a customized risk management function?...the risk management function is at the heart of key banking...

A Customized Risk Management function?Operating model of the Risk Management function: challenges and practical experience in terms of transformation levers

The Risk Management function is at the heart of key banking challenges: growth and profitability management, regulatory compliance, operational efficiency and digital transformation. These are in fact the four structuring dimensions of the CRO agenda for 2020.

In order to address these constantly-evolving challenges, the Risk Management function must undergo a transformation, and to do this, there are several levers at its disposal that can be used to bring about changes in either its organization, or in its processes, IT systems or data.

Centralizing the function is the first organizational lever and is often the first step towards resource-sharing and an accelerator for spreading the Risk Management culture across the organization. The benefits of resource sharing with Finance, or with the Compliance function, can be even more far-reaching provided that one finds a balance between the different cultures. Regardless of the extent of resource-sharing, while selecting the location for carrying out the activities of the Risk Management function, it is important to find a balance between seeking efficiency and maintaining business proximity. Near-shoring often emerges as a clear winner for implementing this “smartsourcing” strategy.

The different Lean Management techniques are powerful levers for optimizing Risk Management processes, as part of the continuous improvement approach. When combined with process digitization, it also supports the digitization of business lines and helps transform the Risk Management function itself. New technologies, especially those linked to big data, analytics and data visualization, have found their initial areas of application in risk management that seem to be particularly promising. Data quality is therefore particularly important for the Risk Management function which has much to gain by investing in a robust Data Management structure, backed by dedicated data governance.

Given the pace at which the environment is changing, there’s a sense of urgency to transform the Risk Management function, specially in terms of the digital dimension. Although a uniform model is not required for all Risk Management functions, its successful transformation does require changes in the CRO profile.

3

1. What are the CHALLENGES of the Risk Management function? What LEVERS can be used to address these challenges?

2. What changes can be brought about in terms of the ORGANIZATION?

- Centralization - Resource-sharing - Sourcing and location

3. What changes can be brought about in terms of PROCESSES, IT SYSTEMS and DATA? - Lean management - Digital levers - Data Management and Data Governance

Conclusion

Preamble

Table of contents Pages

4

4

5

6

7

7

9

10

12

13

5

Preamble

The need to improve operational efficiency

Today, more than ever before, the Risk Management function is at the heart of the banking business. Nevertheless, there are very few studies that have taken its specificities into account and most of them often tend to reduce it to a simple ‘support’ function.

However, the Risk Management function is clearly different in terms of its:

� Close association with the bank’s governance to ensure the resilience and predictability of its revenues,

� Direct relationship with regulators who have been in a constant pursuit to tighten prudential requirements since the crisis of 2007, and which is not going to stop anytime soon,

� A strong overlap with business processes and the IT systems that support them, which are under immense competitive pressure, and are thereby, required to make a constant effort to improve the operational efficiency

Capitalizing on its knowledge and experience of having worked on several projects with Risk Management Departments of major international banks, through this publication, Capgemini Consulting would like to share its point of view on different dimensions of the Risk Management function’s operating model.

This publication reflects the strategic choice of Capgemini Consulting in general, and in particular, that of its center of expertise for Finance, Risk and Compliance, of focusing their efforts on the transformation needs of Risk Management departments, linked to changes in the banking environment, and for enabling them to meet all prudential regulatory and compliance requirements.

In the first part, we will discuss the key challenges that the banking sector’s Risk Management Departments have to face today in terms of regulatory compliance, operational efficiency, better growth and profitability management and digital transformation.

We will then review the two major categories of transformation levers that can be leveraged to address these challenges.

Our project experience

For each type of lever, we have expressed our convictions on the expected benefits and the prerequisites for their implementation within Risk Management Departments. At the same time, we have also highlighted other points of view written by Capgemini Consulting experts where readers can find other additional bits of information and insights on these transformation levers.

Our convictions are backed by concrete real-life examples of projects carried out with major international banks.

FRCFINANCE, RISKS & COMPLIANCE

Sharing our vision on the efficiency levers

6

What are the CHALLENGES of the Risk Management function? What LEVERS can be used to address them?

7

1. A management challenge (growth and profitability)

Unlike a traditional corporate function, Risk Management is a function that cannot be dissociated from business processes, and in some respects, is more similar to a business function performed at the heart of the bank’s management processes. The Risk Management function cuts across organizations and operational processes and is required at all levels: locally, close to the operations staff, and at the Group level, to have a holistic view of the Group’s risks.

