Nearly nine in ten financial services firms plan to increase their investment in risk-management capabilities in the next two years in response to emerging risks of cyber security and fraud, according to a new report from Accenture.
The Accenture 2015 Global Risk Management Study – based on a survey of more than 450 senior risk-management executives in the banking, capital markets and insurance industries – found that 86 percent of respondents said their organizations plan to increase their investment in risk-management capabilities in the next two years, with one in four (26 percent) planning to increase it by more than 20 percent.
In addition, three in 10 respondents (29 percent) said their companies plan to increase by more than 20 percent their investment in Cloud/Software-as-a-Service (SaaS) and big data and analytics.
The report found clear evidence of the increasing impact that cyber security and fraud is having on financial services firms’ business and the risk-management function in particular. For instance:
* More than one-third (34 percent) of respondents said that understanding cyber risk will be the most-needed capability in their risk function.
* Nearly two-thirds (65 percent) of respondents said that cyber/IT risk will have an increased impact on their business in the next two years, with 26 percent saying that the increase would be significant.
* More than eight in 10 respondents (82%) said that emerging risks, such as cyber and social media, account for more of the chief risk officer’s (CRO) time than ever before.
"The combination of market forces, advances in technology and customer demands are pushing financial institutions to become more digital and requiring a broader range of skills from today’s risk management professionals," said Steve Culp, senior global managing director for Accenture Finance and Risk Services.
"Financial services firms are struggling to keep pace with the demand for people with highly specialized skills, such as cyber risk experts, business analysts, security specialists and fraud experts. To fill these gaps, most firms will have to look outside of their organizations — and the competition for the right people is increasingly intense."
The report indicates that the surging demand for talent by financial services institutions in recent years shows no signs of abating. While firms are focusing on enhancing their specialized skills, fewer than half (41 percent) claim to have extensive skills in understanding digital technologies.
Only 10 percent said that their risk function has the resources needed in specialized areas like emerging risks. Many respondents said that in the past two years, their recruiting has targeted cyber risk experts (cited by 48 percent of respondents) and fraud experts (36 percent), and 36 percent of firms said they have hired former hackers.
In response to today’s low-growth, low-return environment, financial institutions are focusing on new paths to profitability. As a result, risk appetites are increasing, although in a targeted fashion.
More than four in 10 financial services firms (43 percent) said they have a higher risk appetite for developing new products than they had two years ago, and more than one-third (36 percent) have a greater appetite for taking on major digital initiatives.
"At a time when the regulatory focus has never been keener, financial services firms are taking a hard look at their existing strategies and starting to identify where they want to extend their business to achieve growth," Culp said. "The willingness to accept greater business risks will also expose financial services firms to emerging risks – including cyber, data privacy, reputational, social media and new conduct risks – requiring risk professionals to play an enhanced role."
Nearly three-quarters (73 percent) of respondents said that managing emerging digital risks and the increased velocity, variety and volume of data challenge their ability to be effective. Fewer than one in 10 (9 percent) said that consistent and updated data is regularly available to decision makers across the organization.