This is an excerpt from The Future of Risk Management and Compliance 2023 report.

Suptech will reduce threats with data analytics

Financial supervisor technology (suptech) uses innovative technology to digitise regulatory strategies and curate a more risk-based approach to financial supervision. Currently, suptech is implemented through data analytics and collection, which allows financial institutions to successfully apply these methods.

Regtech is the usage of new technologies to ensure regulatory compliance and reduce the percentage of human error. Regtech is estimated to reach $22.3 billion by 2027. GrantThornton reported that the regulatory solutions that fintechs are more likely to invest in the next 12 months are financial crime, horizon scanning, governance risk and compliance, regulatory reporting, and regulatory risk calculations.

The European Union is employing suptech tools that use data management to ensure limited human error in compliance. Currently, the EU has several tools live that collate data from sources to give an overall view of banks and interdependencies, read questionnaires from institutions and flag possible issues, and integrate information from various datasets on a relevant topic. These moves by large banking authorities to embrace suptech emphasise that it is a growing trend and will become more relevant in the risk and compliance field.

Data management is a key aspect in both regtech and suptech practices, as data analytics is the main source of how regtech and suptech technologies operate. Suptech applications were developed to improve the efficiency and capability of current supervisory enforcement methods through digitisation and automation. Suptech alleviates the time-consuming aspects and manual labour involved with supervisory compliance applications. Evolving with new technological application, suptech solutions are designed to analyse big data and enhance data techniques that are currently in use.

Another form in which data analysis is being used is advanced analytics, which includes predictive modelling, machine learning, and predictive methods using data science. Financial firms can apply advanced analytics technology to formulate risk and optimise risk exposures, accelerating the capabilities of their programs. Mastercard recently established an advanced analytics platform to form risk profiles and model banking loans.

APIs will continue to open up risk and opportunity

Applied Programming Interface software (APIs) allow various types of tech platforms to interact with each other and exchange data, essentially simplifying software integration. In context of risk and compliance, APIs are posing a new possibility for compliance facilitation. However, as APIs include involving third-parties in transactions, they are often the target of hackers and fraudsters.

APIs are utilised in open banking as they connect financial companies to businesses and consumers, providing them access to a variety of offerings through a single database. Open banking allows banks to curate products and services to the consumer thanks to API interfaces, making APIs key to the open banking ecosystem.

Currently, financial institutions are looking into how APIs can facilitate governance risk and compliance. API integration can offer consistency in applications. Centrally managed APIs can create a uniform brand image, and can also allow governance compliance to be concentrated all in one datacentre – through a single interface.

The centralised control that is facilitated through API integration can also allow companies to automate compliance. Constant communication between different platforms which is designed to encrypt data and catch errors in realtime can also be used to enforce agreements and control traffic according to regulatory requirements.

The future of risk management will evolve

Different financial organisations within the risk management field are finding new methods to reduce risk, and most of these new solutions lie in technological innovations that have been discussed above. Along with these solutions, various sources are pointing out other possible trends in the risk and compliance sector.

In regard to the innovations in risk management, Scanlon states: “More and more attention will be given to new and emerging technology and data risks. For example, regulators are paying more attention to algorithmic processes and model risk management, and in future, are likely to expect financial institutions to be able to demonstrate accountability for drift and potential overfitting risks. Innovation that centres on the traceability of decisions made within the organisation will become more prevalent over the course of the next year to address these and other related risks.”

Deloitte predicts that risk transfer instruments such as insurance and contracts will have a revitalised importance in risk management in both scope and function. Risk-sharing agreements can combat potential disputes and conflict and facilitate the establishment of predictive mechanisms.

Herard states that predictive protection will gain greater importance in coming years. Where companies were using qualitative exercises to measure compliance, there are now technologies that can prevent threats before they occur. He concludes: “We’re seeing predictive protection for e-communication surveillance, marketing brand safety, and regulatory change management, just to name a few. These innovations will continue to evolve throughout 2023 and beyond.”

A prevalent technology in managing risk is the application of quantum computing; it is being employed by major companies such as CME Group, Goldman Sachs, and the Royal Bank of Scotland, according to Barclay Simpson. The use of quantum computing in the risk management field could provide instant trading assistance and reduce strategic risk for institutions.

“With the impacts of climate change becoming ever more pronounced financial institutions will seek to place greater emphasis on assessing and managing climate risk though the development of new models that account for the physical, regulatory, and transition risks associated with a changing climate,” says Wright on future developments in risk management. “The increasing interest in the adoption of quantum computing by FIs, and continuing investment in start-ups in the quantum computing space, will lead to a range of potential applications such as climate modelling, energy optimisation, and portfolio optimisation.”

AI, behavioural science, and smart systems are gamechangers that can assist and possibly replace human-led risk management in the future. Monitoring risk has risen to a higher level due to the hyper-aware nature of new technologies that fuel how we are informed of risk. Though the ability to put an end to all cyber-threats is impossible, increased vigilance and resilience has increased. While the transition to digital platforms can make the depths of the internet seem like treacherous waters, organisations have identified emerging technologies as their North Star – a guide that can make unseen risk measurable and tangible where before there was only darkness.