This regulatory context is constantly getting more and more cumbersome for banks (e.g.: Basel IV is on its way) and thus requires regulatory watch in order to foresee the requirements, anticipate their impacts and be better prepared to tackle them.

What are the CHALLENGES of the Risk Management function?

Today, major banking groups are confronted with a difficult economic environment and rapid technological changes. They have to face an increasingly restrictive regulatory framework, under the threat of heavy fines and a significant risk of tarnishing their image in case they deviate from the “established code of conduct”. They must therefore address four major challenges: (1) drive & manage their growth and profitability, (2) ensure compliance, (3) optimize their operational efficiency and (4) master their digital transformation.

These are all challenges that need to be addressed by the Risk Management function of banks.

The CROagenda

Regulatory complianceGrowth and profitability

Operational efficiency Digitization

Maintain business proximity

Share resources with other functions

Optimize the location of risk management activities

Capitalize on Lean methodologies to improve risk management processes

Instill a culture of data quality, backed by dedicated governance

Make the most of the digital lever to transform the Risk Management function

Support the digitization of business processes

Turn constraints into opportunities to transform the Risk Management function

Spread the Risk Management culture

The CROagenda












2. A challenge in terms of regulatory compliance and the code of conduct

Furthermore, the regulatory context is getting increasingly stricter for banks (across all functions), especially for those in Europe.

Requirements such as the BCBS239 thus emphasize the need to strengthen the governance of the Risk Management function.

Additionally, in view of the IFRS9 standards, it is necessary to reconcile the accounting and prudential standpoints.

8

3. An operational efficiency challenge

Source: CC Intelligence

Example of a leading international bank – 2016 data

4. A digital transformation challenge (digitization)

Whether it is to keep pace with the business (e.g.: online loan approvals) or to improve its own efficiency, the Risk Management function is compelled to use digitization to remain relevant in its environment.

New techniques applied to risk management (e.g.: Big data, Machine learning, etc.) are useful in taking better decisions at lower costs.

As a matter of fact, a growing number of employees have already started working towards digitizing the Risk Management function: today, Risk Analytics represents 15% of the function’s workforce, which will reach 40% by 2025.

These four challenges shape the agenda of CROs (Chief Risk Officers) for the year 2020:

About 2% of the bank’s total workforce About 1.3% of the bank’s total workforce

vs.RISK COMPLIANCE

The CROagenda












These four challenges shape the agenda of the CROs (Chief Risk Officers) for the year 2020

At the same time, as in every other financial institution, the Risk Management function – which already has a relatively small workforce in European banks – is also required to continually reduce its operating costs.

The CROagenda












The CROagenda












9

What changes can be brought about in terms of the

ORGANIZATION?

What changes can be brought about in terms of PROCESSES,IT

SYSTEMS and DATA?

Centralization of the Risk Management function

Establishing an SSC for the Risk Management function

Sourcing and location of the Risk Management function

Optimization of risk management processes using Lean

Use of digital levers

Data management and data governance

What LEVERS can be used to address the challenges of the Risk Management function?

To meet the challenges of improving risk management, regulatory compliance, operational efficiency and digital transformation, banks have two types of levers at their disposal: they can either work on the organization, or on the processes, IT systems and data.

Each of these levers is discussed in detail in the following chapters.

The transformation plans analyzed by our Corporate Business Model approach can generate savings of nearly 10% over a period of 3 years, split between:

1. Process optimization: savings of 50%

2. Smartsourcing: savings of 40%

3. Digital: savings of 10%

Transformation initiatives shouldn’t be constructed in silos. It is indispensable to have a cross-functional strategic vision for all departments

- Group CRO of a major European

bank .

Capgemini Consulting has extensive project experience and an innovative Corporate Business Model (CBM) approach for each of these transformation levers

10

PENDING

What changes can be brought about in terms of the ORGANIZATION?

Centralization of the Risk Management function …the first step towards sharing production resources

11

� The decision to centralize is firstly justified by the need for consolidated management and better risk control at the Group level:

- As a corporate function, the Risk Management function gains direct and hierarchical access to local Risk Management representatives. This ensures that it has better visibility into loan files, portfolios and indicators related to local risks.

