How the integration of Generative AI into risk modelling is changing the risk management landscape
Venkat Vedam, Head of Data Science Engineering, Manulife Investment Management
Audie Wang, Executive Director and Head of Quantitative, UBS
Paul Mullins, former Managing Director of Global Strategic Initiatives, HSBC 6
HOW EVOLVING CYBER THREATS AND AI ARE RESHAPING BANK SECURITY
After a decade in which AI has transitioned from concept to reality, how much has really changed? And how does AI today help to reinforce banking security?
Tom Kartanowicz, CISO for Europe and the Americas, Standard Chartered
CAN AI REVOLUTIONIZE FINANCIAL SECURITY? THE TRANSFORMATION OF ANTI-MONEY LAUNDERING AND FRAUD PREVENTION
Artificial Intelligence, real challenges - the complexity of change
Andreas Simou Managing Director CeFPro
10
What is the role of AI in fighting financial crime, and how can financial organizations deploy it effectively?
Sean Yu, Head of Financial Crimes and Liquidity Risk Modelling, KeyBank
Indra Reddy Mallela, Vice President and Model Risk Manager, MUFG Bank
UNDERSTANDING THE COMPLEXITIES OF AI ADOPTION IN THE INSURANCE INDUSTRY
12
From ethical concerns to a lack of cross-industry standardization, just how big are the challenges around AI adoption for insurance companies?
Ted Pine, Senior Business Development Manager, AI Insure, Munich Re
MASTERING THIRD-PARTY RISK: EFFECTIVE DUE DILIGENCE IN A COMPLEX SUPPLIER NETWORK
14
Fourth and Nth parties add complexity to supplier networks – so what, exactly, is the best way to make sure your Third Parties are managing their Third Party risk effectively?
Codee Woo, Third Party Risk Management Lead, Legal and General Group
NAVIGATING COMPLEX CREDIT RISKS IN A VOLATILE ECONOMY
18
Just how does our fast moving macro-economic climate impact and influence financial services supply chains, governance and credit risk management?
Alisa Rusanoff, Head of Credit, Crescendo Asset Management
STRESS TESTING: BALANCING RESILIENCE AND REALISM IN RISK STRATEGY
22
With different organizational stakeholders having differing needs and demands when it comes to stress testing, just how do risk managers build a resilient test framework?
Berislav Jozic, Head of Integrated Risk Management, Addiko Bank AG
UNDERSTANDING TRANSITION FINANCE - A COMPREHENSIVE OVERVIEW
24
The nature of transition finance makes it a long-term game – so how should transition finance leaders approach investment projects where key risks may not even be identifiable?
C. Robin Castelli, Head of Transition Finance Investing, Orange Ridge Capital
In September we launched AI Week - an immersive experience dedicated to exploring the transformative power of artificial intelligence in the financial services industry.
Over the course of five days we explored the latest AI innovations, trends, and applications that are revolutionizing the way financial institutions operate and serve their customers.
Given that dedicated focus on how our work is being shaped and changed by the rapid development of intelligent digital and cyber technology, it’s perhaps no surprise that this edition of iNFRont reflects some of knowledge and learning that emerged from those events.
As AI reshapes everything from customer interactions to risk management, financial institutions face a critical question: how best to harness the power of AI responsibly while navigating complex regulatory landscapes.
Ethical AI remains a pressing concern. With growing reliance on machine learning for all areas of risk management, ensuring fairness and transparency is paramount, since bias in AI models can lead to discriminatory outcomes, risking reputational and legal fallout.
Data privacy and security remain under scrutiny as organizations balance AI’s hunger for vast data sets with the obligation to protect customer privacy in line with regulations.
And as AI becomes embedded in core financial processes, other regulatory challenges emerge, leaving policymakers grappling with the challenge of keeping pace with rapid innovation without stifling it.
Also in this issue, we look at how financial organizations ensure their Third Party suppliers are managing their own Third Party risks effectively, explore how best to approach the uncertain risks attached to transition finance, and look at the impact of macro-economics on credit risk.
Happy reading!
CeFPro is keen to share insight from leading industry professionals, so please get in touch with me if you’d like to be involved in a future edition of the magazine
We welcome contributions. If you or your organization are interested in featuring in our next issue, please contact infront@cefpro.com CONTENT AND AUTHOR SUBMISSIONS infront@cefpro.com
&
If you are interested in sponsorship and advertising opportunities, please contact: sales@cefpro.com
www.cefpro.com
Welcome to the latest edition of CeFPro’s iNFRont Magazine.
Generative AI - From Buzzword to Game Changer
This article is based on a webinar organized by CeFPro as part of its AI event program. It featured contributions from Venkat Vedam, Head of Data Science Engineering at Manulife Investment Management, Audie Wang, Executive Director, and Head of Quantitative at UBS, and Paul Mullins, the former Managing Director of Global Strategic Initiatives at HSBC, and Charles Forde, Chief Operating Officer, NFPE Investment Banking and Global Markets at Nomura.
Generative AI (Gen AI) is undeniably one of the most exhilarating and transformative technologies of our era. It’s not just a buzzword that’s bandied about in tech circles; it represents a significant shift in how innovation is approached across industries.
In short, Generative AI is not just a buzzword. Although it’s been used everywhere, it’s a game changer and this sentiment is echoed by leaders in various sectors who are at the forefront of integrating AI into production.
The Advent of Generative AI
In recent years, Generative AI has emerged as a pivotal technology, spurring profound discussions about its potential and its risks.
Venkat Vedam, Head of Data Science Engineering at Manulife Investment Management, reflects on the transformative impact of AI: “As early as 2021, when ChatGPT was released, we started having leadership conversations saying, this is a game changer,” he says.
The initial phase, he explained, was characterized by exploration, identifying capabilities, and laying the groundwork for AI integration, adding that last year marked a significant shift from exploration to implementation.
“We have around eight use cases that we moved into production,” he notes. These use cases primarily focused on driving efficiency, such as processing complex documents and enhancing knowledge base retrieval.
This transition from theoretical exploration to practical application underscores the technology’s growing importance.
The Implementation Journey
Bringing Generative AI into production is no small feat. For Vedam, the journey involved not only integrating AI but also managing expectations and upskilling the workforce.
