What does the next normal hold for ERM – a critically indispensable banking function in the post-pandemic era?
With the resurgence of COVID-19 in several parts of the globe, we are currently grappling with the biggest black swan event of our lifetime. The crisis continues to unfold to this day, impacting several industry sectors and businesses of all scales and sizes. Even banks are not an exception to the pangs of the pandemic. In the current precarious and rapidly escalating situation, enterprise risk management has re-emerged as a potent interventional mechanism to effectively alleviate the impact of a crisis.
The prolonged uncertainty around COVID-19 has changed the perception of risk management as a function. The lines between traditional risk management, crisis management, and resilience are rapidly blurring. ERM in today’s context is highly evolved as a function and its success is rooted in an organization’s ability to foster productive partnerships with key stakeholders. Banks are also heavily investing in technology to enhance their risk management capabilities. They are increasingly using risk intelligence from external sources and data visualization techniques to improve decision-making and risk mitigation, among others.
What has changed and why?
Even after the last 20 years of continual enhancement, risk management is too often mistakenly thought of as a compliance function within banks. But while compliance regimes may work well for known risks with clear implications and proven mitigation strategies in a fairly static environment, the current situation is anything but static. The rise in regulatory activity related to ERM, brought on in part by the pandemic, has put pressure on industries, raising benchmarks and expectations of what constitutes a mature approach to risk management. The ERM function of today is entrusted with identifying new opportunities to deliver value in addition to addressing actual and potential threats.
Organizational management and stakeholders are realizing that ERM is part of their overall governance process, and internal controls, IT Risk, operational risk, resilience, and so on are its integral parts. The focus now is on honing their risk management capabilities, especially using technology, to enhance monitoring.
Let’s examine this change in the context of India’s banking and financial services sector.
Traditionally their focus was on credit and liquidity risk management; operational risk mitigation was limited to capital calculation. Now, the regulatory emphasis has drawn increasing focus to ERM. IT and business continuity risks are today considered a greater threat to banks than credit risk. This has fuelled a more comprehensive outlook towards ERM, in turn impacting the mindset of the CROs
Emerging trends in ERM in 2021
The Indian banking sector will see an increased focus on effective ERM to collectively reduce risk, accelerate performance, and meet the assurance demands of regulators. Some of the key trends anticipated going into 2021 include:
- Reduction in the compartmentalization of the risks: ERM, with its all-encompassing outlook on risk management, would contribute to setting up more comprehensive, robust, and forward-looking ERM frameworks at banks.
- More emphasis on IT risk management: While this is bound to happen, there will be added emphasis on proactively managing and monitoring business continuity risk as a separate business risk and not as part of IT risk.
- Third-party risk management will get a fresh spin: Not only vendor risk, but by adopting an effective ERM program, banks will be able to perform a forward-looking assessment on IT risk, reputational risks, business continuity risks, and so on.
- Quantification of operational/enterprise risks becomes important: This will be significant as metrics alone can determine the extent of risks, the severity, and ultimately the success of mitigation or remediation methods.
- Solution adaptability becomes vital to managing risks: The risk management function of banks or any organization can only be effective if it is enabling the business to react promptly and take immediate remedial measures. Technology will prove critical to enabling banks to gain this extent of agility
ERM landscape in the next normal
How can banks and FIs optimize their risk management teams for a more dynamic environment – that’s the billion-dollar question on everyone’s minds today.
In the current scheme of things, cultivating stakeholder trust would be paramount. This calls for the risk leaders of banks and FIs to think of innovative ways to engage the bank’s diverse stakeholder ecosystem and empower them in decision-making.
It is also critical for regulatory authorities to push for digital transformation in the banking sector. A digitally transformed organization will naturally be more adaptable to the changing business environment and more effective in mitigating risks.
Such a digitally transformed system would be key to increasing stakeholder confidence in a bank’s risk function. After all, informed decision-making requires accurate and timely data. Not only this, it will enable banks and FIs in delivering more relevant information, including predictive information, and in resolving the perennial complexities of keeping up with compliance controls, processes, and reports in response to new mandates.
Author
Kasthuri Rangan Bhaskar
VP, Financial Services Practice & Risk SME (Lead)
A profound expert in client-facing experience across the Globe in Sustainable Product Innovation, Strategy Development, Digital, Consulting, and Execution. His strong Technical and Functional Experience has led to scaling up team members consisting of Specialists, Architects, Scrum Masters & Storytellers
