Rich Cooper is Global Head of Financial Service Go-To-Market at Fusion Risk Management.
What were the key theme(s) for your business in 2023?
In 2023, we’ve been working with customers to strengthen their visibility into high impact and unrealized risks, bolster their risk posture, and drive more dynamic and agile business continuity and operational resilience programs. This has been particularly important for financial institutions in light of growing regulatory requirements that expect them to document their important business services and identify vulnerabilities that could result in them breaching established tolerances.
We’ve been focusing on providing organizations with the tools that they need to balance evolving compliance standards while building a strong culture of risk management that engages all employees to act as risk managers, understand how their business operates, and stay one step ahead of potential risks. This has been key for financial institutions as they have sought to strengthen their business continuity and operational resilience programs in an ever-increasing geopolitical landscape to ensure that their organization can bend but not break in challenging times.
What industry trends have been prominent but are now fading (or will soon fade)?
The trend of siloed risk management teams is fading away – which is a necessary transition to ensure an agile and integrated approach to risk management, business continuity, and operational resilience in an increasingly complex landscape. In the past, different risk management teams (e.g., operational risk, cyber risk, and third-party risk) often existed across organizations in their own bubbles. That approach does not foster effective risk management nor does it provide a holistic view of risk across the organization. We expect more organizations to do away with siloed frameworks and instead integrate risk management from the top-down.
What are your expectations for 2024?
2024 will see more global regulators focus on operational resilience, cybersecurity, and third-party risk management – and financial institutions will need to work rapidly to stay ahead of deadlines and new requirements. Evolving regulations will require that organizations better align areas like operational resilience, compliance, cybersecurity, IT disaster recovery, and third-party risk management to address the regulators’ expectations around an end-to-end view (including all potential risks) on how services are delivered to the market.
2024 will be the year that the Digital Operational Resilience Act (DORA) really takes flight, as financial entities and their critical third-party technology service providers must comply with its standards by January 2025. Financial institutions will need to focus their continuity, IT disaster recovery, risk, third-party risk, and resiliency efforts to break down data silos within their organization and comply with regulations such as DORA.
Regulators will also work to ensure that financial institutions are modeling for severe but plausible scenarios in 2024. Traditionally, this required cumbersome and manual work as well as large resource allocation, but it didn’t provide actionable outcomes. We expect that organizations will leverage new technologies in 2024 to streamline scenario testing, reduce costs, and provide tangible business insights. That will include new solutions that utilize generative AI to help organizations comply with new regulations, tag assets and downstream dependencies, and conduct automated scenario testing with varying complexity and scope while also providing recommended next steps.