“We established a thorough program of upskilling the workforce at different levels on what to expect of Gen AI,” Vedam said, adding that this approach aimed to prepare employees for the changes AI would bring and align their expectations with the capabilities of the technology.
Similarly, Audie Wang, Executive Director and Head of Quantitative at UBS, said the integration of AI into their financial modeling processes focused on leveraging AI to enhance operational efficiency and accuracy.
“We’ve been focused on how to integrate AI into our financial modeling process,” Wang says. This involves innovative solutions that utilize GPT and Pythonbased frameworks to revolutionize regulatory support, quantitative modeling, and financial planning.
Managing Expectations
One of the significant challenges in implementing AI is managing expectations. Paul Mullins, former Managing Director of Global Strategic Initiatives at HSBC, emphasizes the importance of realistic expectations.
“I think the question that always have is, let’s not make the mistakes we made in the past with implementation,” Mullins cautions. He draws a parallel with cloud computing, noting that while there was a lot of ambition, execution was inconsistent. With Generative AI, however, the stakes are higher because stakeholders have more immediate and visible expectations.
Mullins provides an example from Morgan Stanley, which has effectively used Generative AI to enhance customer interactions.
“Morgan Stanley started off with building Gen AI tools to enable their frontline staff to have information about their customers at their fingertips.,” he explained, going on to say that this not only improved efficiency but also exceeded expectations in terms of employee satisfaction.
For customers, Morgan Stanley introduced tools that transcribe and document calls, providing recommended solutions with transparency and consent.
In contrast, Venkat Vedam described a more nuanced view of expectations management. “Previously, when we were delivering solutions internally, there wasn’t a lot of external tools that they would compare against,” he explains.
Today, employees are familiar with advanced tools like ChatGPT and expect similar or better capabilities in their internal systems. “By the time we deliver a solution, the expectations have moved,” Vedam adds, illustrating the fact that this rapid evolution presents a significant challenge in maintaining alignment between what is promised and what is delivered.
The Role of Vendors and Tools
The choice of tools and vendors plays a crucial role in the success of AI implementation.
Charles Forde, COO at Nomura Financial Products Europe, highlights the importance of selecting the right partners. “The selection of a partner for data and implementing an AI tool is very important for each particular use case,” Forde says.
His experience with third-party risk and operational resilience also underscores the necessity of ensuring quality data and effective vendor management.
Audie Wang picks up on this thread, noting the impact of integrating AI into existing data frameworks.
“In order to productionize a platform that links to the larger data system, you need to consider issues like data quality and system integration,” Wang explains. The transition from a prototype to a production system often reveals gaps in data connectivity and system compatibility, which can affect AI performance.
Looking Ahead
As the technology continues to evolve, the focus is increasingly on scaling successful implementations and refining approaches.
Venkat Vedam highlights the need to find a balance between building custom solutions and leveraging existing tools.
“We’re trying to pick our battles for some of the solutions,” he says. This, he explains, involves evaluating whether to build in-house or adopt solutions from providers like Microsoft, which offers a range of AI capabilities under its “co-pilot” branding.”
Charles Forde echoed the sentiment, emphasizing the need for careful planning and execution. “For use cases like client onboarding or legal contract analysis, the approach to success factors after implementation will be very different,” he notes.
The selection of vendors and the quality of data management remain critical factors in determining the success of AI initiatives, he added.
Generative AI stands at the intersection of hype and reality. As leaders in various sectors work to integrate this technology into their operations, managing expectations and ensuring effective implementation are key challenges.
From driving efficiency in financial services to enhancing customer interactions, the potential of Generative AI is vast and varied.
As we move forward, the lessons learned from current implementations will shape the future of AI, ensuring that its transformative potential is fully realized.
How Evolving Cyber Threats and AI are Reshaping Bank Security
Can you talk about how third party risk has evolved over the last few years? What have been the steps of evolution, and – critically - what new management trends are emerging in response to the way third party risk has changed?
Well if I were to go back 10 years to 2014 and think of third party risk management through a cyber lens, I see incidents like Home Depot, Target, and those types of data breaches where there was a certain level of sophistication at the time that adversaries had. They were able to compromise a HVAC system, for example, and get access that way.
Fast forward 10 years, and I think we’re living through the results of our digital revolution and digital
transformation. Everything is online at the speed of yesterday. So our exposure as a bank, as a firm, has just increased so much versus 10 years ago.
If I’m an adversary, if I’m a hacker, nation state, whoever, don’t have to go after 20 individual banks. go after one vendor. I could go after a managed service provider.
So I think what has changed from my lens is just the sophistication of the attacker, the complexity of how they operate. They are very smooth and sophisticated. They almost have their own third party program, they have affiliates, they have folks who specialize in initial access and lots of other things, like division of labor. And they do that the same way we do.
So seeing that has really been the game changer for me. The benefits of digital transformation used by adversaries have made my days very interesting as a CISO.
You referred there to the rapidity of change – the fact that compared to 10 years ago, change is happening at a thousand miles an hour.
So with the increasing reliance on cloud services and FinTech partnerships and all of the technology that makes life ‘better’ and ‘easier’, what are the key challenges that banks face in managing third party risks – and how are you addressing those?
Again, if I was asked this five or 10 years ago, I may have had some similar responses, right? Where’s our data? How well is our data being protected? How quickly can we respond to any type of attack that’s happened?
But I’d say the twist for 2024 is in trying to be more proactive where we’re focusing more on having a specialized third party intelligence team that goes out and does proactive sweeps of the dark web, proactive sweeps of intelligence services, to look for attacks before they happen or attacks that are in flight on our vendors.
So of course everyone does the questionnaire, right? Everyone is collecting data. It’s static. It’s a necessity. It’s a necessary evil. It’s a compliance thing. get it. But attackers don’t care about compliance rules. Attackers don’t care about checkboxes.
What is more interesting though is the reality that’s happening out there. And that’s where we’re taking a more proactive approach. For example, if we see cases where one of our third parties might be under attack and we know it before they do, we proactively tell them.
So it’s almost like we offer a kind of service to be there as a partner. And on the flip side, we know that if they’ve been attacked, our own data is at risk.
And because we know this, we have established very clear escalation procedures and data points that we can use quickly to make a decision to cut off a service or not.
So I think what’s different again compared to a couple years ago is that need to have a defined escalation criteria and a shut-down and re-enablement criteria of these services.
