• 1000

CROs of financial services providers and their risk management functions are under enormous pressure. On the one hand, the regulatory and economic demands on the CRO function are relentlessly rising. On the other hand, risk functions are also expected to contribute to company-wide efficiency goals and to continually challenge their (staffing) capabilities.

Each crisis  - the Covid-19 pandemic being the most recent example  - reinforces this trend and poses new challenges for CROs. In addition, there are hitherto unknown risks (e.g. cyber risks, climate risks, etc.) as well as the pressure to invest in the digitisation agenda and assess its consequences. All these aspects expand the CRO's areas of responsibility and need to be considered in terms of staffing and organisation. 

Only a well-positioned CRO function can successfully address these developments, while not losing sight of its main objective: to support the sustainable and profitable business development of the company.

In our view, there are five key criteria for a successful future risk management of banks and insurers:

Ensuring functional excellence

The prerequisite of any CRO function is excellence in all relevant disciplines of risk management and a comprehensive understanding of current and future regulatory requirements. Only with having the appropriate expertise on board it is possible to meet the new challenges the digital and highly competitive banking and insurance world brings along.

Identification and management of new risks

Although established risk categories continue to be the focus of supervisory authorities and bear high potential for losses, it is becoming increasingly important for companies to identify and manage new risks at an early stage. A prominent example are sustainability risks, for which risk functions need to develop quick and specific measures for integration into the existing risk management frameworks. Also, the consistent measurement and management of non-financial risks (e.g. operational, strategic, IT-related risks) is coming more and more under the spotlight. In this context there is considerable need for action for banks and insurers to ensure that necessary adjustments are made in a long-term, sustainable and efficient manner  - not only against the backdrop of new regulatory requirements, but also due to the impact on the business model.

Building an efficient and effective risk governance

To act as a strategic discussion partner within the company, the governance of the risk function also needs to be orientated to the business and the underlying value chains. In many cases, this requires transforming the risk organisation. In this context centralising key risk functions, getting rid of silo mentality and adjusting the 3-LoD model are some of the key parameters for improvement.

Leveraging the technological possibilities of the risk management IT

A flexible and scalable risk IT architecture is an essential part for a sustainable and competitive risk management function. Current technology trends such as automation, standardisation and scalability via cloud-based solutions, risk software vendors as well as advanced analytics and machine learning are just some of the opportunities that the risk function must also learn to leverage . For the CRO function this involves not only making use of technology trends, but also properly assessing the resulting risks.

Establishing stringent process management

Fragmented processes, characterised by lots of manual steps, show that currently only a few banks and insurers already have an effective and efficient process management in place. Traditional silo mentality  and high specialisation reinforce these inefficiencies and prevent companies from being able to change. Based on a transformed organisational structure and IT architecture, process optimisation will free up capacities which can be used to tackle new challenges. 

We are looking forward to supporting you on this journey  - let's get in touch!