The future of operational risk management: why businesses need to embrace new tech
The impact of technology on the business world is pervasive and constantly evolving, which has meant that companies must take action in order to stay both competitive and secure. However, with so many complex products and solutions on offer, it can be difficult for businesses to know where to begin.
For some companies, it may be tempting to prioritise client-facing technologies that promise immediate and measurable commercial benefits, but businesses also need to think about long-term transformations in key areas, such as operational risk management (ORM).
The impact of poor risk management can be devastating for firms not only financially, but also reputationally, yet some businesses seem willing to take chances in this area. Failing to update ORM processes and systems will leave these businesses vulnerable to increasingly sophisticated cyber threats, data breaches and fraud. Investing in new technology for ORM is therefore more than just common sense – it’s essential.
Automated detectives: anticipating risks
Identifying areas of vulnerability from vast swathes of data is definitely not a one-man job. A report by McKinsey notes that around 50% of financial services staff are currently dedicated to risk-related work, while just 15% are focused on analytics. Although, by 2025, it anticipates these figures will be closer to 25% and 40%, respectively. The integration of AI and data analytics systems in ORM will be responsible for this reversal.
In today’s world, data rules the roost, sparking a wave of advanced analytics tools that will become more valuable as more data is shared. Predictive analytics techniques, machine learning, and artificial intelligence can all help to efficiently build large and complex data sets. Working at a faster pace than any human, these solutions can be used to identify discrepancies long before they cause any serious problems.
While AI’s capacity for a rational, proactive response is still in the very early stages of development, organisations can already use real-time risk data to advance decision-making by establishing a framework that uses automated processes. For example, banks can now invest in robotic process automation (RPA) bots that will continuously scan their internal environment and collect data from predetermined sources. As a result of developments like these, time-consuming and costly manual auditing methods will eventually become a thing of the past.
Risk strategy is a team game
Breakthroughs in data analytics also mean that machines can now process data faster, more efficiently and without any bias. As such, it’s important for risk managers to see this technology as a tool to be exploited and leveraged, rather than as a threat. To this end, all areas of the business need to understand its capabilities in order to build a proactive working relationship with these solutions.
While defending against risks like cyber-attacks is vitally important, many at board and executive level are still unsure how to tackle this issue. This is alarming considering that 69% of financial services CEOs report they are concerned about cyberthreats, according to a 2016 survey by PwC.
Those responsible for risk management strategies can often find that there is a knowledge gap between them and the board-level decision makers, as executives tend to rely on external consultants for answers. However, it’s the board that will ultimately be held accountable for any failings, so effective communication between risk managers and decision-makers is essential.
Business leaders should therefore focus on creating a culture that not only prioritises risk management, but also one that encourages employees at all levels to engage with the systems they use. This top-down approach is the only way to ensure that everyone is properly prepared for the inevitable shift in ORM’s technological architecture and able to mitigate and manage the operational risks of the future.
Some businesses will struggle with what can potentially be a significant change to the way they operate, so shouldn’t be afraid to seek expert help on how to manage this transition. Failure to address risk would be a serious error, but mitigating risks in the wrong way can be equally as damaging.
Cause for concern?
Future proofing with technology like data analytics and AI shouldn’t make employees worry about job security. A company using new technology to manage risk will see a reduction in operating and auditing costs, an optimisation of its insurance coverage, as well as an increase in staff satisfaction. By introducing tools that are capable of automating manual processes, businesses will find that employees have more time to optimise their output and reconsider their relationship to ORM.
Without a doubt, the switch from human to algorithm-based risk assessments will present new challenges, some of which may be difficult to anticipate. This is simply the nature of change. What we do know is that developing a robust ORM strategy using new technology leads to more proactive and informed decisions, giving businesses the competitive edge necessary to grow in today’s marketplace. The field may be complex, however, there isn’t a better time to take ORM seriously and invest in the future.
By Robert Rutherford, CEO of IT consultancy QuoStar