When attacks happen, you can’t just make up your playbook on the day. So having a clear sense of responsibility and then getting the assurance that that third party’s remediation is up to our own standards is important.
So they may have been breached, they had their attack, they recovered. Well, show us the report, show us the proof.
A few years ago, we probably were more lenient, like, we’re back online, great. You had a report done showing your environment is clean, great. Now we’re kind of challenging that and saying, okay, who did your forensics report? Are they reputable? Would we use them? And then it becomes more collaborative.
Right at the beginning of that answer, you said, if you’d been asked this five or 10 years ago, you’d probably have asked some of the similar questions. And isn’t that the fascinating thing – that no matter how quickly things change around us, the fundamental goal posts don’t seem to move.
They don’t. They’re fundamentally there, and that’s where getting better and getting more efficient and using some new tools and technology comes in.
We have to give a shout out to AI here, but it does make a material difference when instead of having 25 analysts wasting time going through data feeds with a fine-tooth comb to weed out false positives, a tool could do that for you.
In a recent Q&A session, Tom Kartanowicz, CISO for Europe and the Americas at Standard Chartered, looks at how AI has evolved over the last decade and how it is now being used to rewrite the book on bank security.
That in turn means your analyst could spend time doing higher order things, not just needle in a haystack stuff that’s very boring and a waste of everyone’s time. So we can definitely use AI to help us, but the flip side, of course, is that the adversaries are also utilizing AI to write custom malware, so again, it’s a double-edged sword like anything else.
Clearly AI and machine learning have a role to play in enabling and facilitating risk management. So how do you leverage that and stay ahead of the game, especially since, as you’ve already said, adversaries don’t need or care about compliance?
Again, it’s all about the speed and the response time and the evaluation time. From where sit, it’s mainly significant in terms of response and recovery side of full-on incident response.
Cyber incident response today has a huge third party component. So, that’s where see the biggest gain. A lot of the tools we rely on in the industry have elements of AI now that behind the scenes are making things more efficient.
But again, all of that has to be challenged and questioned because AI is not infallible. Mistakes can happen, false positives can happen, and you have to worry about data poisoning. Some adversaries like to feed false information into your AI. Some people want to poison the cache.
So with every great technology comes great responsibility. So it goes back to how you secure your tools, how you secure your data, how you secure your own AI tools and your vendors’ use of AI as well.
Can you share a recent example or a case study where a third party incident has impacted a bank or another financial institution and what lessons were learned from that incident?
But I think that the MOVEit vulnerability that happened last year is interesting. MOVEit is a file transfer solution and in this case a vulnerability was identified in this
software that adversaries were able to exploit to get access to files.
Those files belonged to various organizations. Not just banks, but also education, government, hospitals, et cetera. And what was interesting about MOVEit was that it was a one-platform approach.
And what that means is that mayybe your third party or their third party – effectively your fourth party – uses it. But you don’t think about these things, right? It’s kind of part of that huge ecosystem.
You know, we sign an agreement with this company. Well, do they use MOVEit? I don’t know, and maybe it’s not something you know enough to ask. But then you find out they do use it, because suddenly the adversaries have your data.
Another one that’s also interesting is a company called Snowflake, who are a provider of cloud services and cloud infrastructure and in 2024 a lot of high -profile organizations in network telecommunications and banks have a nexus to Snowflake.
What’s interesting in the Snowflake attack is that they really didn’t do much wrong. The attackers were able to find users of this software distributed throughout the world and they used some kind of data scraper to get credentials to attack the endpoint the computer that those users were on.
Snowflake doesn’t mandate multi-factor authentication, they leave it up to the user or the user’s company. They leave it up to the company to enable that.
So the attackers go out, they find weaknesses in laptops, other computer systems, whatever. They get hundreds of credentials. They then collate it. They do some of their own data mining and they start attacking endpoint users to get company data that belongs to banks, telecom companies, et cetera.
So to me, that was pretty groundbreaking, and also pretty exciting and scary at the same time.
Financial Crime & Technology Europe In a world of evolving threats, staying still isn’t an option.
Lead the fight against financial crime with innovative, technology-led prevention tactics.
Financial crime is changing. Can your institution keep up? Join your Community and some of the brightest minds in the industry as we explore how you can stay one step ahead of bad actors through the use of innovation and technology. Discover the latest strategies, tools, and regulations that will change your outlook and the way you operate.
Stay ahead of the game. Uncover emerging risks. Connect with professionals that are leading the battle.
Visit https://cefpro.events/financial-crime-europe/ for more information.
Can AI Revolutionize Financial Security? The Transformation of Anti-money Laundering and Fraud Prevention
As artificial intelligence (AI) continues to evolve, its role in security enhancement, anti-money laundering (AML), and fraud prevention is becoming increasingly critical. In a recent panel discussion, industry leaders Sean Yu, Head of Financial Crimes and Liquidity Risk Modelling at KeyBank, and Indra Reddy Mallela, VP – Model Risk Manager at MUFG Bank, shared their insights into the practical applications of AI in financial institutions. They explored AI’s growing importance in combating financial crime, the challenges it faces, and the balance between human oversight and machine efficiency.
The conversation focused on how AI is reshaping the approach to financial crime detection and prevention, with each expert offering unique perspectives based on their extensive experience in the field.
AI: A Game-Changer in Financial Crime Prevention
Financial institutions have traditionally relied on rule-based systems to detect suspicious activities. These systems, while effective, often result in a high volume of false positives, overwhelming investigators and allowing some malicious activity to slip through the cracks. AI promises to reduce these inefficiencies, using machine learning and advanced algorithms to significantly enhance the detection process.
“Currently, we have a traditional approach where most financial institutions use rule-based systems to monitor transactions for suspicious activity,” said Indra Reddy Mallela. “However, this approach often leads to a high volume of false positives, overwhelming investigators and increasing the possibility that suspicious activity goes unnoticed.”
Mallela explained that AI can reduce false positives by about 20% to 25%, allowing financial institutions to allocate resources more effectively.
“By considering machine learning approaches in real-time transaction monitoring, we’ve seen significant improvements—not only in reducing false positives but also in identifying suspicious activities that were previously missed,” he added.
This improvement is largely due to AI’s ability to analyze massive amounts of data quickly and accurately, identifying patterns and trends that may be missed by human investigators or traditional systems.
