Fintech Insights

Podcast: When it comes to risk and compliance, think about more than just tech

Kyle Gardner | Senior VP & Group Executive at FIS Compliance Suite, FIS

November 08, 2021

Financial Futures: Season 6 Episode 5

Everyone knows that both risk and regulatory requirements are rising. The question is, how do you relieve the pressure? Because it’s not just a question of applying new technology. You need to look at the bigger picture and consider staffing, processes and data.

I talk about all of this and more with Niv Bodor, senior manager of advisory technology risk at Deloitte, in season six’s last episode of our podcast, Financial Futures. How recently have you considered:

  • The macro changes you may have missed during the past year and a half
  • The impact of regulators’ – and bad actors’ – aggressive adoption of new technology
  • Why improving your tech capabilities is just one piece of the puzzle
  • How the roles of the CCO and CRO will change

And there’s so much more to dig into. So, grab a cup of coffee and click on the button below to start listening.

Miss the last episode? Podcast: AI in finance: Massive innovation, massive disruption, massive opportunity


ERIN DANGLER: As the old saying goes, change is the only constant. And in the capital markets, that change is happening faster than ever before.

NIV BODOR: Every new activity, every new product, every new type of training and kind of asset that you handle, all that has significant challenges and, and new requirements from a risk and supervision and compliance standpoint. So I think kind of the pace of change is just remarkable.

ERIN DANGLER: But in order to keep up with the ever-evolving world of risk and compliance, institutions must either adapt or fall by the wayside.

KYLE GARDNER: some of these new technologies. I just don't think they can do it. I think you can, maybe band aid it along for a certain period of time. But then you're probably going to find yourselves in the news because of a systemic problem throughout the firm.

ERIN DANGLER: This is financial futures, the podcast that charts the frontiers of fintech innovation. In this series, we'll be exploring the opportunities and challenges facing the capital markets and diving into the trends that are reshaping the way institutions operate in this rapidly evolving industry. I'm your host, Erin Dangler. And today, we're peering into the future of risk and compliance to find out what's in store for CROs and CCOs with the help of senior manager of advisory technology risk at Deloitte, Niv Bodor, and senior vice president and group executive at FIS Compliance Suite, Kyle Gardner. We'll discuss how trends, such as the rise of free trading platforms and changing trader demographics are prompting the increased focus on risk and compliance. We'll examine the technologies helping financial institutions to stay on top of stringent regulations and reduce their exposure to internal and external risks. And we'll ask what this increased reliance on technology means for CCOs and CROs. First, what are the issues in the capital markets making more advanced risk and compliance tech so necessary right now?

NIV BODOR: I think it's a few things. I mean, for the regulators, pretty much the journey since 2008, 2009 has been a little bit like peeling the onion. And unfortunately, the more they peel, the more kind of issues they found. And it also prompted them to look into new product areas, new business areas, just find more and more issues in terms of how markets were, or being handled as well as all the different business activities and, and how banks and financial institutions were conducting their business with clients. So, I think it's been pretty much a mad journey ever since for the banks in, in trying to kind of fix all the issues for those who had the, kind of the biggest missteps and those that were pinged by the regulators and for all the rest of the financial institutions, it was just about keeping up. The challenge has been, really, with kind of addressing all these different issues. Whereas the response time for the banks is typically very slow, right? So you adjust your procedures, your processes, your program, you bring in new people, you make changes. And that's something that you could do within, within a few months, sometimes a year or two, but then you also rely on technology, right? And bringing in new technology, implementing, even getting the data needed in order to do those implementations. That has taken much longer than, than what it should. And I think the reality is being that the banks, you know, were addressing a certain issue and implementing the required technology and while doing it, they already had the next two, three issues and those required other systems or more modules and all of that more data. So it's always more and more from a technology and data standpoint. And it's been very hard for the banks to kind of cope with that and just be in time.

