The Deloitte approach to strategically realign risk management in banks
The operating model of banks is under significant pressure to change. This also affects the risk functions. A survey conducted by Deloitte Switzerland in March 2022 found that risk managers are increasingly concerned with the transformation that is occurring. The four key issues of digitalisation, strategic positioning, governance and 3 LoD organisation are potentially far-reaching strategic topics in the risk area. There is an unmistakable trend towards digitalisation in risk management and corporate governance.
Challenges for risk functions at many levels
Significant changes are happening in the external business and economic environment. These in turn affect the risk profiles of financial service providers, not least due to newly emerging risks.
The rapid progress of digitalisation, coupled with a significant increase in cybercrime, calls for a greater focus on cyber and compliance risks. As just one example, changes in their risk management would have been required when J.P. Morgan and Siam Bank opened virtual offices in the Metaverse.
But that is not all. Geopolitical risks add further pressure. In particular, the war in Ukraine is exacerbating macroeconomic uncertainties and banks are required to implement many of the sanctions that have been imposed. Alarmingly, when it comes to managing geopolitical risk, only 42 per cent of banks rate themselves as effective.
In addition, the global economy is struggling to recover in the aftermath of the COVID pandemic. Macroeconomic uncertainty is increasing, and inflationary pressures are mounting. In March, the Federal Department of Economics had to lower its forecast for GDP growth in 2022 from 3% to 2.8%. The Fed is forecasting interest rates in the US to rise to 4.2 per cent by the end of 2023, and ECB came to in its latest survey estimated an increase in interst rates in the Eurozone to 2.4 per cent.
In addition, changes in the operating model of banks require new approaches to risk. The disruption of traditional value chains by new competitors and new products is increasing the pressure on financial service providers to make more extensive use of partnerships and collaboration with third parties. This in turn leads to greater requirements for third-party risk management. There is additional risk in new areas of digitalisation, such as crypto, blockchain and digital assets. Around 86 per cent of financial services companies state that AI and analytics are critical to their business success. While this creates new opportunities for transforming operating models, it also creates new risks.
The risk function is also confronted with a challenge from internal expectations to increase its strategic relevance. It should evolve from being a purely risk control function into a contributor to strategy and a value driver for the core business. As a result, tension arises from the expectation of better and broader delivery but with the constraint of fixed or even decreasing budgets.
Top 5 optimisation levers for the risk function in banks
In recent years, Deloitte has successfully completed around 15 projects relating to risk transformation in banks, both in Switzerland and internationally. In all these projects, weaknesses and dangerous gaps were identified in risk management and decisive improvement measures were introduced.
From these projects, five key areas have emerged for addressing these complex challenges and optimising the risk function:
- Clear definition of the strategic value contribution of the risk function within the overall context of the bank
- Optimisation of F2B processes, such as onboarding, client lifecycle, and advisory from the risk perspective
- Clear demarcation between the 3 LoDs, including documented service levels
- Sensible use of automation levers, for example in risk reporting and risk control
- Revision of the data and technology architecture to take advantage of the latest opportunities with analytics.
Addressing these five key areas will benefit the risk function in various ways. They will give it a clear strategic role and a definition of ‘success. Compliance with statutory and regulatory requirements can be made more effective, by closing gaps in coverage. Efficiency will be improved through optimisation of processes, automation and digitalisation.
Support in realigning risk management
Deloitte's transformation approach supports the risk function in optimising its operating model. Our collaborative approach can be tailored to specific client needs and is based on Deloitte's project experience and proprietary assets, such as benchmark data and best practice analysis. In the process, a clear, lean target operating model is developed based on a comprehensive diagnosis and translated into a transformation plan.
The result is cost reductions of up to 30 per cent in existing Run the Bank(RtB) risk functions, as well as significantly greater effectiveness of risk management.
Key contacts
- Previous Rapidly changing Sanctions regime: Recommendations for financial institutions to manage the risks sustainably
- Next New US Tax identification number requirements create unworkable situations for Qualified Intermediaries