- Another advantage of centralization is that it strengthens the position of the function vis-à-vis global supervisors and regulators by presenting a united front for all entities.

- And finally, centralization facilitates resource-sharing between Risk Management representatives of Business Units (BU), particularly with respect to regulatory watch and production of regulatory reports.

Note: this internal resource-sharing within the bank could open up opportunities for wider resource-pooling, for example, by setting up inter-banking platforms.

� However, Risk Management in not just about defining rules and decision-making. It also performs the role of providing banking expertise and advice to business development managers for decisions that involve risk-taking (credit ratings, origination, product creation, risk modeling, etc.)

- For these other projects, centralization is rather counterproductive because it transforms a partnership relationship into a relationship of control. Owing to this situation, BUs often end up building their own separate expertise, which results in duplication of structures.

- In its business advisory role, we could, in certain cases and by analogy, equate the Risk Management function to a management control function. These two functions overlap sometimes as is the case, for example, in managing the net cost of risk.

� Centralization of the Risk Management function should also be assessed in relation to the governance of its natural partner, the Finance function.

- If the Finance function is itself centralized, the local levels of both the functions might risk being caught between two hierarchies – Finance and Risk Management – all the way up to the Group’s top management.

- Their collaboration is essential to ensure business management, impairment accounting and prudential reporting.

Major group-wide regulatory programs, such as IFRS9, are an opportunity for the bank’s Risk and Finance functions to learn how to work together.

- IFRS9 Program Director of a major

European bank.

12

Centralization of the Risk Management function …a guarantee for effectively spreading the “Risk Management Culture”

Our project experience:

Context

Limitations

Benefits achieved

Centralizing the operational controls (2nd line of defense) within the Risk Management function for a major European banking group, which were previously carried out by the bank’s Compliance function.

� The Compliance team was independently responsible for some of the operational risks and mainly took care of Level 2 controls for its “area of expertise”, i.e. the risk of non-compliance.

� To respond better to regulatory requirements and to increase efficiency, all activities pertaining to operational risk control were consolidated within the Risk Management function.

� Risk of complicating the working relationship with business teams (that are in charge of the 1st line of defense) that may end up re-creating their own internal control teams, which can lead to duplication.

� Risk of losing the expertise of teams specializing in compliance, which have been moved over to the Risk Management function.

� The “Risk Management Culture” was spread widely, and better adherence of the ‘code of conduct’

� Alignment of control activity models associated with all risks, including operational risks

� Resource-sharing between operational risk control teams

� Better responsiveness to the requirements of regulatory bodies and easier integration within risk management committees (e.g.: operational risks taken into account within credit committees)

13

Establishing an SSC for the Risk Management function …which could sometimes face difficulties in coexisting with the finance culture

� To address the challenges related to operational efficiency, the Risk Management function, being a corporate function, can opt for a shared organization structure to achieve productivity gains (mainly in terms of report production and control activities). For example, most banks often think of pooling the reporting activities of the Credit Risk function with that of the Finance function, and in fact, some of them have already pooled their report production resources (teams and IT systems) from these two functions.

� Nevertheless, there are limitations to sharing the Risk Management function the moment you start considering it as an ‘expert’ function catering to the monitoring needs specific to each business team on the one hand and having to respond to the new requirements of various regulatory bodies on the other.

� For the Risk Management function, it involves determining the level of expertise required to ensure that the service rendered by the Shared Service Center (SSC) is optimal and that its governance is not too complicated, so as to find a balance between the needs of the various clients of the SSC, amidst a regulatory environment that undergoes frequent changes.


Benefits achieved

� Consolidation of production resources at the Group level (data warehouses, tools and control and certification teams)

� A shared centre for regulatory watch

� Built the capacity to deploy across new entities or to meet new reporting needs

Resource-pooling is not enough to wipe out the differences between the Finance and Risk cultures:

� The dual relationship between finance and risk de facto leads to sacrificing internal management needs over regulatory reporting needs.

� As a result of centralizing all production activities, entities start feeling less accountable for their reporting and for data quality at source, which risks creating mere “data cleaning centers” at the corporate level.

� The diversity of banking businesses hinders consolidated management that can be analyzed on the various reporting axes common to the Group and to the entities.

Limitations

Setting up a Shared Service Centre for a major European banking group for providing expertise related to regulatory compliance and producing regulatory reports required by several legal entities.

