FRM杂谈丨利用新科技加强风险管理成为董事们的重点关注
行业资讯 | 2019-01-21
战略执行和理解风险是美国企业联合会(National Association of Corporate Directors, NACD)“2019年上市公司治理调查”参与者们认为最需要改进的领域。
NACD的总部位于美国弗吉尼亚州阿灵顿市。在这一组织的去年12月发布的年度旗舰调查中,“董事会对战略执行情况的监控”和“董事会对影响公司业绩的风险和机遇的理解”均被68%的受访者提及。大约500名董事参与了这一调查,其中大约五分之一来自金融行业,近四分之三是独立董事。
其他三个亟待改进的领域是:董事会对战略制定过程的贡献,与管理层对话的质量,对风险管理的监督。它们分别被超过六成的受访者提及。》》更多金融证书相关问题点我咨询
Source: NACD
这些结果覆盖了调查进行的12个月中,董事会层面关注的各项指标。 参与者还罗列了影响其公司治理的五大趋势,排名较高的是监管环境变化(49%),经济放缓(48%),网络安全威胁(42%),商业模式中断(40%)和地缘政治波动(39%)。
NACD总裁兼首席执行官Peter Gleason表示:“董事们正在关注监管和经济环境的变化,这可能会影响他们公司明年的发展。这些风险往往互相关联,导致业务不确定性增加。对管理层而言,发生风险的可能性难以预料,且其不利影响难以在短时间内缓解。”
董事们关心哪些科技进步的影响?
The report noted that “exponential technology change and disruptive threats from more agile competitors have increased the stakes of successful digital transformation.” While boards “are challenged to deliver meaningful oversight of this fast-moving target,” they were advised to “look beyond the hype of new technologies and focus their oversight on how digital changes are affecting the company’s industry, its customers’ preferences, and the company’s strategy, business model, and core products.”
The combination of – and potential interconnections among – economic, geopolitical, competitive, and technological (including cybersecurity) risks is a recurring theme in boardroom and enterprise risk management barometers like the NACD’s.
In the 2019 Executive Perspectives on Top Risks, a joint effort of consulting firm Protiviti and the North Carolina State University ERM Initiative, based on a survey of 825 senior executives and board members in multiple industries, the top 10 risks cut across digital transformation, regulation, cybersecurity, privacy and identity, and change management.
A key finding here, too, indicated concerns with risk management and a willingness to invest more in it. This was especially pronounced among organizations with $10 billion or more in revenue and in the financial services sector, suggesting a desire to “better inform their risk oversight processes.”
不断变化的风险部门
The EY-Institute of International Finance ninth annual Global Bank Risk Management Survey turned a spotlight on digital transformation, and its November 8 press release was headlined, “Risk Management Function Must Evolve to Become Trusted Advisors as Banks Reinvent Themselves.”
When senior risk executives in the survey were asked about risk priorities over the next 12 months, the most-mentioned response by far was cybersecurity, at 81%. Next in line were credit risk (46%), regulatory implementation (43%), non-cyber operational risk (41%), and risk technology architecture (39%)。 In contrast to the consistent rise of cybersecurity – it increased four percentage points from the eighth survey – regulatory implementation slid by 15 points.
The respondents, representing 74 banks in 29 countries, said that their companies’ boards placed similar emphasis on cybersecurity (84%)。 That was followed by regulatory implementation at 41%, and three at 39%: risk appetite, credit risk, and conduct risk.
Conduct risk for boards jumped by 15 percentage points from the year before, while for the risk executives it fell by 11 points, to 30%.
EY-IIA attributes the differences to boards’ “strategic vs. management mandate. Conduct, culture and reputation are all more important to boards.” Resilience concerns among the respondents included overall cyber risks (80%), prolonged internal IT outages (64%), third-party outages (64%), data availability (41%), IT obsolescence (39%), critical data being destroyed (39%), and financial resilience (32%)。
技术影响
Mark Watson, EY
New technologies are seen having a material impact in fraud surveillance (72%), financial crime (68%), modeling (57%), credit analysis (57%), cybersecurity (57%), and know-your-customer activities (57%)。 But the survey suggests that risk management functions can do much more to leverage new technologies.
“Risk management will always have a critical role in protecting the franchise,” said Mark Watson, deputy leader, EY Americas Financial Services Center for Board Matters. “However, now it must take on a trusted adviser role to help enable sustainable growth and inform banks’ digital and technological transformations. Risk management has to deploy new technologies across its own activities, which inevitably will necessitate new operating and talent models. Otherwise, risk management will be left behind.”
“Working closely with CROs at our member firms, it is clear that the transformation of the risk management function is accelerating, influenced by new digital and technological innovations,” commented Andrés Portilla, IIF’s managing director of regulatory affairs.
“Technology enables the risk function to transform, but it also raises new challenges around cyber security, the use and accessibility of data and operational resilience, on top of broader concerns such as the implementation of new regulatory rules and supervisory expectations."
网络安全问题
Women Corporate Directors, having previously listed top 10 boardroom concerns ranging from reputation and technology to governance of innovation, in November put out 7 Questions Boards Need to Ask about Artificial Intelligence and Other Transformative Technologies. They include: “Where can we deploy new technologies and retrained talent in our organization?” and “How are we vulnerable to attack, and what are we doing about it?”
In the NACD survey, board members were found to be generally confident about managements’ “ability to address the impact of major business trends,” though there was relative lack of confidence in the areas of business-model disruption, technological disruption, geopolitical volatility, and talent deficits.
Even as cybersecurity demands more and more risk management attention, the corporate directors say they are getting better at addressing it.
Eighty-one percent say their boards’ understanding of cyber risk has improved over the last two years, 58% say their boards collectively know enough to provide effective oversight, and 52% believe that they personally have sufficient understanding to perform that role.
Perhaps contributing to the confidence levels is that 50% say the quality of cyber-risk reporting by management is far better than it was two years ago.
Because “threats are nearly limitless and constantly mutate,” NACD said, “Directors must assume that their current understanding of cyber risks has an expiration date.”
完善下表,48小时内查收全套FRM备考资料
.jpg)
.jpg)
FRM官方交流群:909308278(点击直接加群)
▎来源金程FRM,更多内容请关注微信号金程FRM。原创文章,欢迎分享,若需引用或转载请保留此处信息。
相关标签 FRM一级
