Risk management must respond to the new normal

According to Deloitte’s ninth biennial Financial Services Risk Management Survey, Operating in the new normal: Increased regulation and heightened expectations, financial institutions have far to go to ensure that they are managing their risk effectively and must respond to the new normal of banking regulations.

The survey was based on responses from 71 financial institutions from around the world and across multiple sectors, which represented a total of almost $18 trillion in assets.

Mark Carney, chair of the Financial Stability Board, an international body that monitors the global financial system, told G20 finance ministers and central bank governors that misconduct in banks has led to increased risk. “The scale of misconduct in some financial institutions has risen to a level that has the potential to create systematic risks,” Carney said.

The survey revealed that only 60% of respondents said their board of directors have made an effort to promote open discussions regarding risk. The 40% that do not have regulatory measures in place highlights that more needs to be done to create awareness in order to protect businesses.

According to Edward Hida, Deloitte global risk and capital management leader Regulators are looking into risk more comprehensively and are assessing whether businesses have a risk culture in place which promotes compliance to regulations as the new normal. “Regulators are looking beyond solely quantitative measures of market, credit, and liquidity risk to assess whether institutions have created a culture that encourages employees to take appropriate risks and that promotes ethical behaviour more broadly,” Hida said.

On the other hand, the board of directors’ involvement in the oversight of risk is set to rise, as 85% of those surveyed said that their directors currently devote more time to the prevention of risk than they did two years ago.

There has also been an increase in adoption of the chief risk officer (CRO) position, which has grown to be nearly universal. The survey revealed that “92 percent of institutions reported having a CRO or equivalent position, up from 89 percent in 2012 and 65 percent in 2002.”

Another positive development that the report highlights is the growth in implementation of an enterprise risk management (ERM) programs to manage their treasury, after it became a regulatory expectation. “Ninety-two percent of respondents said their institution either had an ERM program or was in the process of implementing one, an increase from 83 percent in 2012 and 59 percent in 2008,” the report said.

The report says that although risk management is still a big problem, banks that are subject to regulations, do adhere to them. “In the area of capital adequacy, almost all the banks surveyed that are subject to Basel III requirements already meet the minimum capital ratios. Further, the tidal wave of regulatory developments ushered in by the global financial crisis shows no signs of abating, especially for large institutions deemed to be systemically important.”

Although some positive changes were found in the survey, Deloitte says that there needs to be more of a focus on risk management, conduct risk and risk culture by boards of directors to establish an increased awareness of the importance and cost of regulatory requirements.