Scope: French (SURFI, PROTIDE) and European reports of the EBA (FINREP, COREP) and internal credit risk management reports

The creation of the regulatory SSC enabled us to cope with the significant increase in regulatory reporting requirements of the year 2015 (Basel 3, new FINREP, and FSB), while maintaining the same headcount

- Director of the regulatory SSC of a

major European bank

14

Sourcing and location of the Risk Management function …finding a balance between efficiency and business proximity

� As with all support functions, the objective while selecting the location for carrying out the activities of the Risk Management function is to achieve economic optimization based on lower unit costs and economies of scale, which typically leads to the creation of large-scale SSCs in low-cost countries.

� However, the location choices of the Risk Management function are equally constrained by the organization of its natural partners: the business units, regulatory bodies and the Finance function. This results in finding the middle ground which integrates both:

- The specificities of the SSC’s client entities and their local regulators: for the SSC to function efficiently, it must adopt a client approach in its dealings with the entities, which is facilitated by sharing a common language, a time zone or by having expert teams that specialize in local regulatory specificities.

- The location of finance activities to which risk activities are linked: the various activities for producing credit or liquidity risk indicators can in fact generate strong synergies with accounting activities or activities for producing performance management indicators (P&L, balance sheet), for which they all share the same input data and interim results.

� The optimization of SSCs/Hubs must therefore be considered globally for the Risk and Finance functions on the one hand, and for each homogeneous set of client entities, on the other. And finally, these choices must anticipate the changes in regulatory requirements (e.g.: reducing the production time which requires carrying out activities in parallel that were carried out sequentially so far) or IT systems (e.g.: unification of sources, thereby reducing the need for reconciliation) in order to ensure that the benefits achieved are sustainable.

Benefits achieved

� While looking for optimization through SSCs, the choice of organization by process (or activity) versus by client entity was at the heart of discussions because it directly affects the choice of the location.

� The choice was customized according to the level of constraints weighing on each entity (e.g.: local regulatory requirements, resources available locally) and by reasoning by the type of activity (e.g.: certification of management data, production of indicators, and accounting reconciliation).

Limitations

� Increase in the number of local regulatory specificities and the need for autonomy in terms of reporting

� Risk of giving up alignment of processes and tools, which is the source of productivity gains


Optimizing the allocation of finance and risk reporting activities between the different SSCs of a major universal bank.

15

Sourcing and location of the Risk Management function …several “rightshoring” models possible

� “Rightshoring”, which is better known for its preferred models such as outsourcing or SSCs, is a more complete concept with two dimensions:

1. The location

2. The legal jurisdiction (insourcing / outsourcing)

� …that can help define four “delivery” models

� Given that Risk Management is seen as a strategic function for banks, the question of “rightshoring” was considered much later by this function as compared to most of the other corporate functions (e.g. Finance, IT, etc.). Nevertheless, the players of this sector have today achieved a high level of maturity.

� Although cost optimization is the main driver for “rightshoring”, it is always combined with other motivations/reasons such as improving the service offering through better allocation of tasks and extensive access to scarce resources.

� Almost all activities (transactional, modeling, etc.) can be candidates for rightshoring except for the most critical ones (e.g. risk policy). The strategy of “rightshoring” by activity is based on its level of maturity (organizational and on “rightshoring”) and on the company culture.

� The choice of the delivery model will depend on the activity concerned and on inherent factors such as the sensitivity of information processed, the frequency and nature of interactions with other group functions, etc.

� The choice of geography will depend on the financial attractiveness, the bank’s local presence and the availability of talent.

� Although Asia continues to be a preferred geography to house the activities of the Risk Management function, the trend is headed towards consolidating activities into centers of expertise that are closer to major regional hubs, for greater physical and cultural proximity.

Capgemini Consulting carried out a benchmarking exercise with 12 banks on their motivations/reasons for “smart sourcing” the Risk Management function.

Captive nearshoring

Nearshore outsourcing

Captive offshoring

Offshore outsourcing

OWNERSHIPCAPTIVE OUTSOURCE

LOCA

TION

OFFS

HORE

NEAR

SHOR

E

Our study:

CC publication on “Rightshoring of Risk function in Financial Services”

Illustration 1: the rightshoring matrix

To address the risks of turnover, cultural shifts and geopolitical risks, we opted for nearshoring by favoring cities where low-cost decision-making centers are located

- CRO of a large universal bank

16

What changes can be brought about in terms of PROCESSES, IT SYSTEMS and DATA?

