The Promise, and Peril, of Risk Technology

The pandemic has underlined how essential risk technology is for proactive and responsive financial institutions.

Prior to the coronavirus outbreak, bank risk managers were already incorporating such technology to manage, sift and monitor various inputs and information. The pandemic has complicated those efforts to get a handle on emerging and persistent risks — even as it becomes increasingly critical to incorporate into day-to-day decision-making.

Data, and getting insights from it, has always been central to how risk managers have worked. That hasn’t changed,” says Sandeep Mangaraj, an industry executive at Microsoft who focuses on digital banking transformations.

Prior to the pandemic, concerns about operational risk had increased “somewhat” or “significantly” among 51% of CEOs, chief risk officers and directors responding to Bank Director’s 2020 Risk Survey, which was completed just before the pandemic. More than half also revealed heightened concerns around cybersecurity, credit and interest rate risk, and strategic risk.

That survey also found respondents indicating there was room for technology to improve their compliance with Bank Secrecy Act and anti-money laundering rules (76%), know your customer (50%) requirements, and vendor management requirements.

One way executives and risk managers can keep up is by incorporating risk technology to help sift through reams of data to derive actionable insights. These technologies can create a unified view of risk across exposure types and aggregation levels — product, business line, region — so executives can see how risk manifests within the bank. Some of these solutions can also capture and provide real-time information, supplementing slower traditional sources or replacing end-of-day reports.

But the pandemic led more than half of respondents to Bank Director’s 2020 Technology Survey to alter or adjust their technology roadmaps — including 82% of respondents at institutions with more than $10 billion in assets. Two-thirds said they would upgrade existing technology; just 16% planned to add technology to improve regulatory compliance.

Artificial intelligence holds a lot of promise in helping banks more efficiently and effectively comply with regulations and manage risk. Many banks are still early in their risk technology journeys, and are working to identify areas or situations that can be serviced or assisted by risk technologies. Forty-six percent of respondents to Bank Director’s Technology Survey say they are not utilizing AI yet.

Those that have are applying it to situations like fraud monitoring, which generates large amounts of data that the bank can correlate and act on, Mangaraj says. Others have applied it to process intelligence and process improvement, or used it to enhance the control environment. Key to the success of any AI or risk-technology endeavor is finding the right, measurable application where a bank can capture value for heightened risk or capabilities.

“We have a client who uses AI to monitor trader conversations that can proactively flag any compliance issues that may be coming up,” he says. “There are lots and lots of ways in which you can start using it. Key is identify cases, make sure you have clear measurement of value, monitor it and celebrate it. Success breeds success.”

The addition and incorporation of innovative risk technologies coincides with many banks’ digital transformations. While these changes can often complement each other, they can also make it difficult for a bank to manage and measure its risk, or could even introduce risk.

A strong management team, effective controls and active monitoring of the results are essential keys to a bank’s success with these technology endeavors, says James Watkins, senior managing director at the Isaac-Milstein Group. Watkins served at the FDIC for nearly 40 years as the senior deputy director of supervisory examinations, overseeing the agency’s risk management examination program.

“It’s time for a fresh look of the safeguards and controls that banks have in place — the internal controls and the reliability of the bank system’s and monitoring apparatuses. All of those are extremely important,” he says.

Bank executives and boards of directors must have the processes and procedures in place to ensure they’re using this technology and contextualizing its outcomes in a prudent manner.

“I think the importance of general contingency planning, crisis management strategies, thinking strategically — these are all areas that boards of directors and senior management really need to be attuned to and be prepared for,” Watkins says.