Professional Documents
Culture Documents
GX Future of Strategic Risk Management in Financial Services
GX Future of Strategic Risk Management in Financial Services
risk management in
financial services Risk Advisory
Brochure / report title goes here |
Section title goes here The future of strategic risk management in financial services
02 03
The future of strategic risk management in financial services The future of strategic risk management in financial services
Strategic risks are the Steering risk management into the to play a true second line of defense role—
risks that threaten to future providing effective challenge to critical
disrupt the assumptions The business environment is evolving, and business decisions in order to enhance
risk management needs to evolve along decision-making and to enable growth.
at the core of a financial with it. In addition to infusing strategy and
institution’s strategy. risk management, Deloitte has identified Technology. The latest technologies—such
three other levers that can be used to as cognitive analytics, machine learning,
modernize risk management for changes natural language processing, and big
in the business: data—have the potential to fundamentally
Regulators' expectations on strategic risk
transform risk management. From a
Recognizing the growing impact of strategic
People. For risk management functions, strategic risk management perspective,
risks on financial institutions, regulators now
taking on ownership of strategic risks will organizations can use these technologies
expect institutions to have formalized processes
require new organizational constructs, to continuously monitor changes in the
to assess strategic risks.
competencies, experiences, and business environment to determine which could
relationships. Institutions will need to be truly disruptive; and embed these
"Their boards of directors empower chief risk officers (CROs) to technologies into enhanced tools such as
and senior management, who have accountability for strategic risk horizon scanning and scenario planning
management and establish “owners” of simulation to drive higher levels of
bear the responsibility to set specific strategic risks such as geopolitical, sophistication in managing risk.
strategy and develop and economic, and FinTech risks. Management
of strategic risks will require the ability to For further discussion of Deloitte’s
maintain risk management apply a risk lens to areas such as product point of view of the issues affecting
practices, must not only development, sales, and culture. This risk management functions, and
will be a departure for many institutions, the opportunity to enhance these
address current difficulties, where risk management has traditionally functions, see: The future of risk in
but must also establish a focused on financial and regulatory risks. financial services reporti.
Some organizations have found it useful
framework for the inevitable to bring in individuals from the business
uncertainty that lies ahead. either on a rotational or permanent
basis, as well as training up existing risk
Notably, the ongoing professionals in new methodologies for
fundamental transformation assessing strategic risk.
04 05
The future of strategic risk management in financial services The future of strategic risk management in financial services
To start effectively managing strategic risks, financial Governance and ownership of strategic
Deloitte’s comprehensive “Value Killers” analysis identified strategic risks as the number one institutions need to establish governance and risk management
cause of dramatic losses in company value v. The comprehensive analysis studied the 1,000 ownership for strategic risk management; better Recent Federal Reserve proposals suggest specific
largest global companies in the decade between 2003 to 2012, analyzing companies that suffered integrate the stakeholders responsible for strategy guidance for governance and ownership of strategic
share-price declines of more than 20 percent in a one-month period relative to the MSCI Global and risk management; put in place risk review risk management vii. The board is expected to set
1000 index. processes that allow for independent oversight strategy and define the firm’s risk tolerance. Senior
and challenge of strategies, which are linked to management is responsible for implementing the
risk appetite setting; train risk leaders in forward- firm’s strategy and risk tolerance approved by the
Frequency of risk events across 100 public companies with looking risk management approaches; and put in board, including ensuring the firm’s infrastructure,
largest value drops. place frameworks to assess risk impacts on key staffing, and resources are sufficient to carry out the
business variables. firm’s strategy.
178 176
Strategic Risk Governance and Organization Operating Model
84
50 Board of Directors
The Board is expected to set strategy and
define the firm’s risk tolerance
Strategic Operational Financial External
risk risk risk risk
These studies highlight the need for risk functions •• Strategic execution risks: Do we have the right Senior Management
to help financial institutions identify and manage talent, capabilities, and infrastructure to execute Senior management is responsible for
strategic risks. Indeed, the future of risk will require on our chosen strategy for the future? Have implementing the firm’s strategy and risk
tolerance approved by the board.
