This discussion commenced by considering the key risk areas as 3 distinct categories depending on times periods. Emerging risks might be considered as digital currencies and climate change; those crystalising in the next 12 months could be real estate, data protection and consumer debt levels, whereas employee attrition, fraud, financial crime and cyber security would be classified as more imminent. So Risk committees will need to determine the extent to which they can influence and therefore manage each of these risks.
This sparked a debate around to manage these and potentially influence each potential risk. For example:
- Risks around new and emerging legislation have limited ability for management eg the FCA bringing in consumer duty consultation which firms are needing to implement by April next year should provide higher level of consumer protection. This means that firms will need to focus on strategy and business objectives for good customer outcomes.
- When building a modern architecture around cloud infrastructure, it will be important, amongst others, to ensure a clear target architecture, strong data governance framework and strong vendor management
- Operational resilience is an issue for FS organisations and many boards now are reliant on external expertise around technicalities such as the migration of apps to cloud, concentration risk and IT infrastructure, all necessitating investment in board education.
- Cyber security gives rise to the need for stress testing and the importance of maintaining business stability whilst advancing organisation transformation must be balanced.
- The pandemic showed the sector could adapt to fast changing circumstances – the ability to set up remote working was impressive and banks worked well with government, showing strong technical ability was already in place.
- Regulators must strike a balance between regulation and enabling innovation.
- The expectations and demands around NXDs increase with regulation, and some are deterred by the element of perceived personal risk. The Board needs to ensure there is a commitment to and consensus of aims, but with a healthy dose of realism.
We look forward to announcing the next session in FWB Park Brown’s Financial Services series over the next few weeks.
David is a Chartered Banker, former External Member of the Bank of England’s Prudential Regulatory Committee, and former CEO of Clydesdale and Yorkshire Banks. He is also a former Chairman of CBI Scotland, a Past President of The Chartered Institute of Bankers in Scotland, and former Board Director of the British Bankers Association and Scottish Financial Enterprise. Currently David is an Independent Non-Executive and Chair of the EY UK Audit Board and Chair of EY Global’s Public Interest Committee. He is also a Non-Executive Director and Risk Committee Chair of Barclays UK. We are also delighted to share that David has just be announced as Chairman of Coventry Building Society an appointment he will be commencing in April this year.