Global risk management survey, 11th edition executive summary
Financial organizations face challenges from nonfinancial risks such as cybersecurity, model, third-party, and conduct risk—as well as looming economic dangers—that will require institutions to rethink their traditional risk management approaches.
Despite the relative calm in the global economy, risk management today is confronting a series of substantial impending risks that will require financial services institutions to rethink traditional approaches. The global economy has strengthened, but storm clouds remain on the horizon in the form of tensions over tariffs between the United States, China, the European Union, and other jurisdictions that could potentially result in lower trade volumes. Global economic growth has been reduced by weak growth in Europe coupled with a more slowly growing Chinese economy burdened with increasing debt levels. With the lack of a final Brexit agreement between the European Union and United Kingdom, there remains significant uncertainty as to its impact for many firms.
While the tsunami of regulatory change in the wake of the financial crisis appears to have crested, financial services institutions are preparing for a number of regulatory requirements that are still to be finalized and assessing the full implications of implementing those that have recently been finalized. Meanwhile, global institutions are facing an environment in which regulations are becoming increasingly fragmented across jurisdictions. The revisions of the Basel Committee on Banking Supervision (Basel Committee) to capital adequacy and other requirements under Basel III, while finalized, have yet to be adopted, and could be revised, by local regulatory authorities. The International Association of Insurance Supervisors (IAIS) is working to develop a global insurance capital standard (ICS) with many issues still unresolved, including defining a valuation basis and specifying the role of internal models in determining capital requirements. The final agreement for the withdrawal of the United Kingdom from the European Union under Brexit, which is still being negotiated, will have important impacts on the supervision of markets and financial institutions based in the United Kingdom and Europe, and for investment banking booking practices and models. The EU’s General Data Protection Regulation (GDPR), which took effect in May 2018, places new obligations on all financial institutions that have EU citizen data to secure consumer consent for its use, among other requirements. Initiatives to increase data privacy have also been underway in India and China. There has been a greater focus on conduct risk in many jurisdictions, notably Australia’s Royal Commission into Misconduct in the Banking, Superannuation, and Financial Services Industry.