Hunting for new MI and models
2018 sees the onset of various new financial market rules, bringing opportunities for a whole range of risk specialists. Any shortlist of the most significant changes would have to include: The extension of the Senior Managers conduct regime (SM&CR) into insurance, consumer credit and mortgages; and the new controls over capital modelling (FRTB), and data handling (GDPR).
The incoming controls over conduct and capital, in particular, have piqued firms into seeking out new risk methodologies to strengthen models and limit uncertainties around ‘non-modellable’ and ‘soft’ risk factors. During 2017, we saw the world’s financial regulators and capital supervisors already beginning to home in on behavioural and reputational risks, leading firms to revisit these and other ‘soft factor’ risks. In 2018, the hunt is on to find and develop new sources of management information to track, manage and report on these risks – and to recruit the people who can make the necessary changes happen.
A few of the more forward-looking firms have also mentioned to us that they’ve realised something useful: The newly mandated risk reports also create a source of competitive advantage – or at least a way to build business value and resilience. This coming year, we’re interested to see how many other firms will follow the lead set by the early adopters who are taking the route of competitive risk reporting.
As there’s a limited available group of people with skills needed to devise and validate new risk models, we expect to see firms intensifying their efforts to secure the best talents. Other related skills will also be in demand: for example, step forward anyone who knows how to validate machine learning, to explain to business heads how to derive value from new risk assessment techniques, and/or to roll out any of the new risk frameworks. Meanwhile anyone who can design and roll out OpRisk controls that deliver demonstrable value to the business will also be more popular than ever.
Protecting our tech backs: GDPR and Cyber
We’ve seen over the past year that regulators are perfectly willing to fine firms for ‘detriment’ caused to customers by tech failures, ranging from local ATM outages to hacker ransoming of entire contact databases. The scope of safe practice management in IT is growing, to include not just caring for your own systems but a host of new threat vectors, from staff susceptibility to ‘social engineering’ attacks to the risks arising from outsourced suppliers. Firms must now check for themselves that every link in the supply chain is compliant, or face a stiff penalty.
Staff vulnerability to cyber-scamming is one example of new forms of soft factor that OpRisk managers are expected to take on, even as classic financial risks have become better contained. As the nature of the threats changes, management of change has itself become an OpRisk niche where skilled practitioners can expect good rewards – especially if you can prove the business value of what you do.
We are seeing risk managers themselves evolving higher levels of insight and career ambitions, in response to all the challenges. Many are diving into the deep waters of behavioural science, which swirl around the new designs for Conduct and Culture reporting. Some Risk team leaders are investing in their own ‘reg tech’, AI, and other forms of machine learning. In the year ahead, we expect to see further rising demand for people who can engage with hard and soft risk factors – including quants, quals and big-data analysts; ‘reg tech’ and AI specialists. Big winners will be experienced people from various backgrounds, from trading to OpRisk to HR, who step up to the new risk functions emerging in response to Conduct, Capital, Culture and Cyber challenges. In all of these specialisations, whilst pure technical knowledge will always count, the people with practical know-how, market experience and insights will command the highest premiums. Whether you’re among the firms looking for some of this rare talent, or perhaps you’re one of those talents yourself – we look forward to a friendly chat. Happy New Year!