Enhancing Security Through Data-Driven Intelligence
Sean Yu echoed those sentiments, pointing out the advantages of AI in handling complex data sets and improving efficiency. “AI is better at aggregating and analyzing large, complex data sets than humans,” he said. “For example, humans may struggle with handling multi-dimensional data beyond two or three dimensions, but AI can easily process highdimensional data and uncover patterns that would otherwise go unnoticed.”
Yu emphasized that AI not only enhances traditional rule-based approaches but also reduces manual processes, thereby improving overall efficiency. “Many banks are using AIdriven bots to pull data from multiple systems and summarize it for analysts. This allows investigators to spend less time gathering data and more time focusing on high-risk cases,” he said.
He also noted that AI’s ability to handle complex data doesn’t just reduce false positives, but also helps investigators focus on real threats. “It’s not just about reducing the false positives—it’s about giving investigators more time to focus on the real threats and bad actors,” he said.
AI’s Impact on Human Engagement
One critical aspect of AI’s implementation is the continued need for human oversight. While AI can automate much of the investigative process, human investigators are still essential for making final decisions.
“There’s a misconception that AI will entirely replace human investigators, but that’s not the case,” Mallela said. “AI significantly increases productivity by handling the initial stages of an investigation, but human intervention is still mandatory to review the AI’s work.”
Yu agreed, noting that AI can handle up to 80% of the work in certain scenarios, but human investigators are still needed to make the final call. “AI can do a lot of the heavy lifting—like drafting reports or summarizing data—but a human should always review the final output. This ensures that errors or AI ‘hallucinations’— where the model generates inaccurate or misleading information—are caught before they cause problems,” he explained.
A major benefit of AI, according to Yu, is consistency. “Humans are prone to bias and can interpret the same data differently based on their experiences,” he said. “AI, on the other hand, provides consistent results, ensuring that all cases are evaluated using the same standards.”
Combating Bad Actors with AI
AI’s ability to detect fraudulent activities and bad actors is another crucial application in financial security. In the past, identifying bad actors was often a reactive process, but AI allows for a more proactive approach.
Mallela gave examples of how AI helps identify unusual spending patterns, multiple login attempts from unfamiliar locations, or changes in device usage—indicators that might signal fraudulent activity.
“AI learns from existing patterns in the data,” he explained. “For instance, in the fraud prevention space, it can identify unusual patterns, such as multiple logins from unfamiliar locations or changes in device usage, that signal fraudulent behavior. This enhances accuracy in identifying fraudulent transactions while reducing false positives.”
By using advanced machine learning models, AI can adapt to new fraud techniques as they emerge, offering a robust defense against evolving threats.
“AI can help detect fraud patterns that are constantly changing as criminals find new ways
to exploit financial systems,” Mallela said. “It provides a dynamic and flexible solution that can keep pace with these evolving threats.”
Yu added that AI can also identify patterns that aren’t initially apparent to human investigators.
“Bad actors often change their tactics to avoid detection,” he explained. “AI can spot these changes much faster than humans, helping to catch criminals who might otherwise slip through the cracks.”
One example Yu provided was the monitoring of smaller transactions that bad actors use to evade detection. “Criminals may try to avoid detection by breaking up large transactions into smaller ones, but AI can spot these patterns and flag them for further investigation,” he said.
The Future of AI in Financial Crime Prevention
While AI is already making strides in enhancing financial security, there are still challenges to overcome. Regulatory acceptance of AIdriven solutions is one area that needs further development, as are concerns about AI’s limitations, such as hallucinations or data bias.
“Everyone is doing proof-of-concepts (POCs) right now, testing AI in various applications,” Yu said. “But it’s not practical to think that AI can completely replace human decision-making at this stage, especially when it comes to tasks like drafting narratives for suspicious activity reports (SARs).”
Despite these challenges, both Yu and Mallela agreed that AI will continue to play an increasingly important role in financial crime prevention, working alongside human investigators to create a more secure financial landscape.
“As we continue to develop and refine AI technologies, we’ll see even more benefits in terms of efficiency and accuracy in detecting financial crime,” Mallela concluded. “But AI will always need that human touch to ensure that we’re getting the best results possible.”
Yu added, “AI is not a silver bullet, but it’s an incredibly powerful tool when used correctly. The key is to find the right balance between machine efficiency and human oversight to ensure that we’re staying one step ahead of the bad actors.”
In the fight against financial crime, AI is quickly becoming one of the most powerful weapons in the arsenal of financial institutions. As these technologies continue to evolve, the collaboration between humans and machines will define the future of security in the financial sector.
In a recent webinar organized as part of CeFPro’s AI Week events held between September 9 and September 13, Sean Yu, Head of Financial Crimes and Liquidity Risk Modelling at KeyBank and Indra Reddy Mallela, Vice President and Model Risk Manager at MUFG Bank explored the role of AI in the prevention of financial crime.
Understanding the Complexities of AI Adoption in the Insurance Industry
appetite, as far as the use of data goes, nor should it change your rules of the road around how you’re going to use data,” he says.
However, AI introduces new challenges, particularly when it comes to combining different types of data.
“One of the big issues with AI is that you may be tempted, particularly in the name of something like customer service or building an internal knowledge base, to combine types of data that you haven’t done before, because AI is very good at that,” Pine cautions, stressing the importance of asking basic questions about data usage and potential leaks whenever new data sets are integrated into AI systems.
Pine also touches on the ethical dimensions of AI, arguing that a company’s AI ethics should align with its overall corporate ethics. “Just because it’s a new technology, and just because it has new capabilities doesn’t mean you throw out the rule book of what your company considers to be ethical practice,” he says. Yet, transparency remains a challenge, particularly when it comes to understanding how AI models arrive at their decisions. “Unfortunately the answer at the moment is that you can’t,” Pine admits. This opacity underscores the need for robust risk management practices to address any residual risks that AI models may introduce.
Emerging Trends and Future Directions
Over two days on October 7 and 8, some of the leading figures across America’s financial services industry will convene in New York for CeFPro’s flagship AI in Financial Services event. In this article, based on an interview with Ted Pine, Senior Business Development Manager with Munich Re Insure AI, we take a sneak preview of some of the key issues facing the insurance industry when it comes to AI adoption.
As the use of AI continues to surge within the financial services sectors, the insurance industry stands on the precipice of a significant transformation.