KYLE GARDNER: I mean, I think sometimes we look at the last year and a half or two years and we kind of think COVID and we get caught in, in blinders a little bit, and we don't recognize some of the other kind of macro changes that have happened in the industry. You know, you look at the introduction of free trading with Robin Hood and some of those types of platforms, how firms have had to change and adopt their business models associated with that, you know, firms need to make money some way. So if you erode the profits on trading then they look to bring those back in some other way, so it introduces a new set of complexities from a regulatory and a risk perspective. We have new demographics of investors. I'll call them this retail force. So you see what happened in Q1, where you had kind of the hedge funds versus the small guys. Where the small guys, the millennials, went on these social media platforms and grouped together and went out and traded and what I'll call like-kind strategies. What's interesting you talk to some of those investors about what they did and how that worked. And, and one of them rationalized it to me as "Well, this is just the new platform. Our parents watched a show like Mad Money. They all traded in unison behind Kramer's advice. We're just doing it between ourselves, without Kramer announcing it." And so they really view kind of some of these changing demographics and go, this is how we operate. We don't operate like our parents or like our grandparents or these different groups. Like Niv said, there's an immense amount of data and you saw the data volumes and spikes over the last year and a half that are difficult for firms to manage. So you look at some things like cloud adoption and adopting some new technology has enabled some firms to stay ahead of those data volume increases, but also data represents an opportunity and a risk. If you can use that data holistically, comb through it, identify some trends, then you may be further ahead than someone else may be. So it has, it has been an interesting year. There's been a lot that has gone on, and it's been a lot of good, some bad, but I think firms are adequately trying to wade through it all and manage the risk appropriately. Create a framework and a strategy to push forward into the future.

ERIN DANGLER: And it's not all just COVID. I mean, I know we're talking about, you know, working from home, create security issues, but you're also talking about this generational shift. You know, we've got gen X-ers working now with millennials and that creates a disruption as well, which creates emerging risks. So what are some of these emerging risks that need to be managed? Can you give me some examples?

NIV BODOR: some of the areas that that Kyle had mentioned. I mean, obviously the business activities are changing. You need to work with these millennials, you need to adjust, and banks have been adjusting how they conduct the business, just you know, over newer technologies, right? The over a smart phones and, and through apps and everything is being done online. As Kyle has mentioned, adjusting to these new investment platforms, right? Like, like Robin Hood. There's also cryptocurrency and digital assets that just blew right in and represent a huge volumes and huge amounts of money that are now being passed by investors, every new activity, every new product, every new type of trading and asset that you handle, all of that has significant challenges and, and new requirements from a risk and supervision and compliance standpoint. I think the pace of change is just remarkable. Some of these things have really changed in the last two or three years. And it's just coming on and on. So the banks really need to kind of adjust the technological infrastructure and they're doing it already from the side of the business, but then they also need to do it from the side of the supervisory framework and compliance and supervision, really just to keep up with what the business has to do in order to continue to evolve and to make more money.

KYLE GARDNER: The point that I would focus on just real quick is the adoption of new technology. There's a little bit of a honeymoon period I'll call it whenever a new technology comes in, where people want to be on the latest and greatest, they want to adopt it. But the reality is some firms have been burned a little bit by some new technology. There's been an over promise and an under delivery. And so now firms are a little bit more hesitant, I feel. But the interesting thing about this is when you look at new technology, the regulators are aggressively adopting it. So really when you look at these risk and compliance teams, the regulators doing proactive surveillance on their firms, they're not going into a firm necessarily anymore and saying, "Hey, let's talk together. Let's look at your areas of risk." They're coming in with a list of their own saying we, we know where some issues are based on the data with additional analysis being done on top of it. You further look at just the regulators aggressive adoption of that technology. You look at the bad actors adopt that technology as well. So, you know, we've moved from almost a fraud conversation from a plain and simple fraud to this synthetic fraud where now fraud is targeting basically a strategy of, we want to skirt under the flag. You look at firms also from a proprietary business strategy perspective have adopted new technology in a very aggressive way. A lot of the companies that are out there use algorithmic trading and the artificial intelligence machine learning that's built into that. And then you even look at how firms have used the new technology to market and position new products and solutions and services to the end consumers. And are we manipulating those consumers? Or are we providing the best options for them as a consumer in the market and maintaining that integrity of financial services. So really compliance is kind of in the catch-all position where they have to manage all of these new adoptions of new technology. They have to make them understandable. They have to make them so that they can show the trends, the processes, the procedures. And more importantly, catch these new technologies when they maybe deviate or go off rails from an ideal operating model from a risk and compliance perspective.

