Many of the flaws in risk management at banks and insurers that precipitated the global financial crisis remain unaddressed even as new risks have emerged, according to new research from the Economist Intelligence Unit.
The report, "Rebuilding trust: Next steps for risk management in financial services," sponsored by SAS, examines the steps that banks and insurers are taking to reinforce their risk management capabilities. It finds that the two industries are rebounding from the crisis: three-quarters of participants in a global survey of 346 financial sector risk managers conducted for the study are confident that prospects for revenue growth over the next year are good.
Most firms have made significant progress since the crisis to strengthen their risk capabilities, according to the research. Discussions about risk have become a key part of the boardroom agenda, chief risk officers now have a prominent seat at the top table and there is renewed zeal for instilling a greater awareness of risk principles in the front office—the so-called first line of defence.
But inadequacies in expertise, data quality and processes remain a worry. The enthusiasm for a large-scale overhaul of risk management has created personnel shortages as firms and regulators scramble to acquire suitable expertise. Data and information management systems remain significant impediments to an overall understanding of risk exposures, while regulatory uncertainty is making it difficult for companies to plan for the longer term.
“When it comes to managing risk, banks and insurers are clearly keen to raise their game," says Abhik Sen, editor of the report. "But the research shows that improvements have not yet gone far enough to reassure everyone about their capacity to protect themselves and others from a catastrophe like the financial crisis.”
Report finds that a clearly defined risk strategy is in place at most organisations, but significant areas of weakness remain. Another revelation of the research is that the silo-based approach to risk management continues to pose problems.
Respondents to the survey highlight uncertainty over future regulation as the main barrier to effective risk management. There is a danger that the focus on compliance could be “crowding out” day-to-day risk management.
The report also shows that risk managers recognise that data quality and availability need to improve. But collecting, storing and aggregating data is an area of weakness for many firms, with only 39% of respondents believing that they are effective at these activities