As banks and financial institutions navigate through 2021, new challenges for risk management continue to emerge. The challenges posed by the COVID-19 pandemic during 2020 continued as several countries took measures that constrained the economy as a whole. It can be generally agreed that uncertainty is the new norm, and therefore risk management has become more critical for success than at any other time in history.
Based on the Global Islamic Banker’s survey, risk management emerged as one of the top concerns for Islamic bankers in 2021 as a result of unexpected events such as the pandemic and risks related to information technology which are challenging factors affecting risk management.
Review of 2021
During 2021, banks were super busy working in terms of combating unprecedented situations, fast-changing technologies and consumer behavior, more complex regulations and greater external threats. This was mainly driven by the pandemic which continued to pose challenges as well as opportunities for banks to transform their overall operations.
Key highlights during 2021 in terms of the risk management landscape include the following:
• Enhancement of regulatory controls
Some examples include the UAE regulatory changes in managing risk related to Sukuk and Saudi Arabia strengthening liquidity risk for non-bank financial institutions. The pace of regulatory action on enhancing controls increased during 2021.
• Enhanced efforts by Islamic financial institutions on cybersecurity risk mitigation endeavors
As many countries continue to embrace digital transformation, the downside risk associated with the process is causing vulnerabilities in terms of cyber threats. It is worth noting that advancing digitalization can support the transformation of banks’ business models with an understanding to increase profitability in the longer run, but it also exposes vulnerabilities related to existing information technology (IT) deficiencies and susceptibility to cybercrime and operational disruptions.
Chart 2 illustrates the cost of data breaches as reported by an IBM report on security.
• Credit risk control measure
Several banks are opting to stick with low-risk financing. The weaker economic environment leads to deterioration in asset quality although such deterioration is likely to be episodic and sectoral in nature.
• Emerging trend in developing IT systems for risk management
During 2021, government policies surrounding public health practices, social distancing, return-to-work, crowd limits and other pandemic-related regulations and protocols had significantly impacted the performance of Islamic banks. However, many banks were able to successfully overcome the challenges and report a satisfactory profit as well as maintain adequate liquidity.
Preview of 2022
It is expected that 2022 will be a year of further heightening of risk management controls mainly induced by regulatory pressure and high uncertainty.
The integration of technology risk management capabilities with a broader risk strategy will be a top priority and must be aligned with enterprise and operational risk priorities that are supported through the use of technology, data and skilled technology risk professionals. The growing competition and rising uncertainty in the marketplace demand a more agile, data-driven approach to managing risk, and automation is the key to making this happen.
Fintech products and services may arise and affect the viability of the current banking model and planned strategic initiatives of traditional banking. The banks will have to take action to embrace the new technologies such as artificial intelligence, blockchain and machine learning. 2022 will see more regulatory controls being initiated in terms of regulating the fintech landscape, hence there will be more pressure on fintech companies and banks which are embracing digital technologies.
Financial institutions (Islamic and conventional) will need to continuously demonstrate resiliency and control effectiveness against expanded cyber and vulnerability threats resulting from the expanded use of digital platforms. The alarming cybersecurity statistics for 2021 are a call to take the risk management mission more seriously
Regulatory changes and scrutiny may heighten, noticeably affecting the manner in which banking services will be produced or delivered. Hence, there will be more emphasis on managing compliance risk during 2022.
Banks will be required to focus more on green initiatives and addressing climate change risk will be required of banks from 2022 onwards. The impact of climate-related risks is becoming more apparent to banks, and the pandemic has led to an increased focus on the need to speed up progress in the management and disclosure of such risks.
Operational risk and business continuity programs will be required to be reprogrammed to meet the new world of uncertainties.
There will be a scarcity of risk management professionals especially those with high strategic and technical capabilities. The future role of risk managers will be more operational as well as strategic in nature, hence it can be said that the chief risk officer (CRO) role will be transformed into a role not only as a CRO but also as the backup CEO from 2022 onwards.
Conclusion
It can be noted that the overall risk landscape has undergone rapid and material change over the past few months, with uncertainties remaining high in the short to medium term. The overall outlook for 2022 will focus on a more risk-driven culture and embracing new technologies.
Mohamed Afzal is the enterprise risk manager of the Risk Department at Saudi Home Loans. He can be contacted at [email protected].