- Cybersecurity remains the foremost concern for 75% of global banking chief risk officers (CROs) for the year ahead, driven by escalating geopolitical tensions.
- Geopolitical risk has surged from 12th to 3rd place in near-term risk rankings.
- Wholesale credit risk has overtaken liquidity as the primary financial risk for CROs over the next 12 months.
LONDON AND WASHINGTON, D.C. – The latest EY and Institute of International Finance (IIF) bank risk management survey reveals that geopolitical risk continues to exert significant pressure on banks worldwide. For the third consecutive year, cybersecurity has retained its position as the top near-term risk.
The 14th edition of this joint report, based on survey data from 115 banks across 45 countries, highlights the critical issues that banking chief risk officers (CROs) identify as the most pressing for their organizations both now and in the future.
Cybersecurity emerges as the primary concern long term, with 75% of CROs agreeing it is the chief risk over the next 12 months, and remains as the primary near-term concern, 87% stating it will remain so for the next three years. Operational resilience (38%) and geopolitical risk (36%) have newly entered the top three risks, reflecting the evolving landscape of challenges facing the industry.
Nigel Moden, EY Global and EMEIA Banking and Capital Markets Leader, says,
“To maintain their competitive position, banking CROs must prioritize both technology and talent; it’s not one or the other. With cybersecurity topping the charts again, CROs need to cultivate a pipeline of talent to enhance operational resilience; it was important last year, and now it’s critical.
“The scale of change is immense, but so is the opportunity. CROs who demonstrate confident leadership and instill agility for rapid response will navigate the market through this turbulent yet transformative time, setting new industry standards and benchmarks for success.”
Geopolitical concerns surge
Concerns about geopolitical risk have surged significantly since last year; 38% of survey respondents identified it as a top five priority this year, compared with only 16% last year and 28% two years ago. This trend varies by region, with 71% of CROs from the largest banks and 60% of CROs at banks in the Middle East and Africa expressing concern, in contrast to just 12% of CROs from Latin America.
The challenges associated with geopolitical upheaval have prompted leaders to adopt a holistic approach to risk management, with 57%stating they will prioritize political assessments to a greater extent. As the political landscape evolves following the super-election cycle of 2024, 70% of CRO respondents believe changes in geopolitical conditions, leading to broader economic uncertainty, will impact their organizations, followed by shifts in market volatility (48%) and trade policies (45%).
Tim Adams, President and CEO at the IIF, says,
“In these times of heightened uncertainty and volatility, geopolitical risk is surging in importance for bank CROs. We are seeing financial firms around the world invest massive amounts of capital in understanding the complex and rapidly changing world order. It is more important than ever that the financial sector work closely with the public sector, within and across borders, to protect the global financial ecosystem in an uncertain environment.”
Budget constraints hindering innovation
The survey highlights that artificial intelligence (AI) continues to demand attention, with nearly half (49%) of respondents naming AI as a key initiative they will prioritize over the next three years. Current adoption focuses on transforming risk management practices, including data analysis (45%) and automation of operational tasks (41%).
However, limited shares of budgets pose the top constraint for CROs seeking to operationalize AI, according to 41% of survey respondents, while 33% cite the scale of change required as a barrier to broader deployment.
As their responsibilities expand, CROs are also managing the associated risks of AI deployment across the business, starting with the development of programs that promote responsible AI usage. Sixty percent view this as a challenge, with talent and technology following at 42%.
Looking ahead: interconnected risks on the rise
The backdrop of increased regulatory uncertainty was set in 2024 following the culmination of an election super-cycle and the fragmented adoption of regulatory requirements across geographies. The most prominent regulation is Basel III, with most CROs indicating they still have work to do to prepare for its implementation and rollout; fewer than four in 10 banks are either close to finalization (21%) or fully prepared (18%).
CROs and other banking leaders will closely monitor regulatory trends in jurisdictions with recent elections, as well as state-level regulations in the US, which could contribute to further fragmentation of the overall regulatory landscape. Almost two-thirds (64%) of CRO respondents in North America cited changes in the regulatory agenda as a top concern, compared to 32% of respondents overall.
Talent is inextricably linked with emerging technology, with 42% of CRO respondents agreeing that talent is a significant constraint when establishing oversight capabilities related to the use of machine learning (ML) and AI. Cybersecurity ranks as the most in-demand skill set at 47%, yet more than half (54%) report that attracting and retaining this talent is currently their biggest challenge. Environmental, social and governance- (ESG) related roles have seen a decline from 26% in 2023 to 21% globally.
In 2023, 67% of CRO respondents agreed that over the next three years, their role would evolve into that of a “watchtower” overseeing intersecting risks. In contrast, more than half (55%) of respondents in this year’s survey believe that developing the next generation of risk leaders is the most important task for the coming three years.
For more information, read the full report.
###
About the Institute of International Finance
The Institute of International Finance (IIF) is the global association of the financial industry, with about 400 members from more than 60 countries. The IIF provides its members with innovative research, unparalleled global advocacy, and access to leading industry events that leverage its influential network. Its mission is to support the financial industry in the prudent management of risks; to develop sound industry practices; and to advocate for regulatory, financial and economic policies that are in the broad interests of its members and foster global financial stability and sustainable economic growth. IIF members include commercial and investment banks, asset managers, insurance companies, professional services firms, exchanges, sovereign wealth funds, hedge funds, central banks and development banks. To learn more about IIF, please visit www.iif.com, follow IIF on Twitter, LinkedIn or YouTube, or check out IIF’s podcasts.
About EY
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.
EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.
All in to shape the future with confidence.
EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. Information about how EY collects and uses personal data and a description of the rights individuals have under data protection legislation are available via ey.com/privacy. EY member firms do not practice law where prohibited by local laws. For more information about our organization, please visit ey.com.
This news release has been issued by EYGM Limited, a member of the global EY organization that also does not provide any services to clients.
About the survey
Participating banks’ CROs or other senior risk executives were interviewed, completed a survey, or both. In total, 115 banks across 45 countries participated. Participating banks were diverse in terms of asset size, geographic reach and type of bank. Regionally, those banks were headquartered in Asia-Pacific (16%), Europe (25%), Latin America (15%), Middle East and Africa (13%) and North America (31%). Of those, 10% are G-SIBs.