The external risk environment continues to become ever more complex. In the past decade alone, risk managers at financial services firms have had to contend with waves of comprehensive new regulation resulting from the financial crisis, confront increasingly sophisticated fraud and financial crime schemes, and grapple with the threat of business-crippling cyber-attacks – all while managing traditional financial and operational risks.
The pace of change shows no signs of slowing down, with technology evolving faster than risk managers’ ability to keep up. In our new study of nearly 700 risk management executives in the global banking, insurance and capital markets sectors, we found that nearly three-fourths (72%) of respondents confirmed that complex, interconnected and ever-changing new risks are emerging more rapidly than ever before.
To address on-going challenges to the bottom line and remain competitive against new entrants and the changing shape of customer needs, the financial services industry is rapidly embracing new technologies, to increase their effectiveness and be ever more connected and agile in how they operate.
This is a challenge for risk managers, as often they do not have the full complement of skills to assess the implementation and adoption of these technologies – including robotic process automation (RPA), artificial intelligence (AI) and machine learning (ML). As a result, risk professionals are increasingly concerned about the potential unintended consequences of their adoption across the organization.
In our study, only 11% of risk managers described themselves as fully capable of assessing the risks associated with adopting AI across their organizations, and even fewer said they are fully capable of assessing the risks associated with RPA or blockchain (9% and 5%, respectively).
That said, our research found that risk professionals acknowledge the need to increase their own skills in order to be better positioned to evaluate the adoption of new technologies. And one aspect is by making better use of the same technologies in identifying and managing new types of risk.
This includes embracing new technologies and data and analytics. While technologies such as AI and natural language processing can present risks across organizations, we found a strong correlation between the deployment of these technologies and robust readiness within the risk function itself.
For example, 73% of respondents whose risk functions use machine learning are satisfied with their progress over the past two years in preparing their business for volatile future scenarios, while only 45% of those whose functions don’t use machine learning or advanced analytics are similarly satisfied. Unfortunately, however, only 10% of respondents said they use machine learning for analyzing data sets, and only 40% use advanced analytics.
Risk functions’ ability to make better use of technologies, such as advanced analytics, is often constrained by data challenges within the organization. An effective risk function needs to be armed with the right data to anticipate, assess and ultimately mitigate emerging threats. Our study revealed several challenges that are hindering risk functions ability to make use of data, including data residing in silos, lack of clarity regarding regulation, and difficulties integrating data with legacy systems. But, encouragingly, nearly two-thirds (63%) of respondents said they are improving their ability to collect enterprise-wide data, and 66% said they are sharpening their skills in terms of analyzing such data.
While risk managers need to obtain traditional data faster, they also need to draw from new data sources, including marketing and social media, to help respond to threats and add value. Just over a third of respondents said they can now use social media as a data source. With data becoming ever more available and voluminous, the risk function needs more than ever to focus first on the critical threats to the business and then use data effectively to assess and mitigate. Otherwise, the power of data and analytics tools can ultimately become all consuming, without actually improving risk mitigation.
In addition, risk managers must continue to look outside the walls of their own function and improve collaboration with other areas of the business. In our study, only 55% of respondents said they believe that other functions recognize the important role that risk management plays in reaching positive business outcomes.
Increased collaboration will be vital in raising awareness of how risk managers can add value across the organization. There are signs of progress here – for example, risk has improved its collaboration with the finance function, with 75% of respondents saying they have a close working relationship with finance – but there is still a long way to go.
We can expect new threats to proliferate, but new technologies and better use of data can improve risk managers ability to identify and mitigate such risks. With a better handle on emerging risk, these managers will be well-positioned to spot new business opportunities and help create value across the organization.
by Steve Culp on Forbes