By Lewis Cox, Head of FinTech Risk, Deutsche Bank.
Insight ahead of the upcoming New Generation Operational Risk: Europe 2019 Summit in London (12-13 March).
For more articles and insights like this, become a member of the Center for Financial Professionals by making your free account here.
Lewis, can you please tell the Risk Insights readers a little bit about yourself and what your current professional focus is?
No problem, I’ve held a number of different roles across the industry in a relatively short space of time – which I believe reflects how the industry has changed. I started out selling FX & Rates OTC Derivatives in London and New York before a short stint in consultancy. This led to joining Deutsche Banks’ Risk Division acting as the Non-Financial Coverage Manager for the products I once traded. Over the past few years I noticed a ‘joining of the dots’ both internally and externally with respect to Financial Technology which sparked my interest.
I now lead a small area within the Risk function which solely focuses on the application Financial Technology, or ‘Fintech’. We are situated within Operational Risk, but are remit if cross-risk and bank wide. We partner with business lines to provide proactive risk oversight on items such blockchain, artificial intelligence, cloud & open banking. This facilitates the formation of fintech focused strategies, risk profiles and appetites which can be directly tied to the business line equivalent.
What, for you, are the benefits of attending a conference like the ‘New Generation Operational Risk: Europe’?What can attendees expect to learn from your session?
Primarily it’s to obtain a consensus on how the focus of Operational Risk (OR) is changing year-on-year. We have to remember that OR is, compared to other Risk disciplines, relatively new. Therefore concepts such as Three Lines of Defense and Risk & Control Assessments are still being perfected across the industry.
Equally it’s a fantastic means to connect with industry peers. As someone with a Markets background I enjoy meeting Retail & Corporate banks who have different perspectives and areas of focus. This allows attendees to return with insights and perspectives which are otherwise difficult to obtain.
In your opinion, how can we look to effectively challenge our own risk framework?
Firstly, it’s important to note that actively challenging the risk framework is a positive, and something that should be encouraged. A dynamic framework helps promote dynamic business for customers, which is why we are here at the end of the day.
In my opinion Risk doesn’t have to be complicated, even if the respective processes require a level of complexity for regulatory reasons or otherwise. Where the process prohibits open dialogue and proactive, honest assessment – they should change to do so.
On a personal level, the Fintech space has uncovered a level ‘force-fitting’ in respect elements including New Product Approvals, Vendor Assessments and Risk Taxonomies. These mechanisms are beginning to evolve to meet demand, even if the fundamentals are the same.
What are the key considerations that need to be made when exploring the risks and responses associated with AI and ML?
At a basic level AI and ML are forms of algorithms, which have been around for years in trading and analytics. While the basic “Model Risk” considerations do not explicitly change, the challenge is evident via increasing levels of complexity, autonomy, and application. At the time of writing there are two Hot Topics:
Firstly ethics; AI is rule based but will seek to define an answer with prominent certainty. This may cross ethical boundaries in respect to client data, privacy, and morality.
Secondly transparency. Advanced AI (Deep Learning) in particular is (sometimes) unable to explain to humans how a decision is made. This opens questions in terms of how it should be applied – a paradox between efficiency and transparency.
What are challenges and opportunities do Blockchain and DLT bring the organization?
Blockchain has been a hot-topic for a number of years and potential applications are well established, even if the regulatory landscape remain in flux. Primarily the concept of tokens and decentralization drives efficiencies in record keeping/transfer and promotes trust between parties.
However this opens a number of questions in respect to open and closed networks, and the transaction process which includes wallets, keys and the tokenization process itself.
Personally I believe blockchain is here to stay, but application will start to be honed over the next 12 months. IBM’s We.Trade is a strong example of ‘correct’ DLT application.
Looking ahead, what operational / emerging risk do you think will keep people up at night?
Business Model disruption is the big one for me. On one-side we are seeing an increasing number of bank and non-bank entrants into the market, with increasing digital appetite (and expectation) from consumers. This is underpinned by concepts such as Open Banking and PSD2.
Equally a digital arms race opens up a number of new and transitional risks which are unknown and hard to quantify. Financial institutions have an obligation to be the back-stop for security and consumer trust which requires risk management. Therefore the challenge is in ensuring we remain attractive and relevant to customers while applying a prudent level of oversight.