ERIN DANGLER: institutions are under immense pressure to adopt the latest risk and compliance technology. Not only are the regulators calling for it, but increasingly sophisticated cyber-attacks are forcing organizations to upgrade. However, improving your technological capabilities is only one part of the issue. As Kyle says, even upgrading your processes and procedures brings along its own regulatory red tape. So how can financial institutions keep up with this seemingly never- ending process of compliance and risk management and what do they need to do to adapt?

NIV BODOR: I think data is key. Firms, financial institutions have been working for probably the last five or 10 years to kind of improve their data infrastructure, right. And really the purpose of that is to gather as much data that you can for your business and transactional activities and make that data available for faster processing that you can utilize both from a business standpoint, as well as from a compliance standpoint and for a lot of other needs. But that that's really the basis. And I think firms are still in the process of putting together those kinds of big data systems and really enabling and making that data available for some of those upstream systems and needs really. Uh, but I think that's key. You need to have the data much closer to real time, as much as possible. And then you'll be able to kind of do the type of processing that then allows you to gain the intelligence you need from that data. The second part, cloud is important because of the acceleration of adoption of technology that it allows you. So obviously there's an economic consideration and business case to be made you know, with using the cloud, but, but I think from a technology and IT standpoint, or even a business need, what it really allows you to do is to roll out new systems much faster, because it's not just a simplification of kind of your infrastructure and the fact that you can keep those applications and data on the cloud, it's also about getting a lot of that data from kind of external sources, which we vendor provide as part of their cloud solutions. So typically if in the legacy situation it could take, you know, sometimes 3, 4, 5 years to roll out an enterprise solution, the expectation is that with the cloud, you can do it in less than a year or up to a year or two, again, depending on kind of the need, but really accelerate your time to market when you're deploying it.

KYLE GARDNER: You could have the best the AI platform in the world. and if you don't have the data to drive it, or if that data is biased in some way, then you're never going to see the results that you're looking for. We talked to some different participants in the industry, just looking at the adoption of AI. A lot of times we talked to firms with two competing strategies: one is where they want to do it upfront, and then others were plain and simple. And unfortunately there's a lot of firms stuck in this boat. They say, "Hey, we're compliance. We don't have as big a budget that we want. So we're going to try. We're going to try to do this low cost and learn, learn as we go." And what I'll say is, it pays to invest up front buy a little bit of expertise and then make sure you internalize that expertise of the firm and use that on future projects. The other thing that I would say is just on data, you know, as we look at data and we look at new technology, it really increases the university of the data that we're able to use and able to draw on. I'll give you a quick example, I was in a conversation with one institution, and we were talking about anti money laundering. There were all sorts of scenarios they were talking about, data points they were talking about. And some of the best data that they uncovered actually came from freeform notes from tellers. And it's interesting how these advanced technologies were able to connect dots and those free form notes that previously the firm just was not able to do. So one example of this. They realized there was a correlation across the Southeast in individuals depositing cash in a bank. And there was a correlation between the types of baseball hats they wore. And the mechanism by which they brought the cash into the bank. And so by looking at the amounts of cash, looking at these baseball hats, in addition to the form in which they brought the cash in, there was a direct correlation that the technology was able to draw and say, hey, let's raise the risk score of these individuals and identify some of this money laundering.

ERIN DANGLER: I'm really curious as you give that example about the backpacks and the hats and the amount of money. How is that captured? Is that all of those pieces working together and with these new digital technologies, can that happen in real time?

