The last few years have been anything but smooth sailing for financial services (FS) companies. They’ve weathered a global pandemic, strained supply chains, geopolitical crises, stubborn inflation, and countless other disruptions. And while a new year is usually a time for fresh starts, all signs seem to show that volatility will continue to be a dominant theme in 2024.  

Right now, risks are all around – and they’re only getting more complex and commonplace. To stay ahead of them, a risk function can’t continue to rely on the same old strategies and solutions. The moment we’re in demands a different approach. Here are three key questions FS firms should ask to make sure their organisational culture is prepared to meet it.

1. How clear are peoples’ roles and responsibilities?

The Three Lines of Defence (3LOD) framework has long been the holy grail of risk management, ensuring there is clear independence across all three lines. But as the risk landscape becomes more complex and fast-moving, it has exposed weaknesses in the traditional framework.  

In certain cases, the 3LOD model can give rise to a silo mentality, leading to poor collaboration and communication between the front-office and the risk management unit – the first and second lines of defence. This can go on to create duplication of effort, disputed accountabilities and misaligned goals around risk management.  

To improve coordination across the 3LOD, everyone needs to have clearly defined roles within the framework. All team members should know how their individual roles fit into the overall framework and where their responsibilities lie and avoid grey areas. Otherwise, it can lead to situations where, for example, the first line stops performing certain activities, because they believe they are covered by the second line, when in fact this is not the case.  

This becomes crystallised during times of crisis. When individuals know the role that they must play and the actions they must take, it helps the entire organisation co-ordinate its response in a more proactive and effective way. 

2. Is your culture helping or holding you back?

Reflecting on recent banking crises, we notice a clear degree of interconnectedness, where risk in one area quickly spills over to others. At the same time, however, this connectivity does not extend across the business itself. Functions remain siloed, goals are not clearly defined or understood and there’s a lack of transparency between different teams.  

To deal with increasingly interconnected risks, everyone needs to work together – and that’s where risk culture becomes key. 

We know that over the next year, more organisations are going to embark on culture programmes. Why? Because they recognise that breaking down barriers is going to be really important to deal with the current and emerging risk landscape.  

To drive this transformation, FS firms need to ask deeper questions about their risk function and the business as a whole. Does the organisational culture empower people to speak up and challenge the status quo? Or are there strong forces which prevent this and lead to group think? Are people encouraged to raise concerns or are they advised to keep their head down and to stick to what they know? 

If everyone works together in a spirit of trust and transparency, this lends itself to greater accountability and more effective decision-making. For this, it’s absolutely vital to set the right tone from the top. Here, senior management must lead by example, showing the right behaviour and right actions themselves. 

3. Do you have the right tools and technology to support you?

Technology can be a great enabler to improve the efficiency of and insight from risk management activities. But many financial institutions find themselves weighed down by legacy systems and processes, which can stand in the way of digital transformation.  

We see many organisations using technology that was first introduced many years ago, in a very different landscape. They spend considerable time and money maintaining a web of complex, often disjointed systems that have been built up over decades, often as a result of legacy mergers and acquisitions. It’s also difficult for them to make updates to these systems and integrate next generation tech including opportunities to harness artificial intelligence (AI). 

There’s no easy way to overcome the barrier posed by monolithic legacy tech. For many firms, it’s like tearing up the foundations to a house and rebuilding them while you’re still living in it. But, at some point, modernisation becomes inevitable, and organisations will have to decide on what path they take to get there. With advances in technology and approaches to implementation, we are seeing exciting options for effective and cost sensitive transformation to take place with both the use of existing applications whilst improving overall architecture and moving to cloud. 

Ultimately, an organisation’s risk framework, culture and technology are closely intertwined. It takes all three working in harmony to drive effective mitigation of and response to risks. Plus, with the nature of that risk continually changing, FS companies can’t see these elements as a monolith either. Their approach to oversight and management needs to be flexible and adaptable in order to take on today’s threats and tomorrow’s opportunities.  

If you’d like to learn more about how Baringa can help shape your risk culture to build a more resilient risk function, please get in touch.

Our Experts

17152

Viresh Tailor

Expert in Financial Risk

Contact Viresh

Related Insights

Men playing dominoes

When risks converge, do you know how your financial dominoes will play out?

Addressing the interconnection between risks isn’t just prudent; it's essential for firms to safeguard their financial stability and remain resilient in an increasingly unpredictable world. But how can organisations go about building that all-important view of interconnecting risks and their potential impacts?

Read more
Man walking across frozen lake

Tackling your emerging risks

No one can know for certain what the future holds. But that’s no excuse for being unprepared when the worst does happen. We uncover how to build strong defences against emerging risks.

Read more
Workplace collaboration man and woman whiteboard

The importance of culture for risk management

When we ask Chief Risk Officers (CROs) what they are worried about, they usually mention specifics like geopolitical risk, credit risk, and cybersecurity risk. But their biggest blind spot is often the most important factor that influences how these risks are managed: culture.

Read more
Pit crew replacing tires on race car

Staying the course: strategies for managing intra-day liquidity

We take a deeper look at how organisation can apply Formula 1 strategies to manage their intra-day liquidity needs more effectively.

Read more

Related Case Studies

Man sitting on a sofa and making a payment on his laptop

Delivering regulatory change for UK building society

How can a UK building society deliver regulatory change while ensuring a great customer experience?

Read more
Professionals meeting at a train station

Keeping large-scale capital investment on track

How do you independently assess the governance and maturity of a multi-billion program?

Read more
A woman with glasses looking at a computer screen

Equipping a UK building society to fight financial crime

How do you create a technology platform that can stay one step ahead of financial criminals?

Read more
A woman standing up in a group of people pointing with her pen

Using regulatory change as an opportunity to strengthen and rationalise internal controls

As UK regulators plan an Internal Controls and Governance directive, this major insurer seized the opportunity to achieve its long-term ambition.

Read more

Contact us

Find out what we can do for you...

Get in touch