17

Using Lean techniques to improve risk management processes …looking for efficiency as part of the continuous improvement approach

� Risk Management requires the implementation of complex decision-making processes (modeling, credit ratings, loan approvals, putting on the watchlist, and provisioning), involving the collaboration of different types of expertise and many hierarchical levels to arrive at a decision. These processes must however be integrated into business processes without significantly weighing or slowing them down. Added to this are the report production processes with their share of reconciliations and checks within a restricted timeline.

� Lean techniques can be used for analyzing the causes of process failures with greater granularity and objectivity and to collectively build improvement plans that help save time, effort and quality.

� In the context of the Risk Management function, Lean Management seems particularly well-suited for addressing the following challenges:

- Supporting regulatory changes

- Improving risk management while controlling costs

- Deploying a uniform methodology applicable to the entire risk perimeter

- Generating synergies across all components of risk management

- Applying digital to Risk Management processes

� Principal areas of application of Lean Management in the Risk Management function:

- The most relevant efficiency levers for the modeling process, tend to, for example, limit the need for meetings by focusing them on the most significant changes (e.g.: new models, new risk segmentations, etc.) and by implementing lighter and well-equipped control processes for simple recalibration of parameters.

- Close monitoring of the validity dates of ratings is especially beneficial for the credit rating process as it allows workload management and smoothing out peaks in workload linked to the seasonality of publishing financial statements.

- For loan approval, watch-list and provisioning processes, optimization can be achieved by carrying out the following actions: reviewing the delegation thresholds, creating a repository of limits to facilitate automatic checks, formalizing processes and automating workflows, and sharing the case files from one quarterly closing to another.

- Lastly, coming to report production, it is encumbered by a number of manual reconciliation or restatement tasks which can easily be handled by RPA (Robotic Process Automation) technologies that provide quality, security and speed of execution in addition to the optimization brought about by Lean.

18

Using Lean techniques to improve risk management processes …a combination of Lean tools to support Risk Management processes

Context

Methodologies used

� A poorly-documented process, with very little communication between stakeholders

� A poorly-monitored process, with known, but unresolved issues

� Several meetings that weren’t action-oriented (more than 25 official meetings for each quarterly closing)

� Several, voluminous deliverables (more than 80 pages for certain case files, several versions of the same deliverable, several formats)

� Value stream mapping for facilitating process description

� Ishikawa and the fishbone diagram for identifying the root causes

� The ‘Be Lean’ Management System

� The A3 methodology for speeding up problem resolution

� A quarterly review process backed by KPIs as part of the continuous improvement approach

� A process description and as-is assessment shared with everyone

� Identified and fully assessed the root causes of the problems encountered

� Reduced the time spent on drafting deliverables by 50%

� Created a dedicated community for monitoring the provisioning process and for ensuring its continuous improvement

Benefits achieved


As part of this project, we applied Lean techniques to the provisioning process within a large European bank.

19

Using Lean techniques to improve risk management processes …the possibility of combining several levers: Lean and Digital

Our study:

Capgemini Consulting has studied how to leverage Lean Management for the digitization of the Risk Management function.

Use Case of the Risk Management

function

How should the Risk function

adapt to the digitization of

business lines?

How can the Risk

Management function

benefit by going digital?

Lean & Digital Levers

Strengthening controls and alerts

Digitizing decision-making processes

Reducing the number of meetings thanks to collaborative tools

Ability to generate predictive models

Setting up dashboards for monitoring the consumption of credit limits, changes in the net cost of risk and explanatory / underlying factors by using a large volume of internal and external data, etc.

Strengthening data quality checks (e.g.: preventing duplication of data in data repositories, etc.)

Doing away with redundant meetings that could be avoided by using other means of communication and through new working methods

Streamlining KPIs and making quantitative presentations more insightful

Retracing the data lifecycle and identifying the causes of non-quality (data lineage)

Validating

Forecasting

Measuring and

monitoring

Improving the

reliability

Going paperlessCollaborative tools

Visual Management Data visualization

“Data learning”

Big DataMachine learning

20

Using Lean techniques to improve risk management processes …a combination of Lean tools to support Risk Management processes

� Digital transition is not an option: it is a must for both the Risk Management function (e.g.: increased use of statistical models which is encouraged by regulators, as a substitute to “expert opinion”) and for business lines (e.g.: making sales processes paperless).

