This is an excerpt from The Future of Risk Management and Compliance 2023 report.
Innovation and preservation
In the era of digital transformation, there are an endless number of innovations taking place for risk management among all levels of financial institutions. Lurking in the shadowy corners of cyberspace, new threats arise for increasingly digital customers
and businesses. As a beacon of light against these cyber-fiends, financial institutions and regulatory authorities are enforcing enhanced protective measures; a freshly forged armor in the form of innovative technology to combat wily online crooks.
Reciprocity reported that AI has been used to identify a number of risk factors for banks and fintechs through comprehensive data analysis, threat analysis, and fraud prevention. AI procedures can see patterns the high risk cases that were previously unknown,
allowing financial institutions to predict where threats will emerge and act preventatively rather than after the fact.
Luke Scanlon, head of fintech proposition at global law firm Pinsent Masons, comments on the impact of AI and behavioural science technology on risk management: “Synthetic data can be used to test risk scenarios, including severe but plausible ones that
would not be possible if only real-world data were relied upon. New forms of data also enable financial institutions to develop new approaches to risk management without the amount of limitations which privacy and third party contractual requirements place
on the use of personal and commercially-restricted data.”
Scanlon references how data management has evolved in risk management systems and how machine learning can be combined with synthetic data in their approach to reducing risk. AI technology is pointing financial organisations to new ways in which they can
adopt risk-reducing strategies, such as automation controls and real-time responses.
On how AI and machine learning is transforming risk management practices, Tim Wright, partner, sourcing and commercial lawyer at Fladgate, cites that big data analytics is evolving the data analysis process and gaining greater understanding of risks which
leads to accurate risk assessments, and AI is implemented in predictive modelling that allows financial institutions to identify risk. These examples indicate that the advent of AI and data analysis technologies are allowing companies to formulate preventative
and predictive risk management methods rather than dealing with the aftermath.
Beyond monitoring capabilities, AI chatbots are able to advise consumers on investments and prevent risks that are personal to their accounts. Whereas previously banks were conscious of bias in advise provided by employees, as stated by McKinsey, automated
chatbots can be programmed to remove bias and are also consistently learning and becoming more personalised to the consumer as they absorb more data.
The use of behavioural science is already in play, according to a report by Deloitte, which outlined that Fujitsu collated data from a study surveying 2,000 Japanese users and consulted psychology experts to develop a platform that determines which workers
are most vulnerable to cyberattacks and how they can avoid them.
Vall Herard of Saifr states that financial institutions are employing AI models to help mitigate a wide range of risks. “Cyber risk and its impact on business disruptions is just one area where AI is having a significant impact. From automatic security systems
for threat detection, to log management and data mining, to NLP systems designed to better detect fraud; AI is making a big impact in helping companies minimise risks to the balance sheet,” Herard says. “Even in the area of global terrorism, AI is having a
positive impact in combating the use of the financial system for terrorist financing.”
Scanlon mentions that financial institutions refer back to both internal controls and external third parties in their risk management to safeguard against a volley of possible threats such as cyberattacks, climate change, geopolitical risks, terrorism, and
business disruptions.
As underlined by Herard and Scanlon, AI is being implemented on a wider range of risk factors that are currently emerging in the financial sector. Financial institutions are looking for innovative approaches to combat higher level threats, and AI technology
could be the solution to multiple issues facing the sector.
Herard remarks that in the advent of digitalisation and new technologies, the amount of multi-dimensional threats increases.
Wright lists three ways in which financial institutions are combatting new risks: “By adopting robust cybersecurity measures including firewalls, intrusion detection systems and encryption, and conducting regular security audits and penetration testing to
identify and address potential vulnerabilities; putting in place comprehensive business continuity plans enabling a quick and effective response to disruptive events such as natural disasters, cyberattacks and or geopolitical upheavals; and assessing, and
then mitigating, the potential impacts of climate change though steps such as diversifying portfolios, investing in renewable energy, and developing strategies to adapt to changing conditions.”
The influx of digital transformation and online transactions has accelerated the need for AI and real-time responses, but also requires financial firms to think of new solutions to protect their data and their consumers from emerging online risks. These
three methods cover a wide range of risk factors and indicate that risk compliance has become a much greater field with a larger scope of threats that financial institutions are responsible for. To hold fort against new forces, combining risk data, behavioural
science, and AI within risk protocols will bridge new vulnerabilities.
Cloud infrastructure and integration will streamline risk management
Regulatory scrutiny has increased as a direct result of the mass shift of cloud migration that has both enhanced yet disrupted the fintech space. Cloud integration has streamlined risk management by making platforms capable of responding to threats in real-time
and building preventative methods to reduce threat. However, cloud migration also opens up online spaces that makes financial firms vulnerable to new risks.
Scanlon notes that cloud migration is impacting the ethical sustainability and spectrum of risk in supply chains. He states that the availability of the cloud causes more opportunities for threat to the supply chain.
A whitepaper by PWC found that the application of cloud strategies in risk management have been beneficial to financial services companies by replacing dated legacy infrastructure. Using cloud services, risk assessments have an enhanced accuracy and assist
financial institutions in building a roadmap for future assessments and solutions.
Transference of data to the cloud has allowed financial institutions to become more agile and scale up. Herard remarks: “To detect risks, you must connect all the dots. That means having fast access to aggregated structured and unstructured data. Migration
to the cloud has made it easier to aggregate vast amounts of both kinds of data and run the necessary analytics to connect these dots. Cloud migration also makes it much easier and cost effective to scale vertically or horizontally to help connect the dots
faster. The result is more reliable systems with fewer false positive alerts at a lower cost of ownership. This leads to faster and better decisions.”
While cloud migration makes it easier for companies to adapt to new technologies and expand their reach, the volume of cloud applications and approaches can makes the transition difficult. The intersections of regulatory requirements and multiple cloud strategies
can lead to complications along with benefits. Looking forward, financial constitutions need to balance various cloud approaches with regulatory and more cost-effective needs.