BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Digital Transformation Creates New Risks In Finance

Following
This article is more than 5 years old.

As financial firms make the transition to digital they also need to revamp their risk management, says EY in a recent paper, “Moving from analog to digital: a new paradigm for risk management.”

Written at times in breathless consult-eze, the paper can be confusing. In the introduction, EY notes that “Desired business outcomes such as firm profitability are becoming harder to sustain, especially as external pressures from unions, regulators, governments and other stakeholder groups are becoming harder to manage given the impact of social media.”

EY might have uncovered something previously unsuspected in financial services — pressure from unions. And while cleverly acknowledging that that profitability is a desired business outcome, it overlooks the pressure on profitability from competitors, both traditional finance firms and fintechs. As for how social media makes this harder to manage, that’s not explained.

“At the heart of the new paradigm is adaptive digital risk management — incorporating management of risks associated with the digital transformation from the front- to back-office (digital risk management), as well as fully testing and deploying digital strategies to better manage risk (digitizing risk management),” the report said.

EY Principal Cindy Doe said that for the last 10 years risk management has been reactive, responding to the Global Financial Crisis.

“Risk functions are now getting a chance to pick up their heads and look forward in terms of emerging drivers and various external pressures the firms are feeling around newer technologies, cyber, privacy and resiliency.”

Risk managers face two challenges. The first is thinking about digitizing risk management and its processes, and the second is managing risks to the entire organization as it becomes more digital.

“Financial service firms are really seeing disruption, either on the horizon or at the front doorstep, and they are seeing the change cycle growing shorter — rather than five years  it is a year or 18 months,” Doe said “Risk is really evaluating what this means to their organization.”

The consultancy sees risk management in terms of three lines of defense. The first line involves the people on the front lines dealing with customers, the staff who are in the flow of business. Behind them are the positions providing oversight, the chief risk officer and the chief compliance officer. And the third line of defense is internal audit or corporate audit. The chief risk officer will often report to the board or to a board risk committee.

“What I am seeing start to evolve at the board level is an awareness of the impact of technology on companies,” said Doe. “There is technology throughout any financial services enterprise so you are seeing a greater awareness and a focus on education. Corporations are looking for board members who have a background in technology, they are getting greater technology fluency onto the board.”

The transformation to digital places a heavy focus on data, she added. Firms need the right data at the right point with the right controls combined with digital technologies to create differential customer experiences.

“As the business changes, risks like cyber and resiliency are emerging in new ways, and can impact your risk position,” she said. Risk management isn’t always defensive, she added.

“Risk managers are really focused on how do they enable the business, having the right talent in the processes to have the right capabilities available, whether thoughtful risk taking, or how to protect ourselves from what can go wrong.”

The EY report said that in the future firms can expect change to be a constant, rather than something that fits neatly into three- or five-year planning cycles.

“Firms will prosper only if they can build change into their DNA and recruit and retain talent who can thrive and prosper in such an environment.”

That can lead to design thinking, preferably with people who have a background in data and customer experience, and know the business from end to end.

“if you are doing the transformation correctly and you are vetting a lot of these activities up front, if you are designing new systems with the right risk controls and if you are doing it correctly, you will reap rewards on the back end because you will avoid costly remediation.”

Follow me on Twitter or LinkedIn