KYLE GARDNER: So you look at it, you go back to that example, baseball hats and backpacks, and you look at this ancillary data that's now available. I would say communication surveillance and communication of any type is kind of an emerging trend that we're seeing throughout the globe. You know, communications data really is, is something that has the opportunity to supplement and enrich a firm’s policies, procedures, and investigations across the board. You look at like a new regulation, for example, like Reg BI. Um, Reg BI is a regulation in the United States where you have to do a lot of disclosures to clients. It's kind of like when you do an upgrade on your iPhone, you have to check a box saying, yeah, I read all the terms and conditions. I personally have never read one of those terms and conditions when I do a, an upgrade on my phone. And so I think there's a general feeling that a lot of the industry operates in that same way. And quite frankly, some of those terms and conditions are just people don't understand them. And so with this emergence of comms surveillance, firms now have the opportunity to look at situations that have happened. For example, something, say it may seem very innocent, where I'll go back to Reg BI for a second, where maybe an elderly person goes into an annuity. They say "absolutely, sign this up for me." They didn't realize that it was going to spread their money over 30 years. They probably won't be here by the time that completes. And so they may have a little complaint. You could say it's a misunderstanding, whereas you go back to that comms surveillance and all of a sudden you can see that a rep told them that, oh yeah, you'll have a return in two to three years. It shows a lot of things that aren't in just a paper sense. And so comms surveillance is something that I'm actually very excited about. You look at trade reconstruction and just the opportunity that it has really, as I mentioned, to enrich all of those policies across the board.

NIV BODOR: Absolutely, I mean, comms surveillance used to be very reactive and very policy-based financial institutions have had, for a long time, policies of what you can have and what you shouldn't have in your communications. And they use those platforms just to look for that. So very, very simple rules. But I think that there's an additional paradigm shift that needs to happen, is just to look at it from a proactive standpoint of analyzing those to be ahead of the game in order to really detect trends and patterns that you cannot detect otherwise. So just to give you an example, I mean, you know, at Deloitte, we've done numerous projects where a bank or a financial institution would have some sort of a regulatory issue. And then we would be brought in to just look at communications in the last five, 10 years sometimes and either use some automated tools or even have people just sit down and go over those communications, you know, hundreds or thousands of documents. And just to try to kind of match that to what actually happened or to compliment that, you know, what the regulators have already found. But, with today's technology, there's no reason to do these things in a reactive way. You should be proactive. We should be able to analyze those communications as they come in. And instead of just having this, this simple rules that are driven by our policies, to have more meaningful modules, and it all goes back to the AI, that tried to analyze a context of, of a business process or an issue, right? Whether it's disclosures or whether it's collusion around terrorist activity or, or any sort of fraudulent activity, market manipulation. And you just have to have kind of better intelligence in analyzing the data specifically for that, that data is there. It has always been there. Uh, the banks are capturing it. They just never knew or were never proactive enough in trying to get the intelligence that is in there.

ERIN DANGLER: So let's talk about that technology. Cause I'm kind of fascinated by this whole communication piece. It sounds like it's kind of front office versus back office. The people that are trying to be the department backstop for risk and audit are always the last to know or the last to weigh in where the front office is out there working strategy and working clients. So what are these technology solutions like reg tech solutions, risk solutions?

NIV BODOR: It's either tools that are dedicated to monitoring or, or surveillance, so really focused on the specific use cases for training operations or, or banking operations, and specifically what they need from both a monitoring standpoint and a supervisory standpoint. The other type of tools that you have are more analytics based. So broader tools that focus on the data as it is. So unstructured data and, you know, very strong analytics and AI, and basically allow you to develop your own use cases. So a little bit less kind of focused on, on the actual award flow that you would need as a supervisor and more focused on, on very strong analytics. And I think banks, they've been using the first more, because it's been easy to just put it in place and just have your supervisors have all the required workflow and archiving and, and the ability to kind of utilize that in their day-to-day job. And they're also complimenting it with stronger analytics tools as well, so trying to see what is there to be gained beyond, beyond kind of the day-to-day. And there's also kind of a merging of both in a sense. So making sure that you have your workflow in place, but also utilizing more and more AI, as well as a kind of natural language processing, just to make sure that you get the language aspects right.

