CROs Weigh In on Risk Priorities

Chief risk officers (CROs) working in the financial services industry are feeling the pressure of operational disruptions, an evolving risk landscape, and economic uncertainty, amid other challenges, according to research from McKinsey & Company.

Risk & Compliance Focus Areas for Bank CROs

The survey of bank CROs identified several topics that are top of mind for risk executives now and in the near term.

Climate Risk and Regulation: 92% of CROs predicted that climate regulation will be one of the five most important forces in the financial industry in the next three years.

Cybercrime and Emerging Technologies: 58% of executives ranked cybercrime as one of their top five risks. Forty-two percent of CROs say the use and misuse of AI will be among their top risks during the next three years.

Related Reading | Fighting Fraud and Cybercrime

Regulatory Burden: CROs rank regulatory activity as the most time-consuming item on their risk committee’s agenda. Sixty percent expect the employee headcount at their institution dedicated to the regulatory agenda to grow in the coming three years.

Digital Transformation and Data Quality: All respondents agreed that digital transformation is their organization’s most consequential initiative, while 58% are concerned about data quality.

5 Areas Shaping the Future of Risk Management

The research also revealed aspects of the risk function that CROs believe will shape future risk management strategies, including:

1. Evolution of the “three lines” model
2. Digitization
3. Regulatory expectations
4. Market shifts and new risk priorities
5. Creating and demonstrating value as a risk function

Within these categories, several focus areas emerged as areas for growth and improvement:

Digitizing Risk Reporting and Monitoring

Effective reporting and analytics are ongoing challenges for many risk management teams.

“Reporting and monitoring, a core responsibility of the risk function, remains excruciatingly difficult, prone to manual intervention, and burdensome in most institutions,” researchers note.

Yet despite improvements being “sorely needed,” only 25% of CROs anticipate budget increases that would support digitizing their reporting capabilities.

Preparing for ESG Regulation

As regulatory agencies consider frameworks for ESG compliance, CROs are keeping an eye on developments in environmental, social, and corporate governance.

Because “banks have been prone to poor regulatory remediation processes,” risk executives are focusing on an agile and proactive approach to regulatory compliance.

Related Reading | Delivering Comprehensive ESG Initiatives

Viewing Risk Management as a Value Center

Beyond standardizing risk processes and governance, leading institutions recognize that effective risk and compliance functions create value through improved performance and reduced losses, among other benefits.

“When properly carried through, the focus on value becomes a powerful lever for business simplification, helping to rationalize processes and controls, reduce unprofitable products and services, and consolidate risk assessments. The path ultimately supports better institutional performance, including fewer losses experienced and reduced capital requirements for potential large, idiosyncratic events. Successful institutions able to focus on positive outcomes are more productive and more responsive to all stakeholders—customers, investors, and regulators.” 

Related Reading | Proving the Value of a Bank ERM Program

The Takeaway

As teams managing governance, risk, and compliance at financial institutions grapple with economic, industry, and operational changes, a proactive and flexible approach to risk management is more important than ever.

“In a business environment subject to constant disruption, superior risk management has become a competitive advantage in all industries. Financial institutions are no exception. They are seeking to become more resilient. With scenario-based foresight, monitoring of early indicators, and crisis-response capabilities, they can become capable of absorbing the shocks, pivoting, and accelerating into new realities.”

Learn more about building a proactive and resilient risk management framework and how Quantivate helps banks and credit unions solve their GRC challenges.

Read Next | GRC Priorities in Banking & Financial Services →