Banks worldwide must create more efficient and effective processes if they hope to survive increasing regulatory requirements, according to a report by The Boston Consulting Group (BCG).
Global Risk 2017: Staying the Course in Banking shows that the number of individual regulatory changes has more than tripled since 2011, to an average of 200 revisions per day.
It predicts that regulation will stay at an extensive level, actions by individual jurisdictions will remain the source of most changing requirements, and the influence of regulation on strategic and operational planning will be significant.
BCG risk management global leader, Gerold Grasshoff, said: "The seas of regulatory change have continued to surge worldwide, producing a strong impact on banks' strategic and operational planning efforts.
"Coping with regulation must therefore remain a priority, and the increasing costs of doing so will place substantial pressure on all banks regardless of size or specialty.
"Managing regulatory change will remain at the top of bank risk and steering agendas for the foreseeable future."
The findings in the report derive from the study of more than 300 retail, commercial, and investment banks, that represent more than 80% of all banking assets worldwide.
They reveal that banks globally have paid around $321bn (£262bn) in cumulative financial penalties since the financial crash, with approximately $42bn of fines assessed in 2016 alone.
These were for regulation failings such as money laundering and market manipulation, with US regulators the most active, however fines are expected to increase across the rest of the world in the near future.
The report states: "We expect fines and penalties by regulators in Europe and Asia to rise in coming years.
"As conduct-based regulations evolve, fines and penalties, along with related legal and litigation expenses, will remain a cost of doing business. Managing these costs will continue to be a major task for banks.
"They will have to create a strong non-financial risk framework around the first, second, and third lines of defence - business units, independent risk function, and internal audit - to avoid continued fallout from past behaviour."
It argues that banks must communicate more efficiently with regulators, and adjust their operating models and organisational setups, through harnessing the potential of new technologies, if they want to survive.
"Defining an efficient interaction mode between banks and regulators will be a critical task. In an era of rising regulatory seas, this focus on change management is mandatory, not optional," Grasshoff added.