KYLE GARDNER: Yeah, absolutely Niv. I think you mentioned a couple of things. You know, if we step back five years, Erin, sometimes even two years, the main focus around comms surveillance was usually on data archival. And this new technology, it's really shifted that on its head. And archival strategy is almost viewed as a check-the-box of a current solution. Really what they are looking for is they're looking for that proactive surveillance. You used to talk to firms, and they would, they would talk about sampling, for example, even on this comms data. We do sampling on that on a certain periodic basis and now firms are going out of that sampling. Isn't good enough. We can't read 10%, 20, 30% of emails, we need to have a proactive surveillance tool that's monitoring all these across the board. People also need to recognize these new solutions don't use computing power in the same way that an archival or rules-based system do. So you have to have the resources stood up so that these programs can actually run, and they can crunch and heavy processing times. You almost even go back to some of these fraud discussions where we started, cloud has some other opportunities, for example, looking at DDoS attacks, DDoS attack for an individual firm to handle is quite difficult. When you have a contract with an enterprise service provider in the market, like an AWS or something like that, you can really rely on these safeguards, the securities and the tools they've put in place to really protect that data. The last thing that I would just say is around timeframes. The new generational shift with some new investors in the market. They're not going to wait days or weeks or months for an answer on something. And the regulators are getting that way as well. You know, they don't, if a regulator comes to you and says, "Hey, we want some trade reconciliation work done, we want to know all of the communications surrounding this." You can't go back to that regulator and say, well, we're going to have to pull tape. We're going to have to start reviewing this. It's going to take us a month to respond. The new norm is kind of 72 hours. But we see all of these timeframes continuing to compress. And so there's no way to handle the volume of data that we have now. There's so many different communications platforms and you look at those compressing timeframes. There's no way to do it, except for new technology. You simply cannot throw enough heads at it. So if a firm doesn't modernize there’s, there's a price to pay.

NIV BODOR: just wanted to add, with FINRA knocking at your door. The CFTC, the examination, may actually include data scientists nowadays. It's not just the old school examiners coming with a few questions. They might actually come with a few data scientists, and they will have very kind of detailed questions on your data and utilizing their machine learning models for example. And you need to be able to answer those questions and also kind of uh, be able to represent what you are doing.

ERIN DANGLER: With stricter regulations governing such vast areas of the capital markets. Institutions cannot simply assign more bodies to the problem in order to meet the demand of the regulators. They need to embrace technology. But what impact will all this extra computing power and risk and regulation have on the human element? And how will this affect the role of CCOs and CROs?

NIV BODOR: You definitely have to be more, more tech savvy than in the past. There are definitely more kind of groups that they need to work with. We're seeing a lot more synergies happening, both with your kind of technology and IT teams, as well as with the front office. Because there's a lot of reliance on, on their data, but also kind of joint ownership from a risk standpoint, it's no longer just compliance. Um, oftentimes the, the business actually owned the risks and, in a sense, you're either collaborating with them or actually working for them rather than just being an independent arm as in the past that are, you know, you're just doing kind of your thing versus the regulations that you need to cover. I think also just the overall pace has, has changed. You just have a lot more things being thrown at you and a lot more challenges. Again, it's also about the reaction time, right? You can't just drag things over a few years now to implement something, you just have to be a lot quicker than in the past.

