Transparency is king

Elevating the role of risk management in financial services requires more integration

Miriam Gillinson
30 October 2019

3 min read

Rising regulatory demands have increased pressures on various departments, and one wrong move can result in massive fines and severely damaged reputations. Marc Walby, former chief operating officer for Risk Management at Deutsche Bank Americas, discusses the evolving role of risk management and the potential positive impact of digitalization.

COMPASS: How has the role of risk management evolved in recent years?

Marc Walby: Risk management in the financial services industry has experienced a sea change since the 2008 crisis, driven by both increased regulatory demands and the firms’ own recognition of the need to improve governance and risk practices to avoid past mistakes.

Pre-financial crisis, the role of risk management was less prominent within the organization and typically focused on the traditional credit, market and liquidity risks, transaction approvals and basic portfolio management.

Risk management has had to elevate itself to the top of the organization and become more integrated into the strategic planning and business decision-making processes. There has been a need to think more holistically about enterprise-wide risks, and non-traditional risks such as operational, technology, reputational and conduct. This has added more responsibility and complexity to the role of the risk organization and has required a new way of thinking and operating, working with new frameworks and establishing much greater enterprise-wide collaboration.

How would you elevate the role of risk management?

MW: Two of the most important actions are to ensure the role of the chief risk officer is positioned prominently at the board level and establish an organizational structure that ensures the independence of the risk management function.

Determining an enterprise-wide risk strategy and risk appetite statement is also essential. This requires Risk to take a much more collaborative approach with the senior leadership and businesses to ensure a common understanding of the business strategy and the inherent risks that go along with it. That in turn necessitates far greater collaboration with the board, senior leadership and other areas of the organization, where the necessary data might be housed.

When it comes to adopting a collaborative approach, what could financial companies learn from other industries?

MW: Given how busy we are each day, it’s easy to forget to take the time to step back, think outside the box and look at best practices in other industries. Many industries have to manufacture, distribute and develop products in a highly complex environment that is subject to significant regulatory scrutiny – the classic examples being aerospace and pharmaceuticals – where there is a critical need for collaboration, transparency and robust audit trails.

These industries have advanced workflow tools that could be beneficial to financial services. These systems enable cross-division and cross-jurisdictional collaboration for the development, approval and manufacture of complex products. They are robust, with rigorous approval processes built into the businesses, and defined control points and audit trail processes. In this sense, there’s a direct parallel with the development and distribution of financial service products, in which robust and complex internal and regulatory standards must also be met.

Marc Walby is the former chief operating officer for Risk Management at Deutsche Bank Americas. He led the US risk management practice though a period of significant growth and transformation as new industry and regulatory demands emerged following the 2008 financial crisis.

How could digitalization help to better manage risk?

MW: There’s a lot of buzz around digitalization and machine learning, but I believe we’re still in the relatively early stages of its application for risk management. Digitalization and automation have the potential to significantly improve risk capabilities by generating valuable insights. Once you’ve digitalized key risk information, that then lends itself to layering other capabilities on top of that data, such as algorithms and advanced analytics.

Data and technology is also crucial when it comes to new product and services development. It’s becoming ever-more incumbent on business and risk organizations to ensure that they understand the risks of new products and how that risk is measured and monitored. Risk frameworks are continuously evolving, and the ability to codify those frameworks with policies, procedures and control points, and integrate those requirements into the business origination and risk management processes, is becoming increasingly important.

Alongside risk management, which other areas might benefit most from digitalization?

MW: Aside from client-facing applications, I see clear opportunities in control areas such as Compliance and KYC [Know Your Customer], with digitalization of client adoption, client lifecycle management and trade monitoring. The onboarding of clients, maintenance of their relationship and business activity monitoring is ripe for digitalization and has true business benefit – with the potential to create significant efficiencies for the customer and enhance their service experience.

For more information on solutions for regulatory oversight, please visit

Related resources


Register here to receive a monthly update on our newest content.