KYC onboarding and generation of risk and regulatory reports where the activities are standardized and involve data collation, data aggregation, email integration, and simple rule-based automation to quote a few.

As the concept gains maturity, adoption is spreading to areas like AML alert investigation, credit reviews, risk reconciliation, and generation of high-volume, high-frequency risk reports such as daily LCR reporting. These processes typically involve complex business rules, processing of unstructured data, macros etc.

The banking industry is currently envisioning a target state where RPA can combine with cognitive technologies such as ML, NLP etc. Many banks have started focusing on this and are in the process of identifying use cases that are a good fit. In risk and compliance, judgement based use cases such as limit breach management, risk data quality management etc., are typically good candidates for Cognitive RPA. Though many banks are keen to leverage Cognitive RPA capabilities, they are also cognizant of the fact that it is not desirable to automate judgement based tasks completely in the risk and compliance area due to the nature of the function. Even though some banks are leveraging ML components for risk assessment and decisioning, the output from such cognitive RPA solutions are aimed at improving the turnaround time for Risk processes and providing suggestive recommendations to the risk analysts. The final authority of decisioning is still resident within the risk function of the Bank.

Enterprise Level Platform based approach for RPA adoption

Banks too have started perceiving RPA adoption as transformational initiatives rather than point solutions. Initially when banks started experimenting with RPA solutions, their approach was operational in nature, siloed with very low focus on reusability aspects. With the RPA concept evolving, it is receiving a major boost with more and more banks adopting RPA at an enterprise level. Banks are now forming dedicated RPA Centers of Excellence (CoEs) to manage RPA programs at an enterprise level. The core function of the CoE is to

• Establish standards for identifying and assessing RPA use cases
• Develop and Execute use cases across Lines of Business (LoB’s)
• Deploy and manage RPA installations
• Capture and manage reusability aspects that can be leveraged across RPA use cases for different LoBs

Focusing on reusability

Reusability in RPA is another concept that is fast gathering steam; reusability means capturing and managing aspects from a RPA implementation and then leveraging the same in some capacity for subsequent RPA implementations, which eventually reduces development effort. Many banks have started thinking along these lines and are working towards establishing a framework that enables identification of the reusability aspects of RPA implementations. Many third-party RPA tools also provide a library space where the reusability aspects can be captured and leveraged for subsequent implementations.

Challenges in RPA adoption

No Change comes without its share of challenges, even in case of RPA adoption the Banks are facing the following key challenges

• Regulatory uncertainty over the use of RPA solutions. No formal or defined requirements from regulators on the use of RPA technology for automation has resulted in banks taking a cautious approach to adoption.
• Unstable business processes – many banks have manual processes that are not very well documented or stable which makes it difficult for them to adopt RPA solutions.
• Most of the initial RPA adoption has been in silos and banks are still in the process of putting in place an enterprise-wide RPA adoption strategy and governance framework.
• RPA technologies are fast-changing as they are still evolving

The Road ahead

As RPA technologies become more and more mature, they will open up many complex problem statements in risk and compliance for RPA adoption. The future of the RPA market looks promising as the key aspects that make RPA preferable are that it does not interfere with the existing IT investments and provides quick and efficient solutions to business users, which makes it attractive for both business and technology stakeholders.

About the Author

Ajay Katara is a Domain Consultant with the Risk Management practice of the Banking and Financial Services (BFS) business unit at Tata Consultancy Services (TCS). He currently leads the BFS Risk Practice’s portfolio on Regulations and Robotics Process Automation. He has extensive experience of more than 13 years in Consulting & Solution design space cutting across CCAR Consulting, AML, Basel II implementation and credit risk, and has worked with several financial enterprises across geographies. He has significantly contributed to the conceptualization of strategic offerings in the risk management space and has been instrumental in successfully driving various consulting engagements. He has also authored many editorials, details of which can be found in his linked in profile (https://www.linkedin.com/in/ajaykatara/)