Ted Pine, an AI underwriter at Munich Re, one of the world’s leading reinsurance companies, has been at the forefront of this evolution for the past two years. With Munich Re underwriting AI risks for six years now, Pine offers a unique perspective on the challenges and opportunities that AI presents to the insurance sector.
Challenges of Adopting AI in Insurance
The adoption of AI in the insurance industry is not without its hurdles. Pine highlights that the key challenges are closely intertwined with the ways in which the industry is addressing them.
“If you look at AI and the use cases to which it’s currently being applied in insurance, you’ll find that because the technology, particularly generative AI technology, is so new, insurers at this point are kind of controlling their risk, mitigating their risk, if you will, by picking very familiar and well-known use cases to automate,” he explains. Indeed, one of the primary strategies the industry is
employing to mitigate risk is to start with established, low-risk applications. For instance, many insurers are using AI in customer service chatbots—an area where the industry has decades of experience.
Pine notes, “We have a lot of experience understanding what a successful customer experience mediated by automation looks like. We also know what the risks are and what can go very wrong.”
By applying AI to these familiar scenarios, insurers can test the technology’s effectiveness without exposing themselves to significant financial or reputational harm.
Ensuring Ethical AI Use
As AI continues to evolve, concerns about its ethical use, particularly in terms of data privacy and algorithmic transparency, have become increasingly pressing.
Pine emphasizes that the insurance industry, like any regulated industry, has been grappling with data privacy issues for decades.
“AI in and of itself should not change either your risk
Looking ahead, Pine identifies a significant gap in the industry: the lack of standardized frameworks for managing AI deployment: “There’s no established standard or framework against which we can manage our AI deployment practices,” he notes.
And he says that whilst best practices can be shared through professional discourse, the absence of formalized standards poses a challenge for the industry as a whole.
Pine envisions a future where standardized practices will enable companies to present a comprehensive inventory of all AI models in use, along with detailed documentation on data sources, model performance, and incident management.
Such standardization would not only enhance operational efficiency but also facilitate the creation of a more robust market for underwriting AI risks.
“Eventually, what every company wants to move to is being able to present an inventory of all the models that are in use, and where the data came from,” Pine suggests, adding that this level of transparency and documentation would be crucial for insurers to accurately assess and price the risks associated with AI.
Overcoming Stumbling Blocks to Widespread AI Adoption
Despite the potential benefits, widespread adoption of AI in the insurance sector is still in its early stages. Pine believes that the key to overcoming this inertia lies in gaining experience over time: “The function
of adoption is really going to have to do with experience over time,” he says, pointing out that most companies are currently focusing on low-risk, utilitarian applications of AI.
Pine also highlights the importance of understanding the different ways in which AI technologies can fail compared to legacy systems.
“What we’re going to see as people get up the curve is that the more pedestrian, or more lunch bucket utilitarian applications are the ones that are going to be done first,” he predicts, going on to say that by starting with these low-risk applications, companies can learn from the errors and refine their AI strategies before moving on to more complex and higher-stakes use cases.
In practical terms, this cautious approach means that many companies are initially deploying AI in areas where the consequences of failure are relatively minor.
Pine recalls a conversation with an insurance professional about a chatbot use case in which they discussed exposure appetite.
“If the bot is recommending something that could lead to grievous economic harm when it hallucinates, you probably won’t put that into production,” he says.
However, in less critical scenarios, where the risks are more manageable, companies can afford to experiment with AI-driven solutions.
Ted Pine’s insights shed light on how insurers are cautiously navigating this new landscape, starting with familiar applications and gradually expanding their use of AI as they gain more experience.
While ethical concerns and the lack of standardized practices remain significant hurdles, the potential benefits of AI in areas like customer service and internal knowledge management are undeniable.
As the industry continues to learn and adapt, it will be crucial to develop robust frameworks for managing AI risks and ensuring that these powerful technologies are used responsibly and effectively.
Mastering Third-Party Risk: Effective due diligence in a complex supplier network
In a recent Q&A session, we asked Codee Woo, Third Party Risk Management Lead at Legal and General Group, to drill down into the complex due diligence landscape of Third Party Risk Management, and address some of the key issues that face TPRM managers within the financial services sector.
We began by asking Codee to share some insight into how we can ensure effective due diligence as part of a comprehensive third party risk program.
think you have to make sure the due diligence you’re performing on your supplier is commensurate to the level of risk that that supplier service provides to your organization.
You should be making sure that the higher the risk level of a supplier service, the more due diligence is needed. And you may also want to tailor the frequency depending on how risky that supplier is to you.
And what about in relation to assurance requirements for third parties beyond the immediate suppliers - for example, the 4th and Nth parties? Are there any specific due diligence requirements there, for example?
So what I’d say for your fourth and Nth parties is that firstly you need to know what suppliers’ fourth parties directly service your company. And then for those which are material, you’ll want to assess the extent to which your supplier is managing them effectively.
Your supplier should have a mirror version of your risk management team that is monitoring their own third party, and you want to make sure that the way they’re managing them is in line with your expectations.
And it’s not just about them providing you with, for example, their policies. You’ll want to go in and check that the controls that they have around their third party management are actually operating effectively.
What are
the
challenges in striking a balance between appropriate risk assessments and due diligence for various third party arrangements?
So I think the terms can be used interchangeablyyou’ve got screening, you’ve got desktop assessment, then you’ve got on site assessment, where you actually go in person, and also on site virtual assessment.
You’ll want to be using a combination of those different assessment types depending on the risk that’s presented to your firm and also on what is practically feasible.
So for example, you might have a very high risk supplier that is material to your organization, but if, for example, they’re based in India, it just might not be economical to go out to India every year. It might be that you want to mix it up. So one year you go on site, but the following year you do your review via desktop.
Screening is also a cost effective way to find out where you might need to go and do some further investigations. For example, if your screening shows that one of your suppliers’ credit rating has gone down, that would be grounds for you to do some further work, meaning you can target your resources more effectively.
In the context of the four areas you just mentioned, how do you assess the level of risk severity? Or is that based on the individual third party, the product line, or the criticality within your institution?
We do something called a materiality assessment on every supplier service, and that will look at the level of risk that supplier service firm presents to our firm.
