Risk Technology Awards 2022: No oil painting

For much of the past decade, the risk landscape might have been painted by John Constable. His lovingly rendered English idylls show gentle, cultivated land with no hidden perils, beyond perhaps the threat of an occasional cloudburst.

Today’s risk landscape is something else – an alien world – containing a mix of familiar and unfamiliar threats interacting in ways that can be hard to forecast. Constable would have struggled to paint it. Risk managers have to do something far more challenging.

This year’s Risk Technology Awards uncovered a vast amount of research and development work across the more-than-80 firms that made it onto our shortlists – some of it tied to broader trends and themes, such as the embrace of cloud computing, greater freedom for users to customise their software, or the push for real-time analysis. But there was also plenty of work that is illustrative of the new, more dangerous world, and its emerging, interwoven threats – the mutating dangers of Covid-19, the geopolitical, financial crime and compliance risks arising from Russia’s war in Ukraine, and central banks’ attempts both to curb inflation and withdraw their support from newly volatile markets.

“A big difference in the risk environment right now – having seen the Covid-19 pandemic, Russia invading Ukraine, and rising economic risks – compared to the way it was back in 2007 and 2008, is that nobody can say: ‘That’s a ridiculous risk scenario to model – it will never happen,” and that’s a great starting point for improvement,” says Lauren Kornutick, manager of market research and insights, and ESG leader for Fusion Risk Management in Chicago.

For this article, we asked some of this year’s winning firms about the challenges their clients face in the worlds of credit, enterprise and operational risk (market and other traded risks are covered in Risk.net’s separate Markets Technology Awards).

The full list of winners, along with a description of the awards methodology and this year’s judging panel, can be found below.

Supply chains and cyber crime

Non-financial risks were well represented, with many already propelled up the agenda by the global pandemic. Fusion Risk Management’s Kornutick points to supply chain threats as an example.

“With Covid-19 risk alone, it was more essential than ever for organisations to ensure their supply chains were extremely robust, and this has been seen in the statements of various regulators,” she says. In the UK, as part of its work on operational resilience, the Prudential Regulation Authority set a March 31, 2022 deadline for banks and insurers to identify and map important business services, set impact tolerances, and initiate a scenario testing programme.

This kind of work may have helped financial services firms think through the supplier issues raised when Russia invaded Ukraine in late February, but those firms also had to get to grips with their far-larger networks of clients and customers – here, work patterns shaken up by the pandemic had already introduced new points of vulnerability, or magnified existing ones. War in Ukraine made the situation worse.

“We’ve seen a massive increase in the breadth and depth of money laundering activities and all of the financial crimes associated with those, both in terms of the technology being used and in terms of the close and highly co-ordinated co-operation between different operating groups, including the support of state-associated agencies,” says Katarina Pranjić, AML compliance consultant for LexisNexis Risk Solutions in London.

“The scene for this huge upsurge in financial crime and fraud, particularly online, was set with the rapid acceleration in the use of digitalised services and platforms by consumers and businesses as a result of national lockdowns during the Covid-19 period, and it continues to escalate,” she adds.

“For example, from the time when the first sanctions were placed on Russia after it invaded Ukraine, through our Financial Crime Digital Intelligence [FCDI] solution and our Digital Identity Network, we were able to detect an extreme increase in transaction velocity – by around 30% in just 24 hours,” says Pranjić.

“Given the timing, this was likely to be indicative of increased online consumer payments, rather than a spike of fraud attempts,” she adds.

But it can be hard to be sure. LexisNexis recorded a 250% increase in transactions using virtual private networks and Tor browsers that aim to ensure a user’s anonymity, says Pranjić. There was also a surge in cryptocurrency payments “to the degree that only 10 days after the invasion, online transactions paid for with crypto overtook traditional fiat currency payments for the first time ever,” she says.

Faced with a blizzard of transactions – as well as a rapidly expanding set of sanctions regimes – banks and other firms faced a series of challenges. First, keeping up with the new requirements they faced; second, working out how to apply them in different jurisdictions around the globe; and third, staying on top of ever-changing ownership structures of companies on the sanctions’ radar, many of which are front operations hidden within corporate structures of Byzantine complexity.

“The current sanctions environment is broadly not focused on countries but specifically targeted at individuals or companies, and details relating to these people can change incredibly quickly,” says Pranjić.

So can the prominence of the risk itself, of course, raising questions for banks about whether they have the right mix of controls in place. One of this year’s winners has an app for that.

“In our platform, operational risk data can be benchmarked across all of our network members in order that our member banks can identify and remedy incomplete or inappropriate control inventories and judge whether their risk exposure is appropriately aligned with their peers,” says Graeme Wynn, chief technology officer for Acin in London. “This approach also allows our members to harness our data science and AI to build a network between tier one banks’ custom algorithms for every customer, presenting data in a new way using metrics they can trust, understand and use for business-critical decision-making, and this will be critical in dealing with the current situation in Russia and Ukraine as well.”

