Other parts of this series:
In the previous blog in this series, we discussed how digital threats—including those associated with the adoption of new technologies—make it vital for risk managers to update and enhance needed skills.
These skills are especially important if risk managers are to get the most out of innovative technologies. Smart technologies such as artificial intelligence (AI) and natural language processing (NLP) have immense potential to improve the effectiveness and efficiency of the risk function while mitigating risk exposure.
Fraud detection provides a good example. For years, financial services firms have used automation technologies to identify data anomalies that indicate potentially fraudulent behavior. Typically, these cases are passed to a human for further review. These reviews, however, often end with the determination of a false positive. Effort is expended for no benefit.
Technologies such as machine learning and the algorithmic review process get smarter over time, helping the system flag fewer and fewer false positives and guide risk managers towards the real fraudulent and criminal activities. And smart technologies can help mitigate risk in many other ways, identifying patterns of behaviors, linking groups and networks of bad actors and permit more robust forecasting processes around potential exposures.
What our study reveals
Our 2019 Global Risk Management Study participants also said these new technologies help them understand the effectiveness of their risk management activities, identify previously unknown threats and conduct scenario modeling faster. These are key capabilities in a highly disrupted and evolving business climate.
“Risk functions that ignore smart technologies do so at their peril.”
– Steve Culp
In fact, the study data reveals a strong correlation between deployment of smart technologies and robust risk-readiness. For example, 73 percent of risk functions that used machine learning were satisfied with their progress during the previous two years in preparing their business for volatile future scenarios, but only 45 percent of functions that do not use machine learning or advanced analytics are satisfied with their progress.
We also found 66 percent of risk functions that use machine learning are satisfied with their progress in addressing long-term vulnerabilities across the business, compared with only 48 percent of those that do not use machine learning or advanced analytics. These technologies also help by freeing up risk team members’ time so they can devote valuable effort to assessing and mitigating new and emerging threats, thus creating additional value for the function and enterprise.
The benefits of smart technologies may be significant, but risk functions’ use of the most sophisticated technologies is currently limited, frequently trailing the adoption in many other parts of their organizations. True, nearly all Risk Management study participants have started to use robotic process automation (RPA) to replace high-volume, low value-added tasks. But only half of surveyed risk managers apply advanced analytics such as AI and predictive modeling to their datasets. Only 10 percent apply machine learning to datasets to, for example, generate real-time sentiment analysis. This represents a large missed opportunity, given these technologies’ potential to help mitigate risk and improve the overall performance of the risk function and its professionals.
If the benefits of these technologies are so great, why aren’t more risk functions using them?
Data poses the greatest challenge
Cost might seem like the obvious response, but that is not the primary answer. For example, the risk managers we surveyed said cost is only the fifth most important obstacle to performing AI-based analytics. Instead, the greatest challenge relates to data. Data continues to be structured in silos, is of poor quality, or is unavailable. Another important challenge and hurdle among respondents concerns the integration of these new analytical tools with legacy systems. For many, the prospect of modernizing legacy systems to accommodate these new technologies is not yet a priority.
These obstacles are not new, nor are they insurmountable. Other business functions have grappled for years with these problems as they have deployed advanced analytical tools, and they have overcome them.
Data issues aside, risk managers should be mindful of any potential unintended consequences of using smart technologies to detect and prevent threats. For example, the algorithmic models used to assess credit risk should not contain biases that penalize certain individuals or groups unintentionally.
New technologies present significant opportunities for risk managers. In the next blog in this series, we will look at the need to use new data to address new and evolving risks.