risk functions to devote more focus to managing we hired the right people, put in place the right
strategic risks, as the external and competitive technology, or chosen the right alliance partners
environments become more volatile and uncertain, to achieve our strategic goals? Strategy Function Chief Risk Officer, Risk Function
and internal operating models become more During the strategic planning process, To meet its second line of defense
•• Strategic consequence risks: Could our strategic the Strategic Planning Unit should work duties with regard to strategic risk
technologically-driven.
choices result in new risks or result in unintended with senior management, business line management, risk functions should be given
consequences for the financial institution? management, and the risk function to a specific mandate to vet, challenge and
Defining strategic risks clearly present the risks emanating from the Business Line Management facilitate important conversations about
Will our strategic choices create inappropriate
What are strategic risks? Unlike operational and business line’s activities Business line management is expected to strategic choices.
incentives or create new risks for us (e.g., conduct, establish specific business and risk objectives
compliance risks, strategic risks are not inherently
reputation risks)? for each business line that align with the
undesirable. There can also be an upside to taking
firmwide strategy and risk tolerance.
these risks. The aim of managing strategic risks is
For additional information, see sidebar: steering risk
not necessarily prevention, but also anticipation
management into the future
and understanding. Understanding strategic
risks helps leaders to know how they should
Managing strategic risks
respond, for example, either by tweaking the
For a variety of reasons, managing strategic risk is
current strategy, increasing investment, enhancing
considerably more difficult for financial institutions
internal capabilities, or sometimes, even changing
than managing some of the more traditional
direction completely. Strategic Risk Reviews Strategic Planning Processes
financial risks. According to Deloitte’s annual Global The Risk Function conducts regular The Risk Function works with Senior
Risk Management Survey vi, almost all respondents strategic risk review of business Management, Strategy, and Business Line
It can be helpful to think of strategic risks in
considered their institutions to be extremely or very unit strategies, initiatives, new products Management to assess risks to the enterprise
three categories: or offerings. strategy during the strategic planning process.
effective in managing traditional financial risks such
•• Strategic positioning risks: Are we going in the right as market (92 percent), credit (89 percent), asset
direction? How should we position ourselves for and liability (87 percent), and liquidity (87 percent).
the future? Are we well-positioned to create value In contrast, only 46 percent of the respondents said Strategic Risk Tools
The Risk Function utilizes enhanced tools and approaches to conduct strategic risk
and meet customer needs for the foreseeable the same about strategic risk.
reviews or strategies, strategic initiatives, new products or offerings.
future? Are we focused on the right markets?
Horizon War- Scenario
Simulations
Scanning Gaming Planning
06 07
The future of strategic risk management in financial services The future of strategic risk management in financial services
08 09
Brochure / report title goes here |
Section title goes here The future of strategic risk management in financial services
•• Development of a crisis
management playbook.
10 11
The future of strategic risk management in financial services The future of strategic risk management in financial services
Contacts
Conclusion
Risk management in financial institutions has been shaped •• Train risk leaders in forward-looking risk
over the past decade, largely in response to regulations that management approaches. Expand the risk manager’s
emerged from the global financial crisis. But as the nature of toolbox to include approaches well-suited to looking
the financial industry changes over the next decade, so too externally and into emerging risk areas—tools such as
will risk management need to evolve. such as scenario planning and war-gaming and simulation.
Speech by Mr Randall S Kroszner, Member of the Board of Governors of the US Federal Reserve System, at the Risk
ii
For additional information on developing a non-financial risk management program, please see Deloitte’s report:
iii
The Future of Non-Financial Risk in financial services: Building an effective Non-Financial Risk management program,
https://www2.deloitte.com/content/dam/Deloitte/global/Documents/Risk/gx-ra-future-non-financial-risk.pdf
iv
How to Live with Risks, Harvard Business Review, July-August 2015 edition.
v
For additional information on Deloitte’s comprehensive “value killers” analysis, please see Deloitte’s report: The Value
Killers Revisited: A risk management study, https://www2.deloitte.com/global/en/pages/risk/articles/the-value-killers-
revisited.html
vi
Global risk management survey, 11th edition, www.deloitte.com/insights/globalrisksurvey
For additional information, see: Proposed Guidance on Supervisory Expectation for Boards of Directors, Federal
vii
12 13
About Deloitte
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its
global network of member firms and their related entities. DTTL (also referred
to as “Deloitte Global”) and each of its member firms are legally separate and
independent entities. DTTL does not provide services to clients. Please see www.
deloitte.com/about to learn more.