Strukturierte Umsetzung von Regulatorik durch Geschäftsprozessmanagement im Bankensektor

Abstract

The banking sector has been facing increasing regulatory pressure for several years. Requirements such as the Capital Requirements Regulation (CRR), the General Data Protection Regulation (GDPR), the Markets in Financial Instruments Directive II (MiFID II), and national laws such as the Austrian Banking Act (BWG) demand a documented, traceable, and effective implementation within operational workflows. Business Process Management (BPM) provides a structured approach not only to optimize processes but also to ensure systematic regulatory compliance. This thesis examines how BPM must be designed and implemented in regional banks to effectively support the fulfilment of compliance obligations. Building on theoretical foundations—covering process management, the BPM lifecycle, process compliance, and the specifics of the banking industry—a qualitative empirical study was conducted. Experts from regional banks in Upper Austria were interviewed using a semi-structured guide. In addition, selected process models and existing training materials were analysed. The findings show that while BPM formally exists in the institutions examined, there are significant gaps in its practical application. Processes are documented but often not embedded in IT systems, limiting their use in daily operations. There is a lack of systematic training, shared process understanding, and continuous feedback between modelling teams and operational departments. Regulatory requirements are addressed but are not consistently integrated into process models. A comparison with the literature reveals three critical factors for effective BPM: technical integration into existing systems, targeted employee training, and continuous feedback mechanisms. Furthermore, the concept of BPM maturity was introduced. The interviews indicate that many regional banks operate on a low maturity level, especially regarding standardisation, role definition, and strategic alignment. The thesis concludes that BPM should not be viewed solely as an operational tool, but rather as a strategic management instrument linking compliance, efficiency, quality, and customer orientation. Based on the findings, specific recommendations are proposed: improved system integration, more accessible training formats, clearer process ownership, and structured feedback loops. Only through a professionally embedded BPM framework can regulatory requirements in regional banks be sustainably met and effectively implemented in practice.

Date of Award	2025
Original language	German (Austria)
Supervisor	Nicole Scheidleder (Supervisor)