The average financial firm has six lines of business to monitor, each with its own set of goals, restrictions, and regulatory requirements.
Faced with rising volume of regulation and velocity of regulatory change, firms often find themselves throwing more people, time, and resources at the problem. This can add up quickly.
In this article, we highlight the growing costs of compliance—and non-compliance—for financial firms.
––––
What Financial Firms Spend on Maintaining Compliance
How can one calculate the cost of compliance? One option, perhaps the most straightforward, is to look at the total costs for key markets in the financial services industry. The Asian-Pacific, European, Middle Eastern and African, Latin American, and North America markets spend about $206 billion per year on maintaining financial crime compliance. The North American market alone spends $61 billion. Those numbers are impressively large, but hide the burden placed on each individual firm.
Between 2016 and 2023, the number of employee hours dedicated to complying with financial regulations and examiner mandates increased by 61%…
In 2016, banks spent 9.6% of their IT budget on compliance duties; in 2023, they spent 13.4%.
Financial services research firm Model Office, in partnership with Fidelity Adviser Solutions, reports that the direct and indirect cost of compliance averaged 19% of annual revenue depending on firm size.
Though startling, these numbers fail to capture the acceleration of regulatory change and complexity. They have increased dramatically since the 2008 global financial crisis. The velocity of change has increased so much that firms cannot keep up. Instead of making informed decisions based on a deep understanding of their specific compliance requirements, Risk and Compliance teams can be forced to make a best guess based on a fragmented and incomplete view of their regulatory environment. While it might seem unavoidable given time and budget constraints, this uncertainty can lead to compliance failures and heightened risk.
What Financial Firms Pay for Non–Compliance
Jaw-dropping fines issued by regulatory agencies are the most visible evidence of the cost of non-compliance.
Ignoring compliance responsibilities can cost far more in fines and reputational damage and resulting business opportunities than investing in a proper program from the start. TD Bank’s failure to make compliance a priority not only led to a huge fine but also seriously damaged its reputation. For example, Fitch Ratings in May 2024 revised TD’s outlook to “negative,” reflecting the uncertainty regarding various investigations by regulators on the deficiencies of TD’s AML practices in the United States. That’s a reputational stigma that can take years to repair—if it ever fully recovers.
In total, firms spend almost $15 million on the consequences of non-compliance. That’s 2.71 times higher than what firms typically pay to stay in compliance by building strong compliance programs.
This difference, while dramatic, should not be surprising. The system is designed to incentivize firms to comply or risk hefty penalties. However, when the volume and velocity of regulatory change makes it almost impossible to keep up, how can firms expect to avoid the expensive consequences of non-compliance?
‘Expense’ does not only refer to monetary loss. Other costs of non-compliance include reputational damage for your organization, and the disillusionment and morale drag on your personnel.
According to a 2014 Deloitte survey, 87 percent of executives rate reputational risk as more important than other strategic risks. There’s nothing to suggest the impact of reputational damage has diminished. These surveyed executives said that the business areas most impacted by a negative reputational event were revenue (41 percent), loss of brand value (41 percent), and regulatory investigations (37 percent). In line with these concerns, the stock price reactions to negative press from non-compliance penalties can cost more than the penalties themselves.
Preparing for the Next Normal
With uncertainty high, financial institutions may look to trim costs wherever possible. Yet, to keep up with the pace of regulation, firms will have to increase risk and compliance team budgets—or risk the consequences.
To cost-effectively keep pace with the regulation while avoiding the costs of non-compliance, businesses should consider the right balance of automation, people, and processes that can squeeze much more from available resources.
