Financial and operational resilience were tested to the core. Thankfully, for the most part, the banking sector found a decade-long effort to build greater and higher-quality capital and liquidity paid off and allowed banks to contribute materially to supporting communities, economies and financial markets, while remaining financially safe and sound.
"Changes many assumed would take years suddenly happened in a matter of weeks or months. The art of the possible became the art of the actual.”
Technology systems, albeit in many cases legacy systems, held up and allowed employees to move swiftly to remote working at a scale never seen before. For the most part, virtual working and digital channels to access products and services worked.
But, the pandemic also opened society’s eyes to broader dimensions of resilience. To start, workforce resilience became more prominent. Not only did employers realise employee wellbeing has to be considered during COVID-19 times but it needs to be in the forefront of their thinking on an ongoing basis. This is especially the case now a hybrid working model – combining working at home and in the office – will be an enduring feature of the workplace.
Technology resilience came to the fore, a result of greatly accelerated moves to transform digitally. Changes many assumed would take years suddenly happened in a matter of weeks or months. The art of the possible became the art of the actual.
With it has come energising opportunities to deliver more value to customers and transform operating models and ways of working. But new risks abound, including how to build in resilience by design; carefully manage the transition to the public cloud; and govern and manage risks associated with large scale use of machine learning (ML) and artificial intelligence (AI). Cybersecurity concerns remain top of mind, especially within a sustained remote working environment with an increased attack vector and so many more customers accessing financial services remotely than ever before.
Resilience, then, becomes the defining characteristic of long-term success for banks globally. Bank boards and senior management, advised by the chief risk officer (CRO) and risk team, have to capture the potential offered by change, manage the associated risks and remain resilient across many complex dimensions.
According to the recent EY IIF Global Bank Risk Management survey, as a result of the last 12 to 18 months, banks’ CROs have identified a range of changing priorities for their teams and for boards of directors.
Not surprisingly, credit risk has become the number one risk for banks’ CROs globally over the next 12 months. Banks came into the crisis in far better financial health than they did going into the last global financial crisis (GFC), with capital and liquidity positions strengthened substantially. But the sheer scale, depth and prolonged nature of the COVID-19-induced economic shock means banks are heavily focused on credit concerns, albeit government support measures have gone a long way in supporting businesses so far through the pandemic.
Cybersecurity remains high on the agenda, of course, especially with so many employees working remotely and with the prospect of remote working being a permanent feature of many workplaces. High-profile cyber-attacks also explain why cybersecurity remains high on board and executive agendas.
The risks that have shot up the agenda most, however, are climate change and environmental concerns more generally. Almost half of surveyed banks’ CROs now view climate change as a top risk requiring their upmost attention over the next 12 months. Eighteen months ago, only 17 per cent took that view.
CROs highlight this risk is also higher on the short-term risk agenda for boards – over a third (37 per cent) of surveyed banks’ CROs globally believe their boards see climate risk as a top risk priority, up from just 6 per cent in 2019.