Data’s crucial role in advancing risk functions for financial services

Modern data management is essential to risk initiatives of 2023 and beyond.

By Neil Katkov

Advanced data management is a key force behind financial institutions’ risk modernization initiatives. Transformation of risk—including financial risk management, operational risk and financial crime compliance—is taking place to address two main needs. First, it must meet the risk challenges presented by growing customer-facing digital financial services (such as fraud and cybersecurity). Additionally, risk management must leverage new types of risk data that today’s increasingly connected digital world generates.

Meeting these needs requires digitization of the risk back office, with a focus on data management and analytics. Data chief officers and risk managers are reaching for better, more agile data. Celent estimates that global spending on risk management technology in financial services will reach $148.0 billion in 2026, up from $109.8 billion in 2023, a 10.5 percent compound annual growth rate. Of this total, risk data and reporting is estimated to reach $7.6 billion (5.1 percent of the total) in 2026.

Investments in data infrastructure can help banks execute cross-functional and cross-silo views of risk, improve responsiveness of their data governance initiatives, and strengthen cybersecurity. Emerging technologies, such as automation, artificial intelligence and cloud computing will help move these initiatives further.

Data management and analytics in financial risk

Contemporary business needs and regulatory requirements for financial risk are driving the market for advanced data management and analytics technologies. Specific risk needs, such as those within a particular business function or unit, are the catalysts for some of this progress. More broadly, financial risk management requires the flexible use of data, enterprise-wide, breaking down data silos.

Financial leaders are centralizing risk data in the cloud, accelerating development of AI algorithms, optimizing allocation of the data science resources that are often in short supply and improving data governance (such as for AI bias and model risk, in particular.) Agile consumption of data, enterprise-wide, is supported by API-based architectures. Paired with high-performance computing, these techniques facilitate real-time and near-real-time analysis of data, with use cases including crisis management, enhanced scenario forecasting, portfolio early warning analysis and on-the-fly stress testing.

Data’s throughline in risk management

Digital financial risk management uses modern data management and analytic techniques (including data wrangling and AI-enabled data linkage) for varied risk functions. For example, regulatory and business needs are behind the evolution in analytics to meet the banking regulations set out in the Basel Framework and required capabilities for asset liability management. For capital markets, alternative data and data management advances are improving the measurement and mitigation of counterparty risk.

The next generation of tech modernization and fintech for financial institutions’ risk operations will rely on the application of data in key technology areas in 2023, including:

1. Regtech, the practice of applying advanced technology to the operational functions that handle risk management and regulatory compliance, is supported in part by big data analysis, leveraging non-relational databases and high performance computing.

This complements other key advanced analytic technologies offered by AI: modern, bidirectional APIs that support the real-time consumption of external data, services and systems; and cloud-first, microservices-based solutions architectures, hosted by commercial cloud service providers, that enable agile development.

FIs can combine these technologies to advance anti-financial crime initiatives, financial risk management, and operational risk and governance, risk, and compliance. The regtech universe is transitioning from the period of experimentation by startups that was prevalent from 2017–2020. Full-scale implementations of regtech solutions have now been proven at large financial institutions, while other large banks are internalizing the technologies behind regtech.

2. Operational resilience, a significant theme for financial institutions, requires modernized operational risk management technologies. In particular, GRC platforms, which function as the “command centers” that monitor and manage operational risk functions—including IT risk, third-party risk and ESG risk—often suffer, as siloed data complicates the ability to capture enterprise-wide views of operational risk on a single GRC platform.

GRC platforms often have rigid data models and limited capacities to capture and process data. Fortunately, a new approach to integrated risk management is possible with large-scale GRC platform replacement initiatives, embraced by leading banks. This provides the opportunity to expand the data used for operational risk monitoring. Incorporating alternative data sets and external data (such as weather or climate data to help assess climate risk) can contribute to improved overall operational resilience.

3. Financial crime compliance is moving in a dynamic direction. Technologies such as AI models, low-code/no-code platforms and cloud-first solutions aided in the transformation of financial crime compliance over the past five years or so. Cognitive analysis of adverse media data, in particular, enables perpetual know-your-customer monitoring of customer risk. Continuously refreshed adverse media data allows for constant monitoring of sanctions lists or adverse media datasets. This dynamic risk assessment approach provides great advances compared to the traditional structure of anti-money laundering operations, which are typically static and siloed

4. Emerging risks, including ESG investing and digital assets, also benefit from risk departments’ initiatives to use data in their operations. For ESG, wealth and asset managers rely on corporate data services, with detailed screening and suitability rules, to evaluate investments for retail wealth products and institutional funds, for example. Financial institutions also need ESG data for their internal compliance with sustainability regulation. Similarly, the evolving crypto economy relies on the ability of FIs (particularly banks, crypto exchanges, and securities firms) to use data services and specialized crypto investigation software for the detection of hacking, fraud and money laundering.

Modern data management is essential to risk initiatives of 2023 and beyond. Breaking down data silos and incorporating additional varieties of alternative data will continue to enable the flexible and comprehensive use of data to meet risk needs as they unfold.

Neil Katkov, PhD, is a director in the risk practice at Celent, a global research and advisory firm focused on technology and business strategies in the financial services industry.