Ryan Davis (Associate Partner) and Thibault Thomas (Senior Manager) at Avantage Reply Luxembourg. (Photo: Avantage Reply Luxembourg)

Ryan Davis (Associate Partner) and Thibault Thomas (Senior Manager) at Avantage Reply Luxembourg. (Photo: Avantage Reply Luxembourg)

If the last decade has shown us anything, it is that risk is and always will be an inherent part of life. Whether it be a sovereign debt crisis which has knock-on effects on global liquidity or a global pandemic which effectively shuts down a large part of the economy for a prolonged period, history has shown us that no matter how well prepared we are, we will never be able to fully mitigate risk exposure. So what can and should financial institutions do to remain robust in the face of such uncertainty?

An analysis of the results of the recent Avantage Reply CRO survey led by Avantage Reply UK Manager Brain Momoh finds that there are five key implications for financial institutions from recent risk trends.

1. Improve modelling of established risk types (e.g., Credit, Market, Treasury, etc.)

Despite the rise of modern technologies and the identification of “emerging” risk types (e.g. ESG, climate, IT risk etc.), improvements in the modelling and forecasting of the more “traditional” risk types should not be forgotten. In a recent CRO survey (Avantage Reply – 2021), only 20% of CROs admitted to their firms having advanced scenario testing capabilities. This is unsustainable in a world where growing complexity, constantly evolving regulation and ever higher stakeholder expectations requires financial institutions to have robust risk forecasting and scenario planning processes.

2. Invest in tackling cyber security risk

As the financial services industry becomes more digital, the threat of cyber breaches becomes more and more prevalent. The Covid-19 pandemic dramatically changed customer and criminal attitudes, requiring IT departments to act with agility. It is inevitable that this phenomenon should lead to increased budgetary needs for IT and IT risk functions, however we have continued to see underinvestment in these areas. Not to mention the fact that as more and more financial institutions adopt cloud computing, European regulators are increasingly focusing on cyber resilience and the need to address the threats arising from the digitalisation of the financial sector.

3. Focus on Environmental, Social and Governance (ESG) Risk

The requirements on financial institutions across Europe for a sound and robust sustainability risk management process are expected to become more and more stringent in the upcoming years. Already, we have seen a significant focus on these areas from European regulators. In Luxembourg, significant institutions are subject to the ECB’s “Guide on climate-related and environmental risks” while less significant institutions are grappling with the implementation of circular 21/773 on the management of climate-related and environmental risks. The ECB is also currently running its inaugural climate stress test process with significant institutions, which figures to be an important element of future supervisory review and evaluation processes (SREP) for European banking institutions.

4. Embrace ML/AI/Emerging Tech

The disruptive role played by the progress of engineering and technological growth needs no introduction. What were once prohibitively expensive technologies are now becoming more and more attainable. This means that using technology to support in areas such as active risk detection and monitoring, regulatory compliance and business insight generation and analytics is no longer a luxury afforded to only the largest institutions and early adopters - rather it is a crucial element to maintaining competitive advantage. Earlier effects of this trend have resulted in cloud-based firms gaining significant advantages from cost-efficient data storage and processors, partly explaining the rationale for the current rush to adopt cloud-based computing.

5. Don’t forget Non-Financial Risks (NFR)

Those pesky “difficult to quantify” NFR types are clearly challenging for risk managers but remain important and should not be forgotten. This was especially evident during the Covid-19 pandemic, which exposed a real weakness in the ability of institutions to take stock of potential vulnerabilities to operational resilience. The Avantage Reply CRO survey found that 34% of respondents do not believe that they have sufficiently identified the key vulnerabilities within their most important business services. This is likely to mean that NFR types, like third party risk management and reputational risk, will remain topical for years to come.

What’s next?

The pressures on risk management functions to do more with less are ever-increasing. However, we remain optimistic about the existing opportunities for those firms willing to actively embrace the implications from the risk trends described above. We believe that those organisations that prioritise taking proactive measures in response these trends are those that will reap significant benefits and competitive advantages well into the future.

Read the full article from Brain Momoh