Banks and insurers are increasingly optimistic and believe they have come far in strengthening risk management, according to a survey conducted by the Economist Intelligence Unit for SAS. Yet, regulatory compliance ironically may distract attention from emerging risks while the prevalence of a silo-based approach at many organizations hampers risk management at an enterprisewide level. The researchers surveyed 346 senior risk management executives in the financial services industry in February 2010.
With 75 percent of respondents confident about revenue growth and 68 percent positive on the prospects for profitability, confidence levels have doubled since the survey for last year's EIU report. But complacency is still a risk. Respondents cite uncertainty over future regulation as the main barrier to effective risk management. For example, banks face tighter capital and liquidity buffers under proposals dubbed the "Basel 3 rules." The demands of regulatory compliance could eclipse a risk manager's focus on day-to-day risk management.
Although 60 percent of respondents in the EIU survey have a clear risk strategy, many see gaps in risk expertise. Stress testing is the area where there is the greatest need for expertise, after compliance and governance.
Silo-based approaches to risk management still plague financial institutions; fewer than half of respondents believe they understand how risks interact across business lines. Many institutions need to strengthen risk management programs to meet more diverse and frequent reporting requirements from the board: only 47 percent say they can provide timely and relevant risk reports to their boards.
Enterprise risk management remains a work in progress in the banking and insurance industries. A common denominator in enterprise risk management surveys over the years is the dissatisfaction with data quality and availability, a view that's echoed in this year's survey too. Only 39 percent of respondents believe they are effectively collecting, storing and aggregating data. Four out of five companies surveyed are increasing investment in data quality and integrity. Over-reliance on risk models and problems with data that populate those models are judged as key failures in financial risk management.