Operational risk management in financial institutions: 5 key risks you need to know about
09 July 2021
2020 was a tough year for us all. Operational risk management in financial institutions faced difficult challenges in particular. Brexit, Covid-19, IT and data problems, theft and fraud, technological changes, and regulatory obligations are just some of the risks that caused organisations the most hardship during 2020.
Unfortunately, many of these risks have persisted into 2021. To understand operational risk in financial services, Risk.net and Baker McKenzie surveyed one hundred risk management professionals working within the financial services industry. They gathered insight that allowed them to establish broad risk categories that are a concern for the industry this year.
We’ve rounded up 5 key operational risks from this survey that financial services should be aware of as we continue to navigate yet another tricky year. That way, you can ensure your business is ready to meet these challenges, as well as be prepared to mitigate any emerging risks of the future.
1. IT challenges
IT disruption emerged as a serious risk last year as cyberattacks became more advanced and IT failures were a common occurrence. The situation was not helped by the seismic shift to remote working when the coronavirus pandemic took hold.
If contending with unstable WiFi connections, VPN failures, and even ransomware attacks is a reality you are all too familiar with, you wouldn’t be alone. As a result of inadequate security and weak technical infrastructure, financial services were victim to a 238% surge in cyberattacks during the pandemic. And the danger has continued into 2021.
Despite lockdown restrictions slowly lifting, remote working is unlikely to end completely. With hybrid working set to become the norm, we can expect IT challenges to continue throughout the remainder of the year while we adjust to these new ways of working.
2. Data breaches
In a similar vein, data breaches have surged since the onset of the pandemic and the consequent rise in home working. While this was noted as usually down to flawed processes and procedures, it was also due to employee mistakes or even deliberate wrongdoing.
As staff continue to work from home, it’s unlikely that cyberattacks and data breaches will ease up over the coming months. If you have not already put controls in place to reduce the risk of data breaches, it would be wise to do so. After all, failing to protect your organisation’s data could lose you the trust of your customers and have a detrimental impact on your reputation.
What’s more, data breaches can be costly. Financial services have lost $4.2 million per attack according to a recent report. It therefore goes without saying that the risk of data breaches is not one to underestimate.
3. Theft and fraud
Unsurprisingly, Covid-19 is a common thread among operational risk in financial services. Theft and fraud is another area where the impact of the pandemic can be seen. Financial handouts from governments have opened the door to fraudulent activity, as has remote working. Banks have also struggled to cope with the surge in customers using online banking during lockdown, as consumers were prohibited from visiting high street branches.
As we become an increasingly-digital world, there’s no sign that our reliance on online financial services – and the threat of theft and fraud that comes with it – will slow down in 2021. Already, digital fraud attempts have risen by 24% since last year.
4. Regulation, regulation, regulation
Although some regulators have eased off issuing fines during the difficulty of the pandemic, the risk of non-compliance with regulation is ongoing. March of this year, for example, saw the Financial Conduct Authority’s (FCA) deadline for SMCR come into effect after it was initially delayed due to Covid-19.
With new rules and requirements constantly being introduced, financial services firms need to be ready to deal with this rapidly changing regulatory landscape. Ensuring that non-compliance is considered within your risk management strategy alongside other operational risks is a good start. Although risk and compliance are often dealt with separately within organisations, coordinating your risk and compliance practices can help ensure that you are well-equipped to handle regulatory risk.
5. The wellbeing of employees
Employee wellbeing has been a hot topic since the pandemic hit, but it is only this year that it has surfaced as a top operational risk for financial services. And it’s no surprise as to why. Added to the general anxiety and uncertainty created by the pandemic, juggling a work-life balance continues to be almost impossible for some, with burnout being seen across many businesses.
Employee wellbeing may seem like a difficult risk to manage. We are, after all, unable to dictate government policy and decision-making surrounding lockdown restrictions. Nonetheless, employers must do what they can – and act quickly.
Worryingly, one recent survey has reported that 62% of financial services employees are considering changing careers. This has mostly been put down to a poor work-life balance – and that’s despite 77% stating that they felt supported by their employer during the past year. When it comes to the wellbeing of employees in 2021, organisations evidently have a challenge on their hands. If this threat is not effectively managed, financial services could risk losing staff.
How can operational risk in financial services be managed?
IT challenges. Data breaches. Theft and fraud. Regulatory obligations. Employee wellbeing… Traditional risk management processes may not be enough to cope with the varied operational risks of 2021, and a robust risk management strategy is a necessity for businesses.
Cyberattacks and data breaches, for example, are best dealt with using an enterprise risk management strategy (ERM). This method is proactive, reliable, and more suited to handling today’s risks. ERM also provides you with a greater senior-level view of the risks your organisation needs to manage, helping you to better collaborate, allocate resources and prioritise risks.
Risk management software also brings numerous benefits. If the pandemic has proved anything, it’s that operational risk management in financial institutions will need to ensure they have the best tools and strategies in place to ensure that their strategies are effective. Investment in technology, as well as adopting an ERM strategy, can support you. Find out more about ERM in our latest white paper: Who owns enterprise risk?
Who owns enterprise risk?
Learn more about ERM and how you can manage operational risk within your organisation.Download white paper
Related blog posts
Here are some more blog posts that you might be interested in.
When it comes to identifying, assessing and controlling risks in your organisation, there are two options to choose from. Though if the traditional risk management vs enterprise risk management debate is still going strong amongst your fellow coll...Continue reading
Risk management, and an organisation’s approach to it, is a matter that will have been make or break for many businesses in 2020, with the benefits of risk management software becoming more and more evident. The coronavirus pandemic and subsequent...Continue reading