The results from the 12th annual EY/IIF global bank risk management survey confirm that banking industry chief risk officers (CROs) face an extraordinary volume and variety of risks — traditional and emerging, external forces and internal pressures — nearly all of which seem to be increasing in urgency. But CROs’ biggest challenge may be understanding how intersecting risks can create single or multiple points of failure, even when traditional risk management metrics look stable.
Consider how the combination of geopolitical and cyber risks threatens operational resilience while also increasing market risk, particularly for institutions designated as global systemically important banks (G-SIBs), or how macroeconomic challenges may reveal previously hidden sources of credit risk. The talent shortage makes it more difficult to manage risks related to data security, consumer privacy and the use of artificial intelligence (AI) and machine learning. Environmental, social and governance (ESG) strategies, digital transformation and new product development also require multi-dimensional thinking by CROs. Increased regulatory risk is present in all of these vectors.
In such an uncertain and fast-changing environment, yesterday’s compartmentalized taxonomies and conventional risk modeling processes may not account for the impacts of multiple, simultaneous risk events. The bottom line is that the most effective banking CROs must excel in both the strategic and tactical realms and commit to helping the business succeed in delivering innovative services that satisfy ever-rising customer expectations.
Cyber risk is the top risk priority for the next 12 months, according to CROs. But credit risk may soon become more of a focal point if economic conditions worsen. It’s notable that 83% of G-SIB CROs and 62% of CROs for European banks ranked geopolitical risk as the top priority. The cluster of issues in the next tier demonstrates the complex risk matrix CROs face today.