How has RegTech changed the role of the risk manager?

risk manager

The role of risk manager is not a new position. For as long as challenges around regulation, compliance and other security risks have existed, so has been the role of trying to manage them.

In a world where financial crime continues to evolve and become harder to catch, the role of risk manager continues to change – and become ever more complicated for the risk manager.

Rob Anderson, subject matter expert at Acuminor, said, “As financial crime regulations, threats and risks continually evolve it is by no surprise, that financial institutions and those accountable and responsible for managing risks, have struggled to keep pace with the complexity and level of change.

“When considered carefully, and implemented effectively, regulatory technology can become a key strategic partner and enabler for firms and risk managers to improve their effectiveness in managing financial crime compliance, threats and risks, whilst also helping them too to demonstrate pragmatism and proportionality in their risk-based approach.

“Moreover, this can even help them to evolve and expand safely, improve efficiencies in their resource requirements and ultimately demonstrate their valuable contribution to a firms bottom line – a key factor in these current economic headwinds.”

Anderson added that in this sense, RegTech solutions are similar to a ‘fourth’ line of defence. Acuminor remarked that business-wide risk assessment is a key founding pillar to enable the design, scoping and application of a control framework proportionate to the risks an organisation faces, without which it is hard to demonstrate effectiveness.

Anderson commented, “It is difficult to expect risk managers to know, or memorise all the potential risks the organisation may be exposed to, but now they don’t have to. An effective BWRA can also help identify situations of unnecessary over control, which may impact customer experience, an area of critical importance in a highly competitive financial services environment.

“Alternatively, it could identify needs and provide supporting intelligence rationale, for the adoption of wider reg-tech applications, for example, more robust monitoring or identity verification solutions.”

Clausematch remarked, “It’s a good exercise to examine the evolution of the role of a risk manager through not only the lens of the growth of RegTech but also through the lens of the 2008 economic crisis: before this time, many companies, especially big banks, paid little attention to their risk and compliance managers. Often, you could find them working in a back office, siloed and rarely called upon for expertise or guidance unless of course, the company was in a crisis.

“But following the massive hit to the world’s economy in 2008, industries saw an avalanche of new regulations along with a new, heightened sense of scrutiny on the adaptation and adherence to those regulations. Suddenly, the once-neglected risk manager moved to the C-Suite in many companies and had a seat at the table in advising nearly every department when it came to risk assessment and management. In some cases, the chief risk and compliance officer oftens sits on the board.

“Because regulations were coming online at a break-neck speed, companies had to turn to technology to assist in horizon scanning, streamline adaptation of regulations, manage policies and procedures, and alert employees to changes. RegTech was born out of necessity, and it was through the risk manager that so many companies adopted this new technology. Thanks to RegTech, risk managers, in some companies, have large teams to help implement and manage policies. They are consulted on risk to every aspect of the business, from policies, procedures, controls, and risks.

“Going forward, as RegTech solutions advance and regulations across jurisdictions solve new and complex problems, the role of the risk manager will evolve: they’ll be asked to monitor and set policies on everything from the company’s TikTok account to ESG policies to employees’ personal devices.”

 

While the evolution of financial crime over time has brought new challenges, it has also brought opportunities – an opinion echoed by David Griffiths, director of regulatory affairs for Eventus.

He said, “RegTech has widely expanded the options for risk and compliance managers, from both specialization and best-of-breed solutions to providing a healthy TCO through cost-effective hosted and SaaS solutions. They now have access to more time-critical information and can leverage a wide array of technology to address their needs. Risk managers can now focus solely on strategies for managing risk rather than being part-time solution designers and builders.”

Griffiths remarked that as demand for better FinTech has ramped up across asset classes and geographies, so has the need to remain current with regulatory mandates.

He went on, “This is a heavy lift for risk and compliance managers given the breadth of multiple assets trading on different markets in different jurisdictions. Partnering with a solution provider to deliver, manage and support the business and technology solution allows the manager to focus on their core responsibilities.”

The growing presence and interest in digital assets is also offering food for thought for risk managers. Griffiths remarked, “With the advent of widespread institutional interest in digital assets, and as regulation in digital assets continues to evolve and grow, so will the responsibilities within risk and compliance. Technology has been a game changer throughout the financial services industry.

“So, whether it is dealing with cross-venue trading risk, the 24/7 ‘always open’ crypto markets or the increased volume and diversity of trading data, RegTech delivers the flexibility needed to manage the scope and scale of business and data needs.”

The role of RegTech within risk management now has not only become important, but almost mandatory. In a world where financial criminals and threat actors are finding new ways to use technology for cases of financial skulduggery, the presence of RegTech offers, as Acuminor suggests, a fourth line of defence.

Anthony Quinn – founder and CEO of Arctic Intelligence – said, “When RegTech first emerged many risk managers felt threatened by the possible impact on their jobs but in reality regulatory technology serves to augment and assist risk managers in performing their jobs so less time is spent gathering and analysing data and more time spent on understanding insights and improving risk management frameworks, that the attitude towards RegTech is overall very positive among risk managers

“It is simply not possible for most risk managers to process the amount of complex and ever-evolving regulatory landscape and technology provides a significant role in equipping risk managers with the tools they need to do their jobs in a fast-changing world”.

In a similar sentiment, Cathy Vasilev – co-founder and COO of Red Oak Compliance Solutions – commented, “The role of the Risk Manager has forever changed with the introduction of RegTech. Risk Managers now have tools to help them assess their firm’s entire risk ecosystem and access more data, allowing them to perform detailed analyses.

“RegTech can also help them to connect the different areas of a firm and work to find and establish a common standard. This enables risk managers to manage risk more holistically, helping their firm grow and become more efficient.”

There is also a growing realisation that many risk managers are facing challenges both from the regulatory and budgetary side.

On this topic, Aveni COO Jamie Hunter said, “Risk managers are being squeezed at both ends of the scale, from a regulatory and budgetary perspective, and they need to be meeting the expectations and demands being placed on them if they are to succeed.

“Technology is arguably the differentiator that will enable them to do this and enhance the regulatory and risk functions. It allows for quicker, more refined and targeted assessments and enables problems and risks to be identified and triaged much faster.  This brings a whole new level of empowerment to the risk manager role and gives them the opportunity to maximise their value and effectiveness.

“ At a macro level technology solutions, such as AI and machine learning, are allowing risk managers to drive better outcomes for their business, providing more oversight and information for the business and genuinely raising key issues that can bring better operational and strategic benefits. According to research from Nvidia ninety-one percent of financial services companies are driving critical business outcomes with investments in AI, predominantly in creating much more accurate models. This changes a seemingly-perceived view of risk management as a tick-box exercise to a genuinely strategic function that derives increased value for the business.

“There is still a challenge which prevents the risk function becoming more scalable, however, and that is a lack of budgetary control over what technology and systems are being implemented. Arguably the risk manager has the potential to derive far greater business value through the use of technology and should have the opportunity and authority to select and assess the systems being used. This is reflected in Nvidia’s research which acknowledges that companies are experiencing significant financial benefit from enabling AI across the enterprise. Over 30 percent of respondents stated that AI increases annual revenues by more than 10 percent, while over a quarter stated that AI is reducing annual costs by more than 10 percent.”

Copyright © 2022 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.