That looks at all the different risk attributes – for example, whether they’re an outsourcer, whether they’re doing a regulated activity on our behalf half, whether they’re have access to our data or they hold our data, whether they’re involved in handling PII, whether they support an IBS, so on and so forth.
The attributes they present will scope in the relevant due diligence. So as an example, if they’re not holding our PII, we’re not going to send them a privacy questionnaire.
There’s a lot of talk in the industry about collaboration. The biggest challenge there is not revealing your secrets, but at the same time being able to share data that will be beneficial to yourself and your industry.
Can you give examples of successful collaboration within this area?
One example is that we use external consultants to support us with performing our on-site assessments because we just don’t have the manpower to do it ourselves. And our external consultants have SME knowledge in multiple risk domains.
That means we can get a way of sending one person out to inspect a supplier for a day rather than having to send a whole team of SMEs to go out together.
Another example is using threat intelligence monitoring from other third party suppliers as well. There’s a perceived need for continuous monitoring through screening, and we rely on that monitoring to give us alerts when things come up.
Pulled audits is an area which is still quite immature, but do think there is scope for that to grow in the future, particularly for suppliers that are unwilling to provide the evidence needed to properly assess them.
That first example is intriguing. There must be a whole series of checks around sending one third party to assess a second third party. What are the risks and pitfalls, and how successful has that methodology been?
So, what I would say is you never outsource your responsibility. Whilst you may engage a third party to go and assess another supplier, you definitely want to be reviewing the work they’re doing for you.
You need to be questioning the assessor, making sure you understand exactly what they saw on site, and then following up with your supplier individually once that
review is done so you can work together to track any findings through mediation.
Once your due diligence has identified the risks or any challenges that may exist, how do you demonstrate effective monitoring and remediation of those risks?
Any outputs from due diligence that have resulted in findings should be logged into your risk tooling in order to be tracked to remediation. It’ll need to have information on the risk that was identified, who in your organization is going to be responsible for tracking it to remediation and what that due date for that is.
Logging it in your risk tool also means there’s accountability from your second line team to check and challenge and make sure that you’re on track to remediate successfully and be sure the risk has been mitigated to be in line with your firm’s risk appetite.
What are some of the risks that you may be most concerned about as a result of any due diligence process and what are some of the key considerations from your perspective?
I’d say that the biggest ones are where there’s going to be an impact to business continuity. Typically if we do have findings in other areas, as long as it’s not impacting the performance of the service and our business activities, we can work the supplier to get them sorted out.
But if it’s something that’s going to impact business continuity, that could be a risk to our customers, to our clients, to our reputation, so those are the ones we’re going to want to get sorted as soon as possible.
How would you summarise your approach to TPRM due diligence?
What I’d say from a due diligence perspective is that the role of TPRM in the first line is to make sure that the outputs of those processes are being reviewed and being actioned.
There’s no point doing lots of due diligence, but then getting so caught up in the cycle of performing it that you don’t actually take the time to look at what risks are being identified and what you need to do to remediate them.
So I would say it’s about using those outputs in order to drive your decision making.
68% of institutions are still in the dark with AI.
Are you one of them?
As AI reshapes financial services, risk management can’t afford to be left behind. Pre-order your copy of ‘AI in Financial Services’ and discover where industry leaders are heading next on their pursuit to adapt to innovative technologies.
Scan to pre-order your free copy
Take control of your institution’s future, today.
Navigating Complex Credit Risks in a Volatile Economy
In a recent Q&A, we asked Alisa Rusanoff, Head of Credit at Crescendo Asset Management to give an overview of the primary challenges, concerns and trends in credit risk management in the context of the fast-moving macro-economic and political landscape in which financial services organizations are now operating.
How does your team assess the credit worthiness of corporate clients - and what are the key factors that you consider in your risk evaluation processes?
There is a lot of analysis that goes in, in terms of quantitative and qualitative, but quantitative is probably very similar across the board. We’re looking at the P&L, at different trends, at the balance sheet strength, at the cash flow analysis, at the projections, any M&A activity that the corporate might be involved in and other factors that are quantifiable.
And we’ll be taking a macro view on the company or on the industry. truly believe that a lot of lenders and lot of private credit shops are focusing maybe a little bit too much on a specific risk, and not really taking account
of the macro environment and of the broader trends in the United States and abroad as well.
In the globalized economy, it’s crucial to understand the supply chain risks, operational risks, geopolitical risks, because it’s so intertwined that sometimes we don’t understand the bigger picture of what could impact this or that corporation, whether it’s the cyclicality of the economy or shipping issues or delays or supply chain constraints.
So, would say in addition to credit risk underwriting, we certainly include other risk assessments like governance and fraud and operational risks and supply chain risks.
All of that together helps us underwrite the company to a fuller extent and try to assess, and hopefully mitigate or diversify, the majority of risks.
So credit risk is really about assessing all types of risk and building a picture that can be used to determine credit - it’s third party risk management, it’s operational resilience, it’s all of that stuff as well, not just about whether people can pay their bills or make their repayments.
Absolutely. I’ll give you an example. If I’m looking at the company, let’s say it’s an e-commerce big box retailer, want to be able to track their inventory levels. I want to be able to track their target audience in terms of the people who are purchasing their goods or assess consumer strength.
In short, what is the trend in the consumer finance world? What is the trend in terms of capacity and creditworthiness, inflation and unemployment data, analysis of which includes but is not limited to credit card defaults, subprime auto lending statistics, real estate market, etc.
want to be able to drill down into my potential customer credit exposure because it all goes back to the consumer strength. So, yes, that’s exactly right.
The current economic climate is challenging - there’s a whole generation of risk managers who’ve never known interest rates at the level they are right now and it’s a really interesting time, economically speaking. So, what strategies do you use to mitigate all of the risks associated with that?
We’re continuously tracking the Fed announcements, obviously the market incentives, the trends in the consumer finance market and the industry specifically. We’re watching and we’re reading a lot of analysis on the geopolitical tensions in terms of where the risks could be coming from. Whether it’s shipping delays that cost our clients in terms of getting their supplies from their vendors, or pivot to a different region due to trade limitations or sanctions due to geopolitical environment.
We have a credit scoring matrix that includes different types of risks. So, we’re pulling data from different data sources.
We’re getting credit scoring, but in addition to that, we’re getting fraud scoring, we’re getting macro and industry scoring from different types of data sources and analysing complex risks involved internally.
