Skip to main content

Remote Working: Mitigating Risks, Improving Productivity

 Business as usual for organizations the world over has been marred by these extraordinary times. An unprecedented crisis, the COVID-19 pandemic has divided our timeline into pre and post COVID eras.

 Some of the business practices that have been prevalent until now may cease to exist or get an upgrade in the post COVID times.

Business Continuity Planning: A Change in Approach

Ever since 9/11, business continuity planning (BCP) has been an integral part of businesses across industries, especially in the banking and financial services sector. Split or multi-site processing, hot-warm-cold sites, work transfer, and staff transfer were some of the recovery strategies put in place to handle exigencies on ‘off’ days. 

Although tested periodically for operational effectiveness, these strategies could not replicate the surprise – in fact, shock – element of real-world contingencies.

After having delivered effective results for more than a decade, some events of significant proportions in the last decade, have exposed the vulnerabilities of this approach. The learnings from these events led to the following improvements being incorporated into the recovery strategies:

⦁ Shift from work transfer to a distributed work transfer model, either by way of equal split processing or cross–trained resources

⦁ Staff transfer as the starting point of recovery strategy for critical processes was declared no-go

However, the current situation proves that these strategies – once considered best in class – are rendered ineffective in the case of a global disruption event.

The enhancements to the business continuity planning approach in the post-COVID period – to make it more agile – could be:

⦁ The pandemic or epidemic and global outage sections in the BCP documentation will have to be treated as realistic scenarios; should include workable contingency strategies to address such eventualities 

⦁ Well thought-through strategies for remote working models

⦁ Real-time testing of all strategies – work transfer, staff transfer, global outage, remote working, and so on

⦁ Shift from planned testing exercises to surprise, real-time testing practices; stress testing of proposed recovery strategies

Remote Working: A Paradigm Shift

The present situation has demonstrated that remote working is not just a fad, but here to stay in the long run.

 Over time, working productively without physically stepping into office premises will become a part of employment contracts and HR policies.

The banking and financial services industry is highly regulated, with immense scrutiny across all areas – be it data privacy, information security, transaction processing, reporting, or even simple query resolution.

 It is therefore a given that remote working would pose a whole lot of risks – financial, regulatory, and operational. Let us look at some of the key risks arising out of this new way of working:

⦁ People risks 

⦁ Theft of proprietary data or sensitive information such as financial as well as personal or demographic details which can help perpetrate fraud or even be sold illegally for non-monetary benefits

⦁ Low productivity

⦁ Errors due to distractions at the place of work

⦁ Fraud risk

⦁ Misrepresentation of data in management reports and dashboards

⦁ Technology risks

⦁ Systems not updated with the requisite antivirus and operating system patches, making them vulnerable to cyberattacks and prone to crashing

Human beings are regarded as the weakest link in the controls landscape, hence it may be assumed that an increase in human touchpoints will increase the risk of control failure. 

For controls to provide reasonable assurance that risks would be mitigated, they should be technology driven and free of human intervention.

 The strongest and simplest form of control is the perception of being found out – if individuals know that their actions would not go undetected, they would not bypass procedures. 

We see cognitive technologies emerging as strong levers to build controls for remote working models. For instance, people risks can be mitigated through AI based detection tools (such as retinal scanning, thermal imaging, heat signature profiling, background imaging at periodic intervals to detect the number of heads in the work area, and geofencing technology to disable mobile devices or cameras within a certain perimeter), keystroke level productivity tracking tool, and soft controls (for instance, signed acknowledgements and NDA forms, daily connects, training and refreshers, and so on). 

Process risks can be mitigated by restricting access to data using privacy screen guards on machines, reducing exposure through encryption, dynamic masking, truncation, tokenization, and pseudonymization.

 Organizations can also implement transaction level controls (such as access to one transaction at a time, no access to old data or processed transactions, transaction page timeout after a specific time, and enhanced segregation of duties) and automate the input feed for MIS and reports. In addition, enabling patch and antivirus updates over open internet would help address technology risks.

A single act of negligence or non-compliance can cause a lot of damage to financial institutions, and their customers. 

Organizations that implement adaptable and resilient business models and build robust digital ecosystems to ensure the well-being of their employees as well as customers will emerge as leaders in the post COVID era.

Comments

Popular posts from this blog

Social Responsibililty

                                                                        SOCIAL RESPONSIBILITY Social Responsiblity   is an ethical framework and suggests that an entity, be it an organization or individual, has an obligation to act for the benefit of society at large.  Social responsibility  is a duty every individual has to perform so as to maintain a balance between the economy and the ecosystems.  4 Types of Social Responsibility Corporate Environmental Responsibility. ... Corporate Human Rights Responsibility. ... Corporate Philanthropic Responsibility. ... Corporate Economic Responsibility. Some of the common Responsibility for example given below: Reducing carbon footprints. Improving labor policies. Participating in fair trade. Charitable givin...

Online Education

ONLINE EDUCATION Online education is a flexible instructional delivery system that encompasses any kind of learning that takes place via the  Internet . Online learning gives educators an opportunity to reach students who may not be able to enroll in a traditional classroom course and supports students who need to work on their own schedule and at their own pace. The quantity of distance learning and online degrees in most disciplines is large and increasing rapidly. Schools and institutions that offer online learning are also increasing in number. Students pursuing degrees via the online approach must be selective to ensure that their coursework is done through a respected and credentialed institution. POSITIVE AND NEGATIVE EFFECTS OF LEARNING ONLINE Online education offers many positive benefits since students: have flexibility in taking classes and working at their own pace and time face no commuting or parking hassles learn to become responsible for their own education with in...

COVID-19 Drives Insurers to Revisit Actuarial Models

The COVID-19 pandemic has taken a huge toll on people and economies alike.  Governments and central banks worldwide have introduced a slew of fiscal measures to infuse liquidity and stability in the market.  However, in spite of these measures, the financial markets are expected to remain highly volatile for a significant duration, likely to worsen further due to lowering of interest rates and increasing credit spread gaps as well as risk of mortgage defaults.  Insurers therefore need to assess the impact on their solvency margins and IRRs, and re-assess the assumptions around mortality and morbidity rates, operational and financial costs, claims and losses, and so on.   Actuaries must review existing strategies and products and construct new ones to handle evolving risks and their interactions to be able to better model assets and liabilities as well as analyze asset and capital adequacies Moreover, insurers will have to perform strong scenario testing to identify k...