New risks irk as efforts intensify

As financial institutions generally intensify their efforts to manage traditional types of risk, newer categories of risk present yet more challenges, according to a recent global risk management survey by Deloitte & Touche LLP.

Of particular concern, regarding newer forms of risk, are the management of models, third parties, and data integrity, as well as heightened risk caused by geopolitical developments, according to the survey report.

In the meantime, better, more nimble, and speedier technologies may help address regulatory and compliance requirements that add to risk—while also complementing intensified business management imperatives.

“Boards of directors are devoting more time and taking a more active role in the oversight of risk management,” Edward Hida, risk and capital management leader, Financial Services, for Deloitte, wrote in the forward to the survey report.

This has been accompanied by an institutionalization of risk management, at least in larger organizations.

“The chief risk officer position has become almost universal, and CROs are increasingly reporting directly to the board of directors and the chief executive officer,” wrote Hida. “Enterprise risk management programs designed to identify and manage risks across the enterprise are now the norm. Almost all respondents consider their institution to be effective in managing traditional risk types such as credit, market, and liquidity risk.”

The survey solicited responses from 77 global financial institutions.

Will this year reverse the trend?

Looking forward, however, Hida notes that 2017 may bring about “an inflection point” regarding risk management concerns and practices.

“The trend of ever-broader and more stringent regulatory requirements may slow or actually be reversed in some areas,” he says in the survey’s forward.

Generally classified as geopolitical risks—due to their uncertainties—they include these developments: the Federal Reserve’s elimination of qualitative review of capital plans and stress testing for large, noncomplex firms; the resistance of some European regulators and institutions to establish Basel IV capital floor proposals; and U.S. federal government’s announcements regarding reviewing and potentially cutting back on Dodd-Frank Act requirements.

“There is also far more uncertainty than usual over the outlook for economic growth given the United Kingdom’s referendum to leave the European Union; the rise of populist parties in France, Italy, and other European countries that oppose membership in the European Union; and President Trump’s decision to withdraw from the Trans-Pacific Partnership and his pledge to renegotiate trade agreements with China and Mexico,” wrote Hida.

Hida added that the ultimate impact of these developments is a toss-up.

“While all of these developments could depress growth, there is also the potential for increased business activity,” Hida wrote. This judgment is based on President Trump’s proposals during the campaign to reduce taxes, launch a major infrastructure investment, and cut regulations. All of these are works in progress.

Digging into uncertain mix

In an interview with Banking Exchange, Hida said that “geopolitical risks in many cases increase uncertainty in the environment. To manage uncertainty it’s helpful to have the capabilities that are more nimble, quicker, and able to do ʻwhat-if’ analyses.”

Hida saw some potential benefit for financial institutions from trade activity, perhaps from trade agreements.

“Trade activity may give rise to the need for financing. It also could give rise to regulatory change from different political views. Regulatory change has been driving a lot of the requirements for risk management,” said Hida.

Hida believes that the ability to have nimble systems, more timely information, and speed throughout the process “is a good way to help manage that.”

Many see risk spending growing

According to the report, while the financial services industry is under pressure to reduce costs as a whole, 44% of respondents expected their institution’s annual spending on risk management to increase by 10% or more over the next two years. This includes, from the group, 13% who expected an increase of more than 25%. These figures represent an increase from 2014’s survey, when 37% of respondents expected an increase of 10% or more and 9% expected an increase of 25% or more.

“I suspect that part of these budgets are being redirected to invest in new, emerging technologies,” says Hida in a general comment on the survey. “Along with technologies like robotic process automation, an emerging trend is for institutions to leverage technologies like cognitive and advanced analytics techniques to identify behavior patterns and predictive analytics to identify emerging risks.”

Roughly half of survey respondents were either extremely or very concerned about several issues related to IT systems. These included legacy systems and antiquated architecture or end-of-life systems (51%); inability to respond to time-sensitive and ad-hoc requests (49%); lack of flexibility to extend the current systems (48%); and lack of integration among systems (44%).

Can technology help meet challenges?

Robotic process automation might be used for risk management in processes such as credit rating and scoring, Hida said in the interview. Cognitive technologies could have applications in risk management such as monitoring patterns of behavior to identify where certain transactions or activities by individuals might be more risky than usual, warranting a second look by management.

Risk management technologies, the so-called “regtech,” might offer crossover benefits to technologies used to further a financial institution’s business strategy and associated practices.

Hida explained this as follows: “From a risk standpoint, one thing that’s important to tie into strategic planning is what’s called ‘risk appetite.’ It sets the boundaries for risk management, and, related to that, the actual limits that are to be used to monitor the risk. If the strategic plan is consistent with risk appetite, and the risk limits then cascade off of that and are consistent, then the overall approach that is being used on the business side and the risk side should be in concert with each other.”

As part of fintech morphs into regtech, the overarching imperatives are to do everything quicker and more accurately, Hida agrees.

“The world we’re living in is more volatile. Nimbleness and speed is more important than ever before. Technology provides a great enabler for that,” he says.

Read more about Deloitte Global Risk Management Survey, tenth edition