New modes of business create new sources of risk. Several things are common across digital era enterprises: transactions that take moments to be completed; rapidly changing products and services; fewer human touch-points in the front and back offices, and an extended set of enterprise partnerships involved in delivering the product or service to the customer. The tools of traditional risk management can fall short in managing increased risk velocity, automation, and the breadth and depth of risk-relevant data to be assessed.
The emerging topic of digital risk focuses on how the technologies and practices of the digital era can help factor in and control the risks of the digital era. Several of these stand out as being ready to incorporate into modern risk management practice.
Deep, continuous, and real-time, rather than sampled, periodic, and historic processing of risk-related data is becoming a necessity as the velocity of business change and transactions rises. While BI tools are useful, they're more focused on summarizing data than finding the needles of erroneous activity in a haystack of transactional data. AI and big data tools can significantly reduce the effort of correlating information from diverse sources to locate anomalous events. Streaming analytics
tools, long used to immediately locate the few noteworthy items in a flood of logged technology events, can be effectively applied to general operational risk management.
is incorruptible, countering the risk of internal malpractice, as automated transaction and approval processes always follow the rules. Increased focus is needed, however, on automated process design and validation as robots are unlikely to blow the whistle on an incorrect implementation of business rules. Alongside this, additional risk analytics will be required to offset the reduction in human touchpoints and approvals.
Even the best security staff are unable to simultaneously analyze all the CCTV feeds available in a modern workplace, or remain vigilant over an extended shift. Facial recognition
algorithms can detect unwelcome visitors or people who are simply at the right place but at the wrong time, providing immediate alerts for a member of staff to follow through on.
In this increasingly connected world, the need and ability to manage risk does not cease at an organization's boundaries. Enterprise integration
tools, used to tie business applications and data together, can also be effectively employed to bring together real-time and historic risk data from across an extended supply chain or business ecosystem.
has the potential to become a key technology in managing the extended organization, as it can provide an irrefutable log of events.
While these digital-era tools can significantly improve an organization's capacity to manage digital era risks, it is cultural and other human factors that will make or break any new risk management initiative. Anything that alters decision making or operational processes, particularly if it appears to threaten personal autonomy or job security, is likely to meet resistance. The business change practices associated with agile project management, which are geared to sensing and responding to the impact of continuous innovation, can equally be applied to the evolution of risk management.
As Charles Darwin said, "It is not the strongest of the species that survives, nor the most intelligent. It is the one that is the most adaptable to change."
Straight Talk is a weekly briefing from the desk of the Chief Research Officer. To receive this newsletter by email, please contact us.