According to a report published by Technology Business Research last week, IT investment among North American banks is on the rise, with one of the main drivers for this being data management. This echoes findings of research SunGard recently conducted into risk management trends and priorities among more than 750 of our banking customers in 60 countries. Over 50% of respondents confirmed that their IT budgets for risk management has increased or remained stable since 2012. In the US, 65% of banks see an increase in IT budgets for risk management compared to just 3% that expect a decrease.
All these statistics point to an encouraging wave of IT investment that many would argue is long overdue. The investment is there, but when it comes to risk management, will current bank strategy effectively guide this investment for the long term good? The view that banks are taking a short-term approach to risk management is not necessarily new, but in a world where regulatory tapestry keeps getting richer and IT budgets get bigger, why are we still being short-sighted when it comes to risk?
While it’s true that regulation is inevitably a major driving force for how banks are approaching risk management post-crisis, this also arguably creates a short-sighted view of what CEOs are classifying as key concerns and priorities in this area. Many would agree that banks worldwide are in a no-win situation as the rope of regulation gets pulled tighter, yet there is often lack of definition around regulatory requirements. This leaves the industry finding itself putting its risk management eggs in the basket of those who are shouting loudest. In the U.S. it is Dodd-Frank beating the stress-testing drum while in Europe the Basel III liquidity risk rules driving the risk management agenda.
Amid all the current compliance kafuffle, are banks putting profitability at risk by neglecting a longer-term view? Can banks strike a balance when it comes to formulating risk management strategies that address immediate requirements yet lay the foundation for a strategic risk framework that will help drive competitive advantage and profitability from sound risk management?
To explore these questions, we spoke to more than 750 firms across 60 countries about their risk management priorities and concerns. While the findings show there is more investment being made in the risk management area, it appears that a lot of resources are still being dedicated to addressing short-term requirements.
Key findings of SunGard’s risk trends research included:
C-level and management concerns towards risk and regulations appear to be reactive and short-term: Nearly 30% of respondents are concerned with current regulatory and economic uncertainty compared to concerns relating to having the right in-house risk management expertise and cultural challenges in aligning the front line with risk-taking goals, which are among the lowest at approximately 7%.
Changing priorities suggest reactive risk management planning: Only two of 10 risk priorities maintained the same ranking among global institutions in 2013 compared to 2012 (liquidity risk management and risk appetite framework). Capital planning is ranked by these firms as the second–from-last priority, having been one of the top three last year. The priorities of U.S. firms changed most in the area of capital adequacy assessment**, with economic capital falling from the top priority last year to number eight. The top four 2013 global risk priorities are liquidity risk management, regulatory capital adequacy, credit portfolio optimization and risk appetite.
Smaller banks lag larger counterparts in risk management progress: 15% of U.S. firms with <$10Bn in assets have no plans to develop a stress-testing process compared to all institutions with $10Bn-$50Bn in assets, which have either completed a stress test already or expect to develop one in the next 12 months. All banking institutions in the U.S. with >$50Bn in assets have completed an enterprise-wide stress test.
It is clear that turbulence in regulatory change is shaping short-term attitudes to risk management, which could affect future profitability in the financial industry. At a time when risk management budgets are increasing to respond to regulation, firms must begin to adopt a long-term approach to risk and compliance to help drive competitive advantage and future revenue. As the TBR report claims, increased IT investment is expected to change a banks operating model from one that is ‘run the bank’ to ‘change the bank’ led. This supports what needs to happen in a banks approach to risk management. It should not simply be about running the bank today and addressing regulations as they arise, but evolving the bank’s operational risk infrastructure to support a long term, proactive and strategic approach to the practice of risk management and regulatory compliance. Those that continue to view risk management as a tick-box exercise may struggle to successfully compete in the new, regulatory-driven era of financial services.
(Original source - RiskTech forum)