As strange as it might seem, the end of the pandemic’s direct effect on economies appears to be coming to an end. However, its indirect impacts will continue to affect society for the foreseeable future, and the space of risk management is no exception to this. Since last March, financial institutions and corporations have needed to adapt the existing risk frameworks to navigate what can only be described as one of the most uncertain periods in modern history.

Help Net Security studied the responses of 300 senior banking executives across 24 countries, along with performing interviews with a collection of chief risk officers. Using these results, they investigated the influence of the pandemic in various areas of risk management, coming to several different conclusions about what the future holds. They also compared what separates risk management “leaders” from those who have a less mature approach in the risk management space.

The Transformative Effects of the Pandemic on Risk

According to Help Net Security, the effect of COVID-19 on risk management and modeling is “more influential than regulatory requirements,” in that the pandemic is the top factor impacting the financial institution’s approach toward their risk modeling approach. For many, the pandemic served as sort of a wake-up call to push for overall modernization of their risk modeling capabilities, with many accelerating their plans to push toward the cutting edge of enterprise risk management.

With that in mind, the question becomes “what does this modernization look like?” For executives, this improvement takes the form of enhancing cloud-based presence and investing in better data analytics tools, but for others, it’s more of “how can we automate more of our risk management activities?” As I’ve talked about a few times in my blogs, just because something is new and exciting does not mean diving in headfirst is the right play. Consider the topics of artificial intelligence and machine learning in risk modeling. Yes, they provide the ability to automate, but their proclivity to change to become more “accurate” in their perspective introduces a whole new set of uncertainty and model-based risk. A compliance and governance team is necessary for these automated environments to ensure they don’t lose accuracy or precision.

On top of all of those is a more general change in the perspective of organizations that have dedicated risk management teams. Many such groups have now realized that “siloing” risk is dangerous; that is, risk management efforts in larger organizations fail due to a lack of shared insights between different business areas. This particular issue became clearer in a remote environment, where watercooler talk and in-person meetings became a distant memory. The silo effect became worse, with many smaller risks actualizing in different business areas. Individually, these actualized risks were not a big deal, but they can add up together to draw the attention of “regulatory authorities or the media… resulting in major brand damage or financial penalties.”

Benefitting from Being a Risk Leader

The next part of Help Net Security’s study is focused on what they define as “risk management leaders,” or “the 20 percent [of survey respondents] who had a more mature approach to risk management.” This essentially equates to those who have already seen “long-term benefits” from investments into the space of risk modeling and forecasting. These benefits have taken all sorts of different approaches, but these are the four they discussed:

• • • • • 73% of leaders believe their modeling processes offer a competitive edge
        • 37% of leaders describe their business forecast accuracy as “very high”
        • 44% of leaders have forecasts that can look “three or more years ahead”
        • 78% of leaders integrated regulatory risk stress testing with general business planning

It should be mentioned that in a lot of cases, the forecasts represent a certain idealized version of reality where many uncertainty factors—the pandemic among them—don’t exist. After all, much like weather forecasting, there are always unforeseen circumstances that change the overall landscape of the climate.

You might be asking, “what metrics can help me become a risk management leader?” Longitude, which was part of the survey process, defines risk leaders as “having more automated risk modeling and more advanced risk management capabilities.” These capabilities include everything from automation and analytics to balance sheet management. In short, the more you automate and analyze, the closer you come to a risk management leader.

Unsiloing and Transforming Risk Management

Much like remote work in the time of COVID, the future of financial risk management leads to be in digitization. Automating, modernizing, and standardizing into what many consider as “future technology” is crucial to the forward movement of the field. Truly, much of what I’ve talked about today isn’t even “future tech” even more: it’s the present tech that’s already driving us.

Taking all of these steps at once, however, isn’t recommended. A large-scale transformation of risk management activities can make the overall uncertainty surrounding the changes much sharper and fiscally dangerous. That’s not to say you can’t have an end goal of big changes, but those changes should be hedged in smaller action steps that are more accomplishable in the short term. Ensuring that all the changes along the way are appropriately compliant and monitored by your governance teams is critical for regulatory verification and validation.

For Treasury & Risk, the answer to progression in the space of risk management is to bridge the gap between business professionals, who they describe as “accept[ing] an unhealthy risk appetite,” and risk professionals, who they describe as “developing an unhealthy focus on risk prevention.” This risk prevention exists in opposition to a larger dose of risk mitigation. Risk prevention isn’t bad, but the two areas need to come together to share a perspective and synchronize objectives. Without that synchronization, different business areas will continue to silo and operate in opposition with one another. This opposition makes more uncertainty, even within an institution.

In her book, Thinkingaire: 100 Game-Changing Digital Mindsets to Compete for the Future, Pearl Zhu says that “Silos will continue to be inevitable as long as the rewards for collaboration are outweighed by the rewards for competition.” The pandemic showed us that collaboration, at least in financial risk management and the businesses that utilize it, has greater rewards than the rewards for competing within the institution. To move us forward into a more comprehensive risk modeling and management space, we all need to take a lesson from Vanilla Ice’s classic “Ice Ice Baby,” and “stop, collaborate, and listen.”