Hans Helbekkmo & Cindy Levy. Olivia White of McKinsey & Company write in their whitepaper;
Publications, https://www.henrystewartpublications.com/jrm Creating the bank enterprise risk management function of the future March 2020 Institutions, Volume 12, Number 4, Autumn/Fall 2019, Henry Stewart Publications, https://www.henrystewartpublications.com/jrm
Knowledgebase article : McKinsey & Company - Creating the bank enterprise risk management function of the future
Banks today face an unprecedented pace of change and high uncertainty, dealing with significant threats ranging from bad employee behaviours to sophisticated cybercrime, trade wars and climate change. These trends severely challenge the formulaic approaches to enterprise risk management (ERM) in place at many banks today. Our work supporting leading global banks convinces us that ERM functions must transform themselves, so they can guide their institutions through threats and opportunities while simultaneously meeting the expectations of all stakeholders. This paper discusses the abilities that the ERM function of the future will need, across three dimensions:
- Delimiting the bank’s appetite for risk taking: supporting banks to set limits on risk taking dynamically, accounting for the institution’s values, strategy, skills, and competition.
- Detecting new risks and weaknesses in controls: working with businesses and functions in an agile way to understand new threats and changes to existing ones.
- Deciding on the risk management approach: implementing more agile governance processes and approaches to risk mitigation and controls.
Enhancing these abilities requires ERM to take four steps:
- Define its own vision and mandate for creating value for the bank.
- Shift its ways of working in core areas, with an agile approach that applies cross-functional teams and rapid decision making.
- Set its responsibilities beyond the core in areas of risk management that benefit from transparency and coordination with businesses and functions.
- Ensure the right ERM talent, with new capabilities and knowledge, including a better understanding of the business, digital innovations , and agile management.
The TMR Takeaway
Digitisation of risk requires ground up thinking, a new blank slate to enterprise risk management. Digital risk systems need to integrate from frontline assurance through governance and risk functions and into Internal audit functions. Evolving the risk landscape with a green fields approach to acquire risk and control information instantly and wholistically across your organisation.
Only when Enterprise Risk Management is digitally integrated with tools such as QC Health or QC Three can risk functions automatically detect risk and control weaknesses, ERM are supported with QC Health and QC Three real-time digital risk. enbling analysis of the organisations underlying drivers of risks.
Adoption of new risk technology and digital integration is the first and crutial step in achieving the Enterprise Risk Management function of the future.