Assessing risks in the financial services industry
To pursue profitable opportunities in dynamic markets, it is important for decision-makers to be armed with a trusted assessment of risks. We turned to experts at Protiviti Global to provide an authoritative outlook on the risk sentiment within the financial services landscape.
Technological advancements. Disruptive innovations threatening core business models. Recurring natural disasters with catastrophic impact. Soaring equity markets. Turnover of leadership in key political positions. Potential changes in interest rates. Cyber breaches on a massive scale. Terrorism. Elections in Europe. Threats of nuclear engagement. A strong US dollar. These and a host of other significant risk drivers are all contributing to the risk dialogue happening today in boardrooms and executive suites.
Expectations of key stakeholders regarding the need for greater transparency about the nature and magnitude of risks undertaken in executing an organisation’s corporate strategy continue to be high. Pressures from boards, volatile markets, intensifying competition, demanding regulatory requirements, fear of catastrophic events and other dynamic forces are leading to increasing calls for management to design and implement effective risk management capabilities and response mechanisms to identify and assess the organisation’s key risk exposures, with the intent of reducing them to an acceptable level.
In the sixth annual survey, Protiviti and North Carolina State University’s ERM Initiative report on the top risks on the minds of global boards of directors and executives. Our respondent group, which includes 728 board members and C-suite executives from around the world, provided their perspectives about the potential impact over the next 12 months of 30 risk issues across these three dimensions:
- Macroeconomic risks likely to affect their organisation’s growth opportunities
- Strategic risks the organisation faces that may affect the validity of its strategy for pursuing growth opportunities
- Operational risks that might affect key operations of the organisation in executing its strategy
A look at the insights
Regulatory pressures continue to be top-of-mind for financial services firms as regulatory change and scrutiny again tops the risk issues in the industry for the fourth year running, but the financial technology (fintech) threat has surged into second place in the top risks rankings.
The financial services industry is being disrupted by the onward march of the financial technology, or fintech, sector. This trend is evidenced by a significant shift in the number of respondents highlighting the strategic risk posed by the rapid evolution of innovative technologies. Not only did this concern over the rapid speed of disruption rise three places since last year to become the second-highest ranked risk for financial services organisations, but the significance of this risk has increased substantially over the past two years. Financial firms are concerned about their ability to respond competitively and modify their business models in a timely manner to manage the enhanced risks.
This fear is pushing some financial institutions to advance the pace of their own digital innovation centres by partnering with fintech companies and is driving larger institutions to acquire many new fintech market entrants.(1) Risks are present with each of these options and specific emphasis needs to be placed on the importance of robust third-party risk management when developing technology in partnership with non-traditional organisations that have less mature product development and regulatory compliance processes. (2)
Alongside this digital revolution is the ever-present and ever-growing threat to firms’ cybersecurity, which again ranks in the top five risks for financial services firms. Concerns over preparedness for dealing with cyber events are increasing, while the implementation of several cybersecurity regulations and guidelines in the United States and around the world is keeping the cyber threat high on the agenda for chief executives and board members.
Another heightened risk for all financial institutions is privacy and the need to protect customer data. New regulations coming into force in 2018 — especially the European Union’s General Data Protection Regulation (GDPR), which applies to all firms that store or use customer data, or even those firms who market to EU clients — have increased the focus of the compliance function on this area, requiring more resources over the past year. (3)
From a macroeconomic perspective, the industry appears to have priced in the strategic impact of interest rate rises already, while worries over the sustained low-interest environment on operations also appear to be alleviating, albeit only slightly. Due to the relative good health of the capital markets and the global economies, fears that economic conditions will curtail growth or that currencies and financial markets will be subject to volatility have reduced, with these macroeconomic risks falling out of the top five risks for 2018.
Financial services respondents indicate that the magnitude and severity of the risks their organisations will be facing over the next 12 months with respect to reaching or exceeding profitability (or funding) targets are falling. That said, more organisations indicated that they will be devoting additional time and resources to risk identification and management over the next 12 months.