KYLE GARDNER: You look at a chief compliance officer, a chief risk officer, and you look at some of the pressures that firms are under now. I think if you asked many of the chief compliance officers, chief risk officers, do they have the resources they need in the budget? Most people would probably say we could use more, but then you ask their counterparts on other sides of the firms, and, oftentimes, the compliance budgets have greatly outpaced from a growth perspective, the budget of, for example, the front office. And so that's created a lot of, a little bit of friction. So I think what chief risk officers, chief compliance officers really are tasked with nowadays is I would call baselining their cost while protecting a firm from fine censures and public harm. There's a lot of talk in the industry right now about GSE type funds and looking at companies sustainability and all these different things. No one wants to be the company that it turns out there's an enterprise, you know, systemic bad action happening throughout the fund where investors, where their consumers or someone were taken advantage of. I mean, that's going to earn them negative marks across the entire industry. And then you look at the social media channels and how these new investors that already think financial institutions are a little bit maybe dishonest or big brother-ish, you know, it's just another mark against them. So these chief risk officers really and chief compliance officers as I look at it, they have to balance the budgeting. They have to balance the performance. They need to adopt new technology in order to do that. At the same time, they have to protect the firm, make sure that the name is kept out of the news and more importantly, maintain integrity and financial services by protecting the end consumer. Without some of these new technologies, I just don't think they can do it. I think you can, maybe band-aid it along for a certain period of time, but then you're probably going to find yourselves in the news because of a systemic problem throughout the firm.

ERIN DANGLER: they embracing this new technology? I mean, that may be generational among CCOs and CROs as well. I mean, nobody likes change.

KYLE GARDNER: I feel pretty passionate about this. So I think every financial institution that's out there. If you ask them, have you done, for example, an artificial intelligence project, they would tell you, yes. Some of those projects were done at the early adoption of the new technology, maybe when the returns weren't as well-defined, as they should have been in the expected outcomes from those projects. And I think as firms really look at the new technology now, there's a lot of great use cases to where they can point that technology and look for a direct return, whether it's reducing false positives or if it's really looking at holistic risk across the firm. I mean like Niv said, when you look at a risk program and you look at a firm and say, okay, what's the likelihood of a risk out of these different regions? And what is the cost implication of that risk materializing? There's always a certain amount of odds weighting that is done in that. The interesting thing is, you know, if you go back to cash days, you couldn't launder billions of dollars of cash through one remote branch, but with the digital assets now and all these other things, that risk odds weighted risking of your branches, of your policies, of your procedures, it opens all of them up to almost unmeasurable risk because so much can be crammed through so quickly. So really that technology helps you balance it across the entire enterprise.

NIV BODOR: It's definitely a challenge because you need to have the right staff. You need to have also the ability to support those technology implementations, right? Because people have day jobs and they also need to support the actual definition of what you're going to do within a system and be part of the testing during the implementation and all of that. You know, for rolling out kind of new systems and new technology all the time, it also makes it hard for people to focus and do what they need to do. So, there's definitely a balance there, but I think there's definitely a very compelling kind of use case for using AI across the board. AI really helps you with leveraging the data that you have as long as you do it right. It's also a matter of being able to demonstrate how are you using those AI modules and getting some of that transparency across to the regulators as well. So you need to have the confidence and need to be able to demonstrate that it's actually working. And then you can maybe sit back and relax just a little bit and think about the next set of risks.

ERIN DANGLER: about the next set of risks. Sit back, relax, and think about the next problems. Right? And that's the rate of change that we're going at. So thinking toward the future with new emerging risks, every five minutes, how should firms take steps towards adopting these new technologies? I mean, if they're still in legacy systems, what would you tell them?

NIV BODOR: Definitely prioritize. And the prioritization should be done from a risk standpoint, as well as from an efficiency standpoint, right? So where are you going to get the most for your buck? Whether it's by allowing you to reduce headcount as well as by reducing risks. So you need to think in terms of your operation, but you also need to work with the business in order to identify those risk areas and be able to prioritize those deployments. I think what's also very important is it's just a kind of utilizing some of the areas that could be low hanging fruit. If you have data that can support a certain use case, go ahead and do that and kind of push the next one after you get the necessary data. So don't, don't try to rush something because it was a high priority if you can't actually do it right.

