Risk is and will always be an inherent part of life
This is especially apparent when life is imagined as a giant inter-web of cause (action), effect (re-action) and ‘risk’ being the deviation from the optimal. I believe thinking of risk in this manner can be liberating as it helps us abandon the labelling of activities and instead, consider the uncertainty of set outcomes. For a risk-taker thinking in these terms strengthens the internal locus of control and helps build a focus on risk controls and management.
The previous paragraph establishes the importance of correctly thinking about risk. However, knowing what risks to consider is equally of immense benefits and, both essential if risks are to be adequately identified and managed. In the following paragraphs, we seek to outline what we consider to be some of the key emerging risks facing financial institutions. I’m reminded by a quote attributed to the late D. Rumsfeld (fmr. US Secretary of defence) “Unknown unknowns—the ones we don’t know we don’t know tends to be the difficult ones”. We hope to shed light on some potential ‘Unknown unknowns’ as we present below some of our top risk trends.
1. Modelling Established Risk (Credit, Market, Treasury etc)
Listing of well-established risk areas may come as a surprise with all of the disruptions from modern tech. However, the need for improvements in the effectiveness of risk modelling is becoming ever more important. Especially, considering unrelenting regulatory pressures, increased focus on ‘risk forecasting’ (following Covid-19 Pandemic) and the need for improved scenario planning. In a recent CRO survey (Avantage Reply – 2021), only c20% of CROs admitted to their firms having advanced scenario testing capabilities. Furthermore, with evolving regulations, multiple audit cycles, compliance and stress scenarios becoming more complex, firms would need to strive harder to keep pace.
2. Cyber Security Risk
The threat of cyber breaches continues to grow. The Covid-19 pandemic has brought about dramatic changes in customer and criminal behaviours, requiring IT departments to act with agility alongside possibly increased budgetary pressures. For firms, investing in this area has never been more critical both in strengthening compliance efficiency and managing customer expectations. Also, rapid cloud adoption alongside the increased speed with which firms will need to innovate would continually raise threat levels for cyber security.
3. Environmental Social Governance (ESG)
Unlike its predecessor, ‘Corporate and Social Responsibility’ (CSR), ESG spans political, social and financial agendas and has some tangibility for financial institutions. Enough so, that regulators in both the UK Prudential Regulatory Authority (PRA) and France Prudential and Resolution Control Authority (ACPR), deem it necessary to introduce a ‘climate risk’ stress testing exercise. We expect this to continue to grow in significance as findings from the Avantage Reply CRO survey showed: “only 35% of respondents have a formal, documented climate change and ESG risk management framework in place”.
4. ML/ AI/ Emerging Tech
The rapid scale and pace of technological growth need no introduction. Moore’s law continues to be proven and it’s potentially at risk of being surpassed. Beyond the effects of Moore’s law, exists a more potent factor known as Wright’s law: ‘forecasts cost decline as a function of cumulative production’. We expect this phenomenon to continue to have a deflationary effect on tech costs leading to wider tech application, and adoption in areas such as: active risk detection & monitoring, regulatory compliance and business insight generation and analytics. Earlier effects of this trend have resulted in firms procuring cost-efficient data storage (larger) and processors (faster). Partly explaining the motivation for the current adoption of cloud-based computing.
5. Non-Financial Risk (NFR)
Curiously, I’ve always found the term NFR a little misleading as every risk type could adversely impact a firms’ balance sheet. Although quantifying the impact is not always a straightforward task. The challenge of quantification and estimation remains both a key challenge and an opportunity. This was especially evident during the Covid-19 pandemic which exposed a real weakness in many firms’ ability to take stock of potential vulnerabilities to Operational Resilience.
When respondents (Avantage Reply CRO survey) were posed the statement: “If interdependencies and vulnerabilities for each important business services resources have been identified”. Roughly 34%, a notably high number, either strongly disagree (~10%) or disagree (~24%). We believe the effects from increased demands and regulatory scrutiny for areas such as Third-Party Risk Management (TPRM), reputational risk and changes to organisational ways of working (WoW) will keep NFR topical for years to come.
Lastly, the pressures for firms to do more with less are ever-increasing. Risk functions are facing demands to cut costs and find efficiency savings. However, we remain optimistic about the existing opportunities. Especially, for firms willing to actively embrace the resulting changes from the above risk trends. Organisations must prioritise the understanding of these trends alongside taking proactive measures for mitigation.
About the Author
Brain Momoh is Manager at Avantage Reply. Brain is a highly qualified, result oriented professional with strong technical background and varied sector exposure. Extensive experience in the successful management and delivery of a diverse range of projects and cross- functional business transitional initiatives in Finance, Regulatory compliance, Risk & IT for various institutions.