Skip to main content

Deloitte Releases Global Risk Management Survey

The financial services sector has faced unprecedented challenges in risk management due to COVID-19. The COVID-19 pandemic not only created internal disruption with lockdowns and work-from-home mandates, but its massive impact on the global economy also dramatically escalated credit risk. This caused financial institutions to provide creative solutions to keep customers solvent, such as restructured loans and deferred payments. Thankfully, the vaccine rollout promises a more robust economy and greater stability moving forward, but the future remains unpredictable for the financial services industry, which places even more importance on both financial and non-financial risk management.  

These were some of the conclusions reached in Deloitte’s 12th Global Risk Management Survey. Research undertaken between March and September 2020 - the first six months of the COVID-19 pandemic - the survey assesses the financial services industry’s risk management practices and challenges. Findings are based on responses from 57 financial services institutions around the world and across multiple financial services sectors – representing a total of US $27.2 trillion in aggregate assets.

Most respondents indicated they believed their institutions are extremely or very effective at managing financial risks. Though, substantially fewer felt that way about nonfinancial risks such as operational resilience, cybersecurity, conduct and culture – all of which were made more prominent with the onset of the pandemic.

Notable findings from the survey include:

Credit risk was named the top risk type that will increase the most in importance over the next two years – cited by one in five respondents (20 per cent) as the number one risk. In contrast, only 3 per cent indicated this in 2018. And in this latest report, 62 per cent said credit risk management will be a very or extremely high priority over the next two years.

When looking at respondents’ top-three answers for risks that will increase most in importance over the next two years, environmental, social and governance risk was cited most often, at 38 per cent. However, only 33 per cent said their organisations are very or extremely effective at managing this type of risk.

Finishing second among that same top-three risks was cybersecurity, at 30 per cent. Respondents also indicated there is significant room for improvement, with only 61 per cent reporting their institutions are very or extremely effective at managing cybersecurity risk. In addition, 87 per cent said improving cybersecurity risk management will be a very or extremely high priority over the next two years.

Almost all survey respondents indicated their firms are very or extremely effective at managing financial risk. However, only 65 per cent gave those ratings for managing nonfinancial risk. The laggards in the category included management of conduct and culture (55 per cent), geopolitical (42 per cent) and data quality (26 per cent) risk.

Data privacy, nonperformance, unethical conduct, business continuity and other risks originating from third parties have emerged as a major and complex problem. Only 44 per cent of survey respondents rated their institutions as very or extremely effective at managing third-party risk, and 64 per cent said improving third-party risk management will be a very or extremely high priority over the next two years.

Emerging Technologies May Help

These can be perilous times for financial institutions, because downward pressure on revenue can cause a reduction in risk-management investments. There are emerging technologies – such as robotic process automation, machine learning and natural language processing – that can help companies to reduce expenses through automation, while also reducing errors, strengthening controls and identifying potential risk events in real time. Only 30 per cent of respondents said their firms are employing these emerging technologies, but half indicated that these types of technology will be a very or extremely high priority over the next two years.

Successfully using these technologies as part of a risk management technology infrastructure requires the presence of comprehensive, up-to-date and high-quality risk data – and creating such a “single source of the truth” for risk can be a challenging undertaking. To that end, 49 per cent of survey respondents said they were very or extremely concerned about risk data quality and management, and 69 per cent said that enhancing the quality, availability and timeliness of risk data will be an extremely or very high priority over the next two years.

Overall, the survey found that the pandemic and economic downturn served to accentuate existing risks, while also creating new challenges – such as raising awareness and concern around nonfinancial risk. The report ultimately concludes that risk management “will need strong governance, coupled with the agility, to respond to the morphing profile of risks in these volatile times.”