The financial and wealth advice space has undergone many changes over the past decade. From the Retail Distribution Review to Mifid II, the sector and its regulations are constantly evolving.
One of the latest changes, especially in a post-covid world, is the increasing role that risk management is playing within the industry.
But what exactly makes good risk management and how does it fit into financial advice?
According to Mary Boyd, risk consultant at Blacktower Financial Management, a good risk management framework “encompasses everything in a business,” from legal to compliance to the front line.
This of course goes hand in hand with good leadership and good communication, she said. International Advisorbecause “there is no point in one person understanding the risk and the rest of the business not being aligned”.
A good risk manager should also influence and challenge even the most experienced people within their company to make sure they stop and think about what lies ahead and the bigger picture.
Indeed, for risk management to be efficient and effective across the enterprise, “nothing can be hidden,” Boyd added.
One of the biggest risks facing financial advice is, of course, the growing need for technology and interconnectivity.
Boyd said: “The main changes we’ve seen lately are the risk of disruption and the technology risk, especially because since covid everyone has become so reliant on technology to keep working.”
And while technology can certainly help, it needs to be able to “talk to your own systems” across the enterprise to be effective.
At the same time, technology will not be the answer to everything, she added.
“At the moment the AI can only spit out data, it still can’t do the human analysis because it doesn’t know our business, it doesn’t know what our admins have approved as our risk appetite. So there always has to be a human element looking at the data.
Change of attitude
Positively, Boyd said small and medium-sized financial firms started thinking about risk early on, especially given what’s happened over the past two years.
She added that companies used to put their compliance functions in place first because they were seen as a necessity and almost a “regulatory requirement”. But risk management would only come later, as “an evolutionary stage”.
Boyd said, “I think that’s probably why most people see compliance as a subset of risk. But there is certainly more acute attention on the back of covid. There is certainly a greater focus for businesses to have this extra layer in their control environment in addition to compliance businesses.
“Now I’m being asked about risk management strategies by professional insurers and regulators. Everyone is looking to have those three lines of defense and not just the two, and I think that’s been largely passed down from the big institutions to the financial services sector.
“So if I were to say there’s been a change because of covid, it would be that we see risk being a really defined function within our small and medium-sized businesses in financial services, not just large institutions. ”
But the traditional list of risks, such as market, credit, liquidity and operational risks, will no longer be exhaustive, Boyd warned.
“I think the risk landscape has changed for us. If I look at board reports and my own risk framework, the list of risks is almost endless, it touches so many aspects of the business.
“I think geopolitics is definitely a key risk, and clearly technology is everywhere, with cyber risks being discussed at every board meeting.”
When it comes to geopolitics, Boyd said no one can look at their business in a vacuum anymore. Since everything has gone global and cross-border, these features come with their own set of risks.
For example, the time it takes to obtain licenses in different jurisdictions, whether some of them may end up on the EU’s gray list for tax non-compliance, and even Brexit are all part of the additional layers of risk that must be mitigated, and an alternative strategy must be put in place to deal with them.
Compliance vs Risk
Boyd mentioned earlier that many see compliance as a subcategory of risk, but what sets the two apart?
“I think there’s a difference between compliance and risk, compliance very rarely adds value to the business,” she said. “It can certainly save value by avoiding big fines or litigation and potential reputational damage, but very rarely does it add real value. Whereas risk can actually be a value proposition.
As risk management plays an increasingly central role in running a financial advisory business, what can smaller companies do to ensure they keep up with the bigger players without breaking the bank?
Boyd said, “In addition to joining a network, which I think is really a smart move, they can engage with some really good third-party risk and compliance service providers who deal with these types businesses on a daily basis. day after day, they understand what the regulator wants to see.
“Additionally, they have large departments that monitor disruptions and regulatory changes; This is the way to do it. It’s not about trying to guess yourself, but you have to get experts and employ them.
“And there’s really good value in some of these companies; they are not really expensive, but rather than trying to do it yourself, trust these types of experts to support your business. »