And we’re trying to analyze as much data as we can, but we’re also being cautious of any noise or overfitting. Daily volatility is probably not as important to us as verifying and trying to understand the market trend maybe on the monthly basis, because too much noise also doesn’t help your underwriting process.
You want to be able to look at the bigger picture and bigger trend in terms of where the economy is going, where the rates are going, trying to analyze not just the Fed rates, but announcements and movements more broadly, because that just provides more color in terms of where the markets are going. Bankruptcies in the private credit world are also a very important thing for us to look at.
So, how do you then determine appropriate credit limits for corporate clients and what factors influence any adjustments that you and your team might make over time?
think, as I mentioned before, in addition to company specific risks profile, cyclicality is a very important part of our decision-making process. But also you have to look at the portfolio management as a bigger picture and consider exposure to different types of regions, industries, market-cap, sponsors, and other factors.
And you also need to look at the exposure in terms of supplier base. Since the COVID times, I think one very important matrix for a lot of credit underwriting is diversification of vendors and suppliers for the company. So, we’re measuring that. We’re trying to also drill down into the supply chain and really understand the risks involved on the vendor side.
We’ve got a few more countries in the last couple of years on the sanctions list, so a lot of that landscape has changed, and the pricing has certainly adjusted too.
So, we’re seeing a lot of economies in the world, in Europe and other parts of the world, where that has significant impact, which means the pricing levels and inflation are part of the equation.
All of that is certainly having a significant impact on our credit decision-making process. It’s all about exposures and all about pivoting based on the risks that we’re seeing in the market right now. So, yes, diversification is the key, especially in uncertain times and in the times of wars and election cycles in the developed countries of the world.
If we tie this back into the real-world scenarios that you’re dealing with on a daily basis, is there a recent challenge or significant event related to credit risk that you can talk through?
can’t really share specific examples for reasons of confidentiality, but just after COVID as provide supply chain finance facilities to corporates, I was underwriting a few companies at a time to help them build inventory.
At that point in time, they were doing incredibly well because their inventory would be sold within days. The margins were there, people were spending money.
But at the same time, based on my conversations with some players in the industry – investors and big box retailers – I began to realize retailers were trying to get additional warehouse and storage facilities for inventory, which made me think that that was abnormal for any economy, which tends to mean revert.
So, was having more and more of these conversations. And with that qualitative analysis it was clear that this level of inventory buildup was too excessive for the upcoming demand.
We had a few conversations internally with our investment credit committee, and we decided not to pursue quite a few opportunities in the supply chain business. Long story short, we were right, because the market basically crashed in May 2022, and a lot of inventory was just sitting in warehouses and was actually either drastically written down or written off in terms of liquidation value, which in some cases doesn’t exceed 30%.
They say you have to read the room, but you have to also read the conversations, the vibe, the understanding of what’s upcoming, of what makes sense.
So you always have to understand what that mean is, especially with the Fed rates are where they are now, to in a way look through the aggressiveness of founders and CEOs of the company and understand what makes sense in a broader context.
That brings me on nicely to our final question, which is that we know that the risk environment is constantly moving, constantly changing. How do you stay across all of that, and how do you incorporate what you learn into best practice moving forward?
do a lot of structured facilities in the private credit space including structured trade, and asset-based lending, supply chain finance, receivable financing. That means a lot of my products are very structured.
To me, underwriting credit is obviously the number one priority, but as important to me is the structure of the deal.
Private credit, or private debt, has become a buzz phrase in the last year or so, but can’t stress enough the importance to structure the deal thoroughly.
think what we’ve learned in the last couple of years – and what we’ve been actively pursuing – is tech support, and quite a few companies are building their tech stack. I think that’s something that would provide a competitive advantage when you don’t have to have 100 analysts and back office personnel doing work that’s repetitive like reading NDA’s, agreements, spreading simple financial information, etc.
You can actually automate a lot of it, especially now with GenAI, LLM models and other types. think it’s tremendous support for your talent, first of all. It also makes the work more efficient, and it enables you to catch some negative trends and red flags, like sales trending down or abnormal activity basically in real time.
think this is a very good lesson from the COVID times and from various types of developments coming from FinTech companies and embedded finance companies – that to succeed in private credit, you need to be able to make your work efficient and you have to be able to analyze large amounts of data to be able to come up with a credit decision.
And as I mentioned, it involves more than just credit risk. It involves various types of risks, and fraud is obviously one of those that we should be focusing on, because based even on my experience in the trade finance world, I’ve seen more money lost in fraud cases than credit cases, which is quite interesting.
Coming soon in 2025
Credit Risk Europe & USA 2025
Where innovation meets expertise
The most influential minds in credit risk are gathering. Are you ready to become one of them?
Secure your spot at the forefront of credit risk evolution. Discover new strategies, new insights, and be part of the conversation that shapes tomorrow’s financial landscape.
Stress Testing: Balancing Resilience and Realism in Risk Strategy
On October 2, leading figures in risk management across Europe will come together at CeFPro’s annual Stress Testing event for finance professionals working across EMEA and beyond. As a prelude to the event, in this Q&A with Berislav Jozic, Head of Integrated Risk Management at Addiko Bank AG, we take a look at the differing requirements organizational stakeholders have from a stress testing process.
You’re participating in our Stress Testing event in October. Looking ahead to that, perhaps you could explain the primary objectives of stress testing within your integrated risk management framework and how do those objectives align with your overall risk strategy
There are many objectives of stress testing. The first objective is to control the resilience of the institution to adverse scenarios, or stresses as we know them.
The main purpose there is to show the management or other stakeholders, such as regulators or shareholders, which stresses or adverse scenarios the institution can survive and how it can survive them.
This enables stakeholders to create opinions, to make decisions, or to change their strategies based on the results.
So the connection of stress testing to the risk strategy is mainly as a control mechanism where the stress tests serve as a control in determining whether the institution is achieving or coming closer to the resilience and structure of the portfolio that it considered in its risk strategy.
So, for example, if an institution tries to be as resilient to idiosyncratic risks as possible by, for instance, creating a homogeneous portfolio of small individual exposures, then the stress test can assess whether the institution is coming close to that structure and that resilience.
How, then, do you ensure that those scenarios used in stress testing are both comprehensive and realistic within the context of the day to day demands of doing business?