He adds: “The idea of co-operation among naturally competitive banks may seem strange to many, but operational risk is a cost business and not a profit-generating one. So it needs to be as efficient as possible because if one bank gets it wrong then another bank might feel the negative consequences of that, and they know this.”

Default risk on the rise

Covid and Russia’s war also collide in the world of credit risk – along with a host of broader, macro factors. As central banks struggle to bring inflation under control by hiking rates and tapering or ending their bond-buying programmes, the environment for consumer, corporate and sovereign borrowers is set to become far harsher.

“Overall, the risk of recession in the US and Europe in the near term is top of mind for our customers globally,” says David Hamilton, a managing director at Moody’s Analytics in New York. “But whether or not a recession officially occurs, it’s already clear that credit risk will increase, possibly sharply, over the next 12-plus months.”

According to Moody’s Investors Service tracking, the global corporate default rate touched 0.8% in December 2021 – its lowest level since the 2008 financial crisis – but has begun to edge higher.

“The average probability of default – a forward-looking measure of credit risk – tracked by Moody’s Analytics for US companies has increased to 6.5% over the past year, a sign that actual defaults will rise by about 45% over the next year,” Hamilton says.

While recession risks in Europe and the US are rising – now a one-in-three possibility according to Moody’s Analytics’ in-house economists – Hamilton does not expect a significant jump in unemployment. “Nonetheless, inflation impacts households’ ability to service debt and could raise household debt delinquency and default rates, and consumers are facing rising interest on secured and unsecured debt,” he says.

Against this backdrop, and traceable back to the beginning of the Covid-19 pandemic, Hamilton highlights that many corporates have taken on significant amounts of additional leverage. “Despite being in a strong position relative to 2008, financial institutions, corporates, and individuals are still vulnerable to higher credit risk, and the Fed may only achieve victory over inflation by potentially significantly raising interest rates to curtail aggregate demand – in other words, by deliberately engineering a recession,” he says. “Moreover, it is unlikely that governments will step in to provide emergency support like they did in and around 2008.”

Sovereign borrowers will not escape the pressure. Already this year, Russia and Sri Lanka have defaulted. Moody’s Investors Service downgraded Mexico in July, and the bonds of 19 emerging market borrowers are currently trading at distressed levels, Hamilton notes.

However severe the coming storm, some argue it will not rival the systemic stress of the global financial crisis (GFC) because banks and other market participants are better equipped to deal with it. Simon Chard, a managing director with third-party risk platform KY3P at S&P Global Intelligence in London, points to analytics improvements as an example.

“Access to more data of a higher quality, greater transparency, and more of a joined-up approach between different business elements does mean, in my view, that the world is better prepared for any crisis such as that it faced in 2007–2008,” he says.

“The recent severe challenges of Covid-19 and Russia-Ukraine, and the robust response of the risk management industry to those has also allowed risk departments to bring these new approaches, technology and systems to bear on work that was done after the GFC and to marry those two things together for new risk modelling purposes,” he adds.

Others credit the post-2008 overhaul of bank prudential standards, and a general upgrading of the risk management function.

“Back in 2007 and 2008, there were liquidity risks in combination with other risks – notably credit risks being underpriced, poorly measured and overexposed – with risk managers being in the back of the room doing a compliance job rather than in the front of the house making decisions about what banks should be doing,” says Steven Good, director of ALM and liquidity risk product management at SS&C Algorithmics in London.

“Today, risk management has a much more prominent position across the board, and the high-quality liquid assets that banks hold represent a significant part of the banks’ balance sheets, well over 10% in many cases,” he says.

Other regulations have compelled banks to hold more equity capital and fund more of their lending with deposits and other stable funding, notes Good.

Delays and divergence in implementation, however, remains a concern for some. “There is some procyclicality in this, and not in a positive way,” says Luis Jesus, advisory industry consultant for risk research and quantitative solutions at SAS in Lisbon. “The worse market conditions become, the less financial institutions in various areas want to have more rules and regulation introduced. We’ve seen continued delays to the final implementation of the Basel III measures.”

While those rules are still being rolled out, the world itself has changed and is changing – making it difficult for any bank to understand its exposure and the adequacy of its capital and liquidity holdings, Jesus argues. He sees this driving a growing need for powerful portfolio simulation.

“In many ways, I don’t think it’s possible even now to understand all of the impact that the Covid-19 pandemic has had on banks’ balance sheets, so we don’t know exactly how that will pan out, especially as interest rates rise and if growth declines. On top of this, we’ve already seen some warnings about vulnerabilities in real estate markets around the world, or about downgrades and defaults in China. All of this will have further impact on the credit portfolios of banks going forward, thus driving a need for more sophisticated ways to simulate these future impacts to their businesses,” he adds.