The Future of Risk Management in the Digital Era
McKinsey on Risk post an interesting perspective on issues faced by the digitisation of the risk industry, while heavily banking focussed the industry could easily be swapped to Manufacturing, Healthcare, etc.
Observationally, the issues faced by banking and financial services risk are similar across many critical industries, specifically when it comes to digital transformation of risk-based services;
"A digital transformation for risk would mean a number of changes. Chief among them, risk would capture and manage information from a broader and richer set of data, looking into non-traditional sources like business-review ratings online."
QC-Technology think - there is value leveraging new information scraping technologies to data mine pain points and emerging external business environment factors. Machine learning and AI are often thrown around as the way of the future, however the right tools which enable rapid data slicing are going to be more and more important to risk owners in the future.
"It would automate processes it controls, and work with others to do the same for decision-heavy processes. It would use advanced analytics to further improve the accuracy and consistency of its model, while deploying a flexible risk data architecture."
QC-Technology think - a flexible risk data architecture to enable advanced analytics, one which is interlinked with frontline assurance? one which provides on-demand risk insights, one which is flexible to cater for highly complex environments such as underwritten insurance? A flexible risk data architecture combined with embedded advanced analytics is the foundation of the QC application suite.
"Inside the bank, leaders would consult self-serve dashboards informed by risk analyses—and thus act on risk-driven strategic advice."
QC-Technology think - This should be the norm, the minimum expectation of risk owners responsible for mitigating risk. Truthfully, without effective systems in place risk cannot be measured, monitored or mitigated. Microsoft Excel and Outlook are no longer acceptable tools in Enterprise Risk Management. A de-coupled risk register provides no insight and patchwork IT systems only ensure risk face significant data constraints. Embracing truly digital 3 lines of defence service dissolves many of the most significant challenges to digitising risk. This is again the foundation of the QC application suite.
With the risk and regulatory landscape shifting and demanding more information, all three lines of defence demand data knowledge, embedded analytics simple to use technologies in a digital risk environment. This state however will be impossible without centralising and integrating frontline assurance to 2nd line governance while providing 3rd line independent audit a digital capability to review risk and control effectiveness. In other words, all three lines of defence should be digitally supported in strategic alignment to deliver a digital risk experience.
Only when all facets of enterprise risk management are centralised can industries begin to benchmark and report with transparency, auditability, and completeness. Knowing an audit schedule has been closed while incomplete must ring alarm bells, however unless digitally integrated, this undesirable outcome is likely to form another line on a management committee PowerPoint pack.
Fully understanding the 3 lines and the complex interaction between them is what drives QC-Technology in building a digitally integrated risk management suite.
perhaps it's worth getting in touch with us to discuss.