� The digital transition is a valuable source of indispensable levers for mastering the new challenges of the Risk Management function, mainly by helping to reconcile the highly dissimilar cultures that weren’t really integrated so far:

- between those who decide the loan approval rules in theory and those who take decisions on a case-by-case basis

- between those who have to explain the results and those who design the statistical models that produce the results

- between those who explain past results and those who predict future results

- between those who design the models and those who make operational decisions

� For this reconciliation, it is necessary to provide tools for visualizing the results, enabling the user to intuitively explore the contribution of different modeled impacts, using different types of media (e.g.: screens, tablets, etc.), by navigating between various views of pro forma results (“all other things being equal”), and all this, for portfolios and periods of his/her choice.

� Furthermore, technologies linked to Big Data and Data Science are in the process of profoundly updating statistical methodologies that are at the heart of risk measurement:

- By broadening the types and sources of data taken into account, for example, as is possible through a patent filed by Facebook to provide banks access to the credit scores of a loan applicant from its member database

- By updating the tools used for applying statistical algorithms in favor of open source tools, supported by academic research, like R or Python replacing traditional tools like SAS

� Paradoxically, although risk departments were traditionally the early adopters of all topics/issues related to modeling, today they seem more reluctant to adopt these new methods that have found their initial areas of application within banks in marketing or HR functions.

� This hindrance gets further magnified by the recommendations of regulatory bodies that wish to limit the differences/deviations between internal models developed by banks. This also makes them more conservative in terms of the statistical methods used, at the risk of further increasing systemic risks owing to all stakeholders behaving in the same way.

� We believe that the predictive models of new methodologies will finally prove their worth through their sheer performance, as is evident in the initial application of machine learning for modeling liquidity behaviors, by extending the set of potential drivers taken into account and by industrializing their continuous back-testing.

Digital is only an enabler in our transformation journey. It should not be an end in itself.

- CRO of a CIB division in a major

European bank

21

Transforming the Risk Management function using digital levers …between digitization of businesses and new risk management technologies

Benefits achieved

� Intuitive presentation of modeled results

� GUIs that can be used on tablets, enabling business users to gain a deeper understanding of the impacts of the various drivers, without any delays in terms of data availability

� Risk of cultivating complexity for the sake of complexity; it’s important to find a balance between having extremely sophisticated models and the ability of stakeholders to interpret the results obtained from them.

Limitations


Supporting a major European bank in designing a set of dashboards & reports of modeled impacts and in selecting an advanced BI tool to equip its modeling specialists and analysts for dealing with different types of risk.

22

Transforming the Risk Management function using digital levers …digital solutions: what is their potential in the banking sector?

Capgemini Consulting has assessed the impacts of new technologies – Data Management, Analytics and Data Visualization solutions on the key activities of the Risk Management function.

Our study:

Data Management

Data collection / Data enrichment Database / DataLab

Analytics

Modeling / Assessment

Data Visualization

Dynamic analyses

Granularity / instantaneity

Expertise

Methodologies

Certifications

BusinessActivity Analysis

AnticipationGroup Functions

Risk Policy

Risk Validation

Operational Monitoring

Risk Analysis

Monitoring and controls

Portfolio Analysis

Support Functions

Reporting

Business Analysis

IT

Digital

23

Data Management and Data Governance …levers for operational efficiency and regulatory compliance

� Risk Management is entirely based on the quality of data used to detect and measure risks. The levers of good data governance and professionalization of data management are therefore essential for the efficiency and effectiveness of the Risk Management function.

� Data quality is the result of a significant and coordinated effort of implementing and monitoring various operational processes in the lifecycle of data as well as the IT systems that support them. ECB’s report following the Asset Quality Review (AQR) demonstrated the shortcomings of the existing systems, and the Basel Committee clarified the “BCBS239” principles that shall help master data quality and risk reporting, both of which are indispensable to the Risk Management function.

� These three levers can be used to improve data quality:

- Formalizing data ownership is an important lever to standardize the definitions and avoid deviations between various uses (operational, regulatory, and internal management) of the same data, and to clarify the governance of data repositories and warehouses.

