During a panel discussion of regulators at the RMA’s GCOR conference, a Director from the OCC shared his experience with RPA and Artificial Intelligence platform firms. For TPRM leaders, the remarks shared should serve as a significant warning.
The Director shared automation is a key focus for the OCC. In an effort to become better educated and informed on this important development, the OCC has held multiple meetings with executives of leading RPA technologies. While the sessions have been productive, the Director shared that in his opinion, RPA leaders lack an understanding of the controls and governance activities necessary to satisfy financial institutions regulatory requirements.
What compounds risk exposure for TPRM leaders is the RPA and IA community’s adoption of self-contained Automation Centers of Excellence (CoE) that are accountable for all aspects of automation, including governance. These CoE’s are highly influenced by RPA platform providers and their implementations partners who are technology implementation and maintenance focused. It is likely the CoE’s approach to governance falls short of regulatory requirements and lead to incremental risk exposure.
TPRM leaders must proactively engage their internal automation sponsors, get engaged with the CoE’s and make certain controls and accountability are clearly defined and understood with clear roles and responsibilities. This will risk and automation teams to have a unified and coordinated response when the regulators come calling.