KYLE GARDNER: You know, as I, as I look at adoption of new technology. As I look at really also analyzing a firm's risk and where you want to focus, there's a couple of things I would point out that are right along those lines. I would say, number one, don't let failure stop you and your adoption of this new technology or in your path of changing. Now, you also don't want to have a two- year project and realize that you failed right at the end. You look at a lot of the development changes from a waterfall type project to an agile. And I feel like some of these adoptions and new technology have to follow that agile methodology. So break into small chunks, realize some gains upfront. If you fail at some point, pull back, analyze react, but continue to push forward in your strategy. You know what I also think, really, you do have to invest in some expertise. These are new technologies. I also think that you need to open up some of these positions for employees to grow as well, because a lot of your employees know where some of your underlying risk are. They know some of the trends of your data, so help some of those employees maybe grow into those roles. And then the third thing I would say, as, as, as you look at these strategies, it really has to be a collaborative effort throughout the firm where we have seen it work best is where the compliance team partners with everyone, from the executive down to the teller, so that they're really pulling a holistic approach and a holistic view from the firm taking into consideration all of the data and everything that's available. So I think really pulling everyone together and making sure that those objectives and those priorities are aligned is absolutely key.

NIV BODOR: Yeah, and look, it's definitely a journey and the regulators recognize that. As long as you have an actual plan in place and you have kind of steps by steps that you can budget and you can actually execute on as well as potentially some temporary measures to mitigate the risk, you should be okay. And then it is very important to just make sure that you have some early successes and just build on those successes and also not, not to go too big right away. Don't plan huge, huge implementation projects, but try to, as Kyle said, break it to chunks you can actually handle and that you can actually execute on and be successful with.

ERIN DANGLER: I mean, really, you're talking about having goals and baby steps and innovating and collaborating as things evolve. So any last remarks as we wrap up this conversation? I mean, where do you see the industry going as far as technology in the next five years? Do you see everything being cloud-based? You know, are we still going to need a brick and mortar? We still going to need to meet in person to, to underwrite companies.

KYLE GARDNER: That's an interesting question Erin. Me personally, I think COVID has been a catalyst for change. The change has been pretty impressive to watch. I think a lot of that change is here to stay. And a lot of the efficiencies that is brought are here to stay. I think we will engage in some of those businesses normal task. But I would, I would say, you know, in general, my, my closing remark is, you know, financial services as a tight-knit industry. I think everyone that works in it has a vested interest in maintaining integrity and financial services. So we've talked a lot about firms, how they work together internally with a firm, how they partner with maybe some service providers. There's also a wealth of information throughout financial services colleagues at other firms and other groups, don't be afraid to reach out. I've found that financial services is very collaborative and the risk and compliance space. And, and as a community, we're probably better off to succeed than as people just trying to do some of these things on their own.

NIV BODOR: Yeah, I think you've hit it on the head, Kyle I agree, compliance and supervision that this industry is very collaborative. People tend to be, and actually aspire to be kind of in the middle of the pack, but you also have some of those early adopters. And hopefully if they're successful in some of these areas, then you see kind of the, the other banks adopting or following their footsteps and kind of going through some of the same implementations and the adoptions of new technology. I think that it's okay to be in the middle of the pack, but from a financial institution standpoint, you always have to be aware of your risks. Don't try to do the minimum. Don't focus just on the language of the regulation. But make sure that you're working with the business and that there's a clear understanding, and it also goes to the top of where your risks are and how you're mitigating those risks. And if that's your starting point and your analysis and prioritization and budgeting is based on that. You'll do well.

ERIN DANGLER: Niv Bodor is senior manager of advisory technology risk at Deloitte, and Kyle Gardner is senior vice president and group executive at FIS Compliance Suite. That's it for today's show. Thanks for joining us for the season six finale of financial futures, a production of Lower Street Media in collaboration with FIS. This season has been produced and edited by Ryan Sutton. Alex Bennett is our audio editor and sound designer. And I'm your host. Erin Dangler stay tuned. Season seven is coming soon. .