Skip to main content

Simplifying risk technology for deeper insights and lower cost

Effective risk management will continue to become more challenging, and ultimately more costly, without fundamentally transforming how risk is managed and supported by technology.

Effective risk management will continue to become more challenging, and ultimately more costly, without fundamentally transforming how risk is managed and supported by technology.

In this next article in our series of new insights on innovation in risk and regulatory data and technology, we examine how reshaping of risk technology could yield significantly better risk effectiveness, cost and flexibility for Australian financial institutions (FSIs).

Better use of technology to support Risk Functions is a fundamental enabler of risk effectiveness outcomes. Organisations need to look for ways to use technology to drive better value through simplification opportunities as well as increase in capability. Specifically, in Financial Risk – look to deliver significantly faster time to decision, increased approval rates through advanced AI models and reduced banker effort. In Non-Financial Risk – better understanding and integration of obligations and a shift from a manual controls’ environment to a continuous and proactive data-driven, digitised approach. And finally, in Modelling and Reporting – enable aggregation of results for group-wide reporting, enable better and more timely business decisions. Better and more streamlined data use as well as moving to a service-oriented operating model are key enablers in Risk.

Overall, in most banks, the Risk portfolios are operationally stable and functionally rich. The richness reflects both increasing maturity of the Risk functions, and the ongoing series of regulatory investments in IFRS/9, Basel/2/3, AML/CTF, BCBS239, APS220 and others. These investments have driven automation of activities that were previously manual or not undertaken. However, given this constant change and in many cases, bespoke investment approach, there remain several challenges. For example:

  • Presence and consistency of golden data sources and risk-data.
  • Real-time data capabilities.
  • Meeting the regulatory reporting requirements for any future enhancements in time.

Although these challenges are not new, a new wave of technology innovation has created opportunities for organisations to simplify their technology environment, digitise and automate processes and optimise the use of data to create more value at lower cost to serve.

What are the top three ways to use technology and improve effectiveness in risk management?

Deciding to move to cloud can be daunting for risk leaders given the normally risk adverse nature of the business. However, many of the technologies underpinning cloud computing have been around for decades and have been proven to be extremely reliable. In addition, even the Australian regulators, with APRA at the forefront, encourage organisations to innovate around their technology. Yes, this must be done in a measured way, but using cloud is a well understood undertaking. Moving an application portfolio to cloud involves deciding which applications can be simply re-hosted or re-platformed and which need deeper work by re-architecting them or converting them to software-as-a-service models. By taking this measured approach, organisations can take most of the risk out of transformation and do so incrementally to minimise disruption.

By creating a Risk Data Hub eco-system with a focus on data-mesh and data products, organisations can benefit from a modern data architecture by:

  • Having improved access to and understanding of data.Having trusted and reliable information, managed through data quality and governance.
  • Having better compliance with regulatory requirements (such as BCBS239).
  • Reducing the cost of finding and rectifying remediation issues.
  • Having much higher self-service for business users instead of relying on IT projects.

The key difference here is that better organisation of data, enrichment in a central place and better data serving capabilities significantly increase effectiveness. It is far easier to self-serve to find data, create new reports or insights and use these insights in decisioning.

Moving to a service-based model requires a shift from “assets” or “platforms” and re-define the Risk business as a set of business services. Once these business services are defined, they can be linked to appropriate application services and subsequently to infrastructure services. The whole point of moving to service-orientation is that organisations gain the ability to manage and operate the business functions in a much more flexible and visible manner. This ultimately results in much more control over how to execute each individual service, how to scale them, whether to automate them or how to monitor them. This approach offers the ultimate approach in business control and configurability and creates the ability for businesses to alter how they operate rapidly to match external demands.

In the current climate, organisations need to be smarter in how they design their roadmaps. It is prudent to spend the time upfront on designing the right architecture, operating models and a holistic roadmap which can then be used to prioritise new initiatives. Incremental delivery and a steady progression to the desired goals is far more doable than a traditional, big-bang transformation.

Get in touch with the team at Deloitte to discuss how to take advantage of these opportunities in your business. We have the experience and the accelerators to support our clients through a range of delivery models.

Did you find this useful?

Thanks for your feedback

If you would like to help improve Deloitte.com further, please complete a 3-minute survey