Managing Risk in Turbulent Times

The expanded scope of risk management in banking

Chief Risk Officers (CROs) must stay vigilant on current threats and risk issues while also keeping an eye on future risk management trends. Bankers face various threats, and for CROs – when it comes to safeguarding their institution from both traditional risks and emerging challenges – “the buck stops here.”

While the CRO’s traditional focus was on financial risks, such as credit, liquidity, and market risk, they must now provide detailed insights into various non-financial risks, including cyber, culture, talent, geopolitical, climate change in large institutions, reputation, digitization, regulation … the list goes on, with an increasing sense of urgency.

Climate risk must be addressed

The effects of climate change are all around us, and now regulators globally are driving companies to move from voluntary to mandatory climate disclosures.
This means that businesses are now required to provide more detailed reports on their operations. For instance, they must disclose their greenhouse gas emissions, how they manage climate-related risks, the financial implications of climate change for their operations, and its effect on their strategy and future plans.

Climate risks are distinct from traditional ones, and bank regulators will expect detailed plans, particularly from institutions situated in areas vulnerable to increasingly common weather extremes. These risks are new territory for most organizations, as they haven't previously had to manage or assess them.

Anticipating customers’ expectations and risk impact

Bank customers’ ability to quickly move money combined with rapid access to information can turn bank issues into disasters very quickly.

Bank CROs must be involved in an institution’s product strategy and planning. Mitigating risk means being proactive and balancing business objectives with potential risks.

James Roberts, Vice President of Enterprise Risk at FIS observed, "Bank risk managers must stay in front of what the bank's consumer customers value and what they might demand next. Sound risk management is a collaborative, anticipative activity within an organization." 

New technologies create an array of risk from cryptocurrency to foreign cyber-attacks. Technology advances also present new forms of traditional fraud, such as permutations in check fraud as described in this recent article, Fraud Losses Continue to Rise.

Key traits for today’s bank CRO

According to a recent paper from Ernst & Young, “The breadth of risks CROs must contend with today extend to areas that are rapidly changing, from climate-change risk to the obscure risks associated with cryptocurrencies. In many cases, greater data and analytics talent will be needed to successfully navigate these looming challenges, as well as others.”

Beyond a data analytics mindset, these other skills are critical for the successful bank CRO:

Flexibility – The ability to rapidly adapt and lead a financial institution through an unanticipated threat is vital in risk management today.

A global perspective – Even though regional banks may not have the international scope of larger, more complex institutions, threats from a wide range of international criminals require vigilance and understanding. Unfortunately, your bank may even need policies to address challenges such as paying ransomware.

Willingness to collaborate – No CRO can operate as an island. The technology and other functional areas must work closely and strategically with a bank’s Risk Management staff. Although a bank’s Information Security function may be outside of Risk Management, that team must be in lockstep with their partners in Risk.

Ability to cultivate partnerships – A bank’s third-party technology partners are integral teammates in mitigating risk. Bank regulators will want to understand how key vendor relationships are managed and how closely information is shared.

Being a consistent and constant educator – As a consistent and dedicated educator, the CRO plays a key role in promoting awareness of risk management and best practices. This involves regularly educating and training bank staff on how to identify risks and implement mitigation plans. People are the first line of defense in addressing a variety of banking risks.

Seeking knowledge from peers – Bank CROs must keep up to date with emerging risks in the financial services sector. They should attend conferences both within and outside their industry, as well as engage in professional organizations that share the latest best practices in risk management.

Lead from the front

The drive for more immersive experiences is gaining momentum in the banking sector. With the rapid evolution of technologies like AI, the bank’s CRO must be at the forefront of any strategic initiative within their financial institution.