The Future of Operational Risk Management: Big Data and AI Impact

Risk management in the banking sector is entering a transformative phase driven by advances in deep learning and big data analytics. Traditional rule-based systems struggle to adapt to the growing complexity, velocity, and volume of operational risk factors, including cyber threats, third-party dependencies, and internal process failures. Emmanuel Okpeahior, a seasoned risk professional with extensive experience managing operational and diverse risk types in the banking industry, offers a firsthand look at the future of operational risk management (ORM). His perspective combines practical insight with forward-looking focus on ethics and artificial intelligence (AI).

Evolution of operational risk management

Technological breakthroughs and data availability continue to transform the relatively new field of operational risk management (ORM), which the Basel III framework defines as “the risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events.” The 2007-2008 financial crisis brought widespread regulatory scrutiny and highlighted the shortcomings of previous risk management models. Since then, ORM has gained increased prominence in banking operations.

Today, the industry is shifting from outdated, manual processes to a more dynamic, data-driven, and automated systems. This evolution begins with the emergence of data analytics and marked the beginning of a new phase, where advanced technologies enable a deeper and more proactive understanding of operational risks.

Big data analytics

By uncovering trends and patterns hidden within large volumes of structured and unstructured information, big data analytics allows organizations to make more informed, data-driven decisions by applying established statistical analysis techniques to robust sets of figures. While big data has been around for decades, recent advances in data collection and storage have dramatically increased the availability of available data. Meanwhile, AI continues to transform analytics by offering real-time anomaly detection, fraud identification, and predictive decision-making, and improving overall efficiency for organizations of all sizes.

Despite these advances, some financial institutions struggle to embrace data-driven risk strategies. A 2023 Salesforce study revealed that while 73% of business leaders agree that data reduces uncertainty and contributes to better decision-making, almost half (41%) of those leaders admit they don’t fully understand the information available to them.

Fortunately, the popularization and proliferation of AI and machine learning (ML) tools are bridging that gap, helping companies harness data more effectively. A relatively simple four-step process underpins successful big data analytics initiatives:

• Collect. The emergence of data warehouses allows organizations to transition seamlessly into an easily accessible, high-tech environment for structured and unstructured data from various sources, ranging from smartphones and mobile apps to cloud-based computing.
• Unstructured data can be particularly challenging, and with the continuous expansion of available data, businesses require high-tech solutions to manage it effectively. Batch processing assesses large data blocks over extended periods, while stream processing enables almost instantaneous analysis of specific, smaller sets.
• “Dirty,” or redundant or irrelevant, data can compromise an entire project. Data cleaning ensures quality by correcting errors and explaining statistical outliers within each dataset.
• Once cleaned, data becomes a powerful decision-making asset. Predictive analytics lets financial institutions anticipate future outcomes based on historical patterns and trends.

These steps form the foundation of data-driven risk management, evidenced by real-world successes in the financial sector.

Real-world examples and practical applications

AI and big data are already generating measurable results in banks’ risk mitigation, fraud detection and prevention, and process automation. With fraudulent transactions surging and the organization’s reputation suffering, RAZE Banking entered a partnership with AI expert RTS Labs to implement a risk-mitigation strategy. The initiative utilized predictive analytics to assess data and identify patterns indicative of fraudulent behavior. ML models continuously monitored activity and flagged potentially troublesome risks before they could inflict damage. It took only three months to observe a demonstrable impact, including a 45% reduction in fraudulent transactions. Regulatory compliance efficiency also increased by 20% due to the new system’s adherence to data protection and consumer privacy standards. Real-time risk analysis reduced the need for manual intervention, streamlining workloads and creating a 30% increase in efficiency.

Larger institutions are seeing similar benefits. For example, JPMorgan faced the monumental task of manually reviewing contracts and legal documents, which consumed hundreds of thousands of employee hours annually and left the corporation vulnerable to human error, misinterpretation, and incomplete analysis. The advent of COIN, a cloud-powered network, enabled efficient processing by identifying repeated clauses in credit contracts to separate those clauses into approximately 150 distinct attributes. COIN reduced contract review time from 360,000 hours per year, roughly the equivalent of 180 full-time employees, to mere seconds. Additionally, JPMorgan can now process more than 12,000 commercial credit agreements annually with a greater accuracy, lower costs, and stronger regulatory compliance and efficiency.

Trends and challenges for the future

As the impact of AI and ML grows, financial institutions face increased complexity in the risk environment. To adjust seamlessly to emerging challenges presented by a diverse set of threats, financial institutions will need to address emerging challenges across three key areas.

Cybersecurity is at the forefront, with an increasing number of ransomware attacks and data breaches. One recent report found that the average cost of a data breach exceeds $6 million per incident. Further exacerbating the issue is the growing impact of state-sponsored threats amid increasing geopolitical unrest. Building resilience through continuous monitoring and comprehensive employee training tops the list of requirements for banking institutions, alongside regular testing of response capabilities.

Regulatory uncertainty and global variation present another challenge for organizations. While some regions are subtly moving toward deregulation, others are tightening restrictions, especially on cryptocurrency and digital transactions. Organizations find themselves straddling a line between agility and strict interpretation to best serve customers and clients globally.

The final area impacting financial institutions involves ethics, bias, and responsible AI use. Ensuring alignment with ethical standards and mitigating unintended biases requires organizations to:

• Establish governance. Appointing an AI ethics officer fosters accountability by developing institution-wide policies and offering a designated resource to resolve any conflicts that may arise.
• Develop and track AI bias detection-related key performance indicators (KPIs). Fairness metrics, such as demographic parity and equal opportunity, can be measured and monitored to quantify any disparities.
• Avoid overreliance on AI without human oversight. Without context or empathy, AI systems are vulnerable to creating the same biased or unethical conundrums humans face. A properly utilized system combines trust in AI with transparency and oversight from well-trained professionals.

Risk management as a strategic advantage

Intelligent automation, integrated governance, proactive approach to emerging risks, and strategic agility define the future of risk management in financial services. Institutions that embrace AI-driven analytics, unify risk and compliance functions, and build resilient, adaptable frameworks will be better equipped to navigate marketplace complexity, respond quickly to emerging threats, capitalize on new opportunities, and sustain a competitive advantage in a rapidly evolving financial ecosystem. Data-driven ORM is not just about reducing risk; it’s about redefining what is possible in modern banking.

Emmanuel Okpeahior is a principal in an international bank and an accomplished risk and banking executive, distinguished by more than two decades of multifaceted experience within the financial services sector. His expertise encompasses operational risk management, corporate and retail banking operations, transaction banking, cash management operations, trade operations, business controls, client services, and regulatory compliance.