We found it interesting, but not necessarily surprising, that pound cake got its name from the fact that the original recipe called for a pound of each ingredient. Today, those measures have been adjusted somewhat, possibly due to the smaller size of our dessert plates? However much pound cake you want to enjoy, make sure that you clear your plate, as our parents taught us. Risk managers at community financial institutions (CFIs) have a lot to clear from their plates — and the pandemic has only accentuated their critical function. With increased digital banking, fintech partnerships, and uneven recovery in lending sectors, risk managers find they need to wear many hats and cover many areas to keep their institutions secure.Here are the top five areas that are keeping risk managers busy on a regular basis.1. Enhanced risk modeling post-pandemic. “Credit risk is a growing threat, and not just in the potential for defaults,” says one chief risk officer at a Midwestern CFI. Risk managers need to continue robust modeling of credit risks, as the fallout from the pandemic on certain industry sectors could continue for some time. Still, other sectors are ramping up to pre-COVID levels, such as hospitality and travel. So, the risk levels could be very different in your institution’s portfolio. Working closely with the credit and lending departments will ensure all bases are covered. 2. Cybersecurity, fraud, and BSA/AML. As digital transformation accelerated during the pandemic, so have exposures from cyberattacks, fraud, money laundering, and other financial crimes. According to PurpleSec, cybercrime surged by 600% during the pandemic. While there are many tools to access, risk managers can leverage increasingly sophisticated AI analytics solutions to monitor and potentially thwart threats from each of these types of exposures. Risk managers can also utilize readily available resources like the Financial Institutions Examination Council’s Cybersecurity Assessment Tool. A chief risk officer at another Midwestern CFI said, “We try to be proactive with our risk framework and build in processes so that if there is an opportunity on the business side…we already have controls in place and [can go ahead with the opportunity].”
3. Increased exposures with fintech partnerships. As more CFIs work with fintechs to launch new digital products and services for their customers, exposures to BSA and consumer compliance risks also increase. Risk managers need to collaborate with their counterparts at fintechs to ensure they are adequately complying with all associated regulations. If regulators call out fintechs for any lapses, then their financial institution partners could also be exposed to possible regulatory consequences – not to mention reputational risk. Partnership agreements should explicitly spell out the risk management expectations. They should include detailed steps to take, in the event of any breakdown in the process or cyber breach. If your institution is active in this area, you may also want to check the OCC and FRB web pages on innovation and fintech.4. More regulation. CFIs should expect more regulations coming down the pike – with the pace of new requirements continuing to quicken. Capital requirements under Basel IV will come into effect in 2023. A host of enhanced consumer protection requirements will likely be issued and the Community Reinvestment Act is set to be modernized for the digital age. BSA/AML requirements will likely be toughened. Lastly, the federal government will also likely impose new monitoring requirements on CFIs — including reporting tax frauds. With so much happening, it is important to stay on top of the latest changes. Risk managers can work with outside compliance experts to make sure they do this or possibly hire additional staff. 5. Evolution of the risk management function itself. As the pace of new exposures continues to accelerate across all areas, the risk management function has shifted, becoming more broad-reaching and pivotal. More and more CFIs are now following larger banks and designating chief risk officers to better strategize with senior management and the board on the impact of any new product or service on the institution’s overall risk profile. This new C-suite position facilitates collaboration across all of an institution’s departments and lines of business, to ensure everyone within the institution is appropriately managing risk within their particular domain.Another chief risk officer at a Pacific Northwest CFI says: “When I started in January of 2020, there were seven of us in the risk group. Since then, I’ve hired more than 30 professionals. I’ve done a big shift from being in the weeds day-to-day and now having to manage 30 very skilled professionals.”Risk managers are busier than ever today. It is important to understand the evolving nature of this role, in order to support them in their wide variety of responsibilities. Their list is long and its importance is high.
3. Increased exposures with fintech partnerships. As more CFIs work with fintechs to launch new digital products and services for their customers, exposures to BSA and consumer compliance risks also increase. Risk managers need to collaborate with their counterparts at fintechs to ensure they are adequately complying with all associated regulations. If regulators call out fintechs for any lapses, then their financial institution partners could also be exposed to possible regulatory consequences – not to mention reputational risk. Partnership agreements should explicitly spell out the risk management expectations. They should include detailed steps to take, in the event of any breakdown in the process or cyber breach. If your institution is active in this area, you may also want to check the OCC and FRB web pages on innovation and fintech.4. More regulation. CFIs should expect more regulations coming down the pike – with the pace of new requirements continuing to quicken. Capital requirements under Basel IV will come into effect in 2023. A host of enhanced consumer protection requirements will likely be issued and the Community Reinvestment Act is set to be modernized for the digital age. BSA/AML requirements will likely be toughened. Lastly, the federal government will also likely impose new monitoring requirements on CFIs — including reporting tax frauds. With so much happening, it is important to stay on top of the latest changes. Risk managers can work with outside compliance experts to make sure they do this or possibly hire additional staff. 5. Evolution of the risk management function itself. As the pace of new exposures continues to accelerate across all areas, the risk management function has shifted, becoming more broad-reaching and pivotal. More and more CFIs are now following larger banks and designating chief risk officers to better strategize with senior management and the board on the impact of any new product or service on the institution’s overall risk profile. This new C-suite position facilitates collaboration across all of an institution’s departments and lines of business, to ensure everyone within the institution is appropriately managing risk within their particular domain.Another chief risk officer at a Pacific Northwest CFI says: “When I started in January of 2020, there were seven of us in the risk group. Since then, I’ve hired more than 30 professionals. I’ve done a big shift from being in the weeds day-to-day and now having to manage 30 very skilled professionals.”Risk managers are busier than ever today. It is important to understand the evolving nature of this role, in order to support them in their wide variety of responsibilities. Their list is long and its importance is high.