- Another lever is to ensure that the principle of “polluter pays” is strictly applied and followed within the organization, wherein the teams/departments that create data as part of their operational activities are required to own and resolve the non-quality detected by others who use their data.

- A third lever, yet to be fully explored, is to leverage big data approaches, such as “data learning”, to identify, or even correct non-quality.

Benefits achieved

� Broad awareness about the importance of data, its quality, and the allocation of sufficient resources to address these issues

� Meeting the requirements of the ECB (European Central Bank) as part of the post-AQR and SREP exercises

� Working on data is a good lever even if it is more difficult to translate this into concrete actions, because it is often closely linked to the transformation of processes or tools which already have their own governance model

� Risk of unnecessarily creating multiple committees and reports

Limitations

Capgemini Consulting has developed a point of view on the key success factors to be put in place to make the most of Data Management opportunities.

Our study:

Implementing data governance and close monitoring for ensuring compliance to BCBS239 at the group level for a major European bank.

CC publication on “Data Management: it’s time for the big jump!”


Transforming the Risk Management function using digital levers …digital solutions: what is their potential in the banking sector?

24

Conclusion : the Risk Management function and the urgency to change it

The Risk Management function and the urgency of transforming it

The urgency of transformation

Is there a need to adopt a uniform model for the function?

The challenges of the Risk Management function, mentioned at the beginning of this publication –management, prudential, economic and technological – are rapidly changing, which brings us to conclude with one last conviction: that is, the urgency and speed of transforming the Risk Management function.

Although the transformation levers are common for all banks, there is no single operational model that banks should aim for. In fact, given the close overlap of the Risk Management function with BUs and Finance, which we have amply highlighted throughout the POV, the function has to essentially adapt its model according to the level of interaction it has with the different stakeholders of the bank.

As discussed earlier in this publication, to transform itself, the Risk Management function can leverage a variety of complementary levers. Among these, the digital lever is of particular importance because it is at the heart of the overall transformation of all banks and their environment, clients, employees and partners.

The digital transformation of the society will make a radical distinction between banks that leverage the digital lever and those that accept it passively: the transformation of the Risk Management function can and should play a key role in creating this differentiation.

Lastly, changes in the CRO profile are also important to succeed the transformation of the Risk Management function.

The traditional qualities of the CRO are still essential:

- A strategic vision is indispensable to rationalize the bank’s risk appetite

- Good expertise in the methods used for measuring the various risks

The importance of the digital lever

What should be profile of future CROs?

But other qualities have also become equally fundamental:

- A strong ability to communicate with other cultures: BUs, finance, and regulatory bodies

- Experience of multi-dimensional transformation projects

- Being well-versed with transformation levers, with a particular focus on data management and digital solutions

Rightshore® is a trademark belonging to Capgemini

Capgemini Consulting is the global strategy and transformation consulting organization of the Capgemini Group, specializing in advising and supporting enterprises in significant transformation, from innovative strategy to execution and with an unstinting focus on results. With the new digital economy creating significant disruptions and opportunities, our global team of over 3,000 talented individuals work with leading companies and governments to master Digital Transformation, drawing on our understanding of the digital economy and our leadership in business transformation and organizational change.

Learn more about us at www.capgemini-consulting.com or @CapgeminiConsul

With more than 190,000 people, Capgemini is present in over 40 countries and celebrates its 50th Anniversary year in 2017. A global leader in consulting, technology and outsourcing services, the Group reported 2016 global revenues of EUR 12.5 billion. Together with its clients, Capgemini creates and delivers business, technology and digital solutions that fit their needs, enabling them to achieve innovation and competitiveness. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business ExperienceTM, and draws on Rightshore®, its worldwide delivery model.

Learn more about us at www.capgemini.com

About Capgemini

Capgemini Consulting is the strategy and transformation consulting brand of Capgemini Group. The information contained in this document is proprietary. © 2017 Capgemini. All rights reserved.

Stanislas de RoysSenior Vice President [email protected]

Julie MaheraultPrincipal [email protected]

Arnaud RichardSenior Vice President [email protected]

Jacques RicherDirector [email protected]

Samir SadakaVice President [email protected]

Aurélien GrandVice President [email protected]

Julie MaheraultPrincipal [email protected]

Contacts:

FRC Team Lead:

a customized risk management function?...the risk management function is at the heart of key banking...

Documents