The design of scenarios is very important because this is something that determines how relevant the outcomes of the stress testing are. If the scenarios aren’t plausible or if they are too catastrophic, in both cases they will be rejected or challenged by the various stakeholders.
As an extreme example, the management team doesn’t care to know that the institution will not survive a nuclear war. So the scenarios shouldn’t be too adverse.
Similarly, if a client doesn’t make a payment, that will not impact us operationally, and that’s also not an adverse scenario. So the design is very important. It needs to be stressful, it needs to be adverse. It needs to be something that is plausible. This is why we often combine one, two or three vectors of stress.
And this is why we often employ experts from various fields to discuss with them the plausibility, to check if from different perspectives, because, yes, we’re risk managers, but maybe from a market perspective, something different is plausible.
It’s also very important to use benchmarking and to look back to see if something similar to what we have in our scenario already happened. This improves also the arguments of plausibility and also helps us design scenarios.
That being said, we also should not always think that nothing can happen in the future just because it didn’t happen in the past. So also some imagination is needed.
So how do you incorporate the results of stress testing into your risk management and decision making processes?
The results of stress testing are mainly inputs, usually used in the budgeting and when some changes are made. So when everything is plain sailing, then we just look at stress tests to determine whether we’re fine or not.
But the decision making comes during budgeting when we usually try to see if what we created as our portfolio structure in the future will be resilient enough to survive certain scenarios or whether we need to review what we planned.
Also, for instance, when we are considering entering new segments or new markets, stress tests give us the information on what the impact on profitability would be in the event of any given adverse scenario. So stress testing also gives us inputs for making informed decisions.
But stress testing presumably comes with challenges. So what are the challenges you face in conducting these stress tests, particularly in terms of, for example, data accuracy, model risk and scenario development?
Yes, the challenges are various, and the challenges actually come from the different perspectives of various stakeholders. So the quality of the models that translate the adverse scenarios into the potential impact on the balance sheet is something that’s a huge, huge question for us, because usage of different models impacts significantly the outcome.
Since the models are usually calibrated on a ‘business as usual’ basis, and not on the stress situations, there are always challenges in correcting the calibration of different models.
Data quality is another big challenge, but data quality is something that can only be improved partially. It is never perfect. So the stress test has to be tailored to cater to the known data quality.
Depending on the granularity of accurate data, we can have more or less accurate and granular stress test results. In cases where we have smaller data quality errors, we can go more granular with the outcomes. But if the data quality errors are higher, then we can be certain only on the outcomes at a very high level.
And of course the scenario quality we already talked about is also something that is very, very important to consider.
And just as a final question then, how do you communicate the results of stress tests to stakeholders including, as you’ve mentioned, board members, regulators and investors?
Different stakeholders have very different expectations of the result and actually look for very different information.
Management boards and management in particular look to resilience and look to the outcomes they can incorporate in their decision making. On the other hand, regulators don’t actually care if the scenario is plausible – something that is important to management – but are more interested in resilience that is tailored to some specific criteria defined in the regulation.
Shareholders might look for potential decreases in profitability, again not caring so much for some other component.
So the stress test outcomes must, as a first priority, be tailored in advance and be very precisely defined in terms of what we are actually looking for and which stakeholders we want to inform.
And then, if we want to inform more stakeholder groups then they need to be tailored to cover all of these aspects and actually be explained in some detail. But people are time poor, so we need to make those explanations as clear and concise as possible.
Understanding Transition Finance - A Comprehensive Overview
At the end of October, C. Robin Castelli, Head of Transition Finance Investing at Orange Ridge Capital will host CeFPro’s Transition Finance Masterclass event in New York. In this article, based on a recent interview with Robin to look ahead to the event, we explore how the inherent long-term nature of transition finance changes the risk dynamic for transition investment managers.
Transition finance is an evolving field that encompasses a broad range of financial activities aimed at facilitating the global shift from a carbon-intensive economy to a net-zero or carbon-negative future.
This transition mirrors historical economic shifts, such as the transition from steam and coal during the first Industrial Revolution to oil and vehicles during the second. However, the current transition is more complex, requiring a multifaceted approach that integrates various financial sectors, including investment, financing, insurance, and other financial products and services.
Transition finance goes beyond traditional impact investing and ESG (Environmental, Social, and Governance) frameworks. It’s about adaptation and mitigation, moving from a “brown” economy to a “green” one.
“It’s what needs to happen for the world to go from the current state to this new target state that we’ve never been to before,” said Robin Castelli, partner and Head of Transitions Finance Investments at Orange Ridge Capital, highlighting the unprecedented nature of this economic shift.
One of the most compelling aspects of transition finance is the sheer scale of the opportunity it presents.
According to U.S. Treasury Secretary Janet Yellen, the scope of opportunities in transition finance could reach or exceed $3 trillion annually from now until 2050. This presents a generational opportunity across numerous sectors, with potential profitability in approximately 80 different areas of investment.
The Impact of Climate Risk on Transition Finance
The increasing focus on climate risk has significantly influenced the nature of transition finance. Historically, climate considerations have been a component of ESG, particularly the “E” (Environmental) aspect.
However, the approach to climate risk within ESG has often been overly simplified, reducing complex issues to single metrics like emissions or implied temperature ranges.
This reductionist approach has led to the creation of algorithmically traded investment vehicles, which, while useful, fail to capture the full spectrum of risks and opportunities associated with climate change.
In contrast, transition finance is inherently multifaceted, encompassing a vast ecosystem of investment opportunities that go beyond the traditional focus on publicly traded equities.
As Castelli explains, “It plays a lot more in the dynamic allocation versus the static allocation. It has multiple approaches as opposed to one approach that many current ESG investing strategies might have.”
This broader approach allows transition finance to address the complexities and interconnected phenomena typical of climate risk, such as physical risks, stranded assets, climate litigation, and migration.
Furthermore, transition finance often employs positive screening, targeting companies that are leaders in the transition to a low-carbon economy. Unlike the negative screening typical of ESG, which excludes investments in sectors like oil and gas, transition finance recognizes the value of investing in companies that are actively moving towards greener practices, even if they are not yet fully transitioned.
For example, an oil company that has invested 10% in geothermal energy could be a legitimate target for
Key Considerations for Managing Transition Finance Projects
For professionals stepping into the field of transition finance, