Approaches to risk assessment and management are changing. There has been a radical alteration in the nature of risk in many sectors, in that the biggest threat that many companies now face is from disruption of their business model by start-ups. This has meant that traditional approaches to risk—the appointment of a risk officer, and identification of individual risks to be mitigated—are no longer sufficient. Risk now requires a whole-company approach.
In the financial services sector, however, ‘risk assessment and management’ still largely means assessing and managing individual credit risks. The regulatory requirements for this have been strengthened following the 2008 financial crisis, and one of the biggest challenges is to quantify the risks from digitization. Machine learning has a part to play in this, but there is a real question about whether regulators are ready for these new approaches to risk management.
Machine learning in risk management
Machine learning should provide significant advantages for risk management in the financial sector. It may, for example, help to open up opportunities to improve safety and security. Better algorithms should lead to more reliable credit decisions, based on relevant data, and hopefully not affected by human error. With such large quantities of data now available, it is asking a lot to expect any individual person to look at all of it, but a machine learning system will make light work of the analytics required.
Use of machine learning should also increase the efficiency of the risk and credit assessment process, by improving the models used. This, in turn, will speed up decisions, and therefore improve customer experience. It is not just that better models improve assessment on an individual basis, either. Better credit risk management leads to improvements in financial institutions’ exposure to poor risks. This, in turn, is better for the whole financial system, increasing trust and improving ratings.
Credit risk is not the only concern in the financial services world. Rogue traders and malpractice have cost banks and other financial institutions significant amounts in fines and reputational damage. Start-up Behavox is using machine learning systems to examine behavior of employees and compare it with those who have previously ‘gone bad’, with a view to identifying potential ‘rogues’ in advance of any problems, and therefore mitigating this risk. The system relies on data from financial institutions, so will improve as more institutions sign up, but there are already signs that quite a number of organisations see the potential benefits.
Understanding the challenges
There are, however, also some challenges to using machine learning to create models for risk management. We have already mentioned one: are regulators ready for this step? Indeed, are financial institutions? The appetite is certainly there among many, because of the potential efficiencies. However, many lack understanding of the precise systems required. Those who are not already working on this area will need to start on it soon, or risk being left behind by the competition.
Because a machine learning system learns for itself, there is a danger that analytical models to assess risk become a ‘black box’, and nobody is quite sure exactly how decisions are being made. This lack of transparency may not be acceptable to either regulators or customers, although there is a moot point about whether a human decision is actually any more transparent. Perhaps this is simply a matter of how the technology and models are presented to stakeholders. At the same time, of course, there is a bigger problem, that a model that nobody understands is in danger of becoming unreliable. “Computer says no” has already become something of a standing joke in credit decisions.
It may be that machine learning for risk management will become standard as organisations are forced to look more closely at their data to generate additional value and increase efficiency. It may, in other words, come as part of overall digitization efforts, rather than specifically for risk management.
Perhaps one of the biggest challenges for any organisation in using machine learning will be skills shortages in a number of areas. These may well include lack of change leadership skills, because a move to this type of system is likely to involve cultural change as well as new algorithms. Organisations using machine learning need to make their approach transparent and visible to all, with machine learning becoming part of ‘how we do business’. In my view, only this will create the right ethic across the company. If you want to have a clear view of how machine learning brings opportunities and challenges to organizations, read the white paper The Evolution of Analytics.
The risk and compliance agenda is more crowded than ever. Financial institutions continue to feel pressure from regulators, auditors, boards and investors to manage risk more proactively and comprehensively. Model risk governance is becoming more and more critical. As a result, financial institutions must operate their risk and finance functions in a more unified, cost-conscious and transparent manner that requires tighter organizational integration and more informed reporting.
Register now for the 2017 SAS EMEA Risk Executive Forum, where you’ll hear from industry experts about how these trends and changes will affect financial organizations, and from your peers about the lessons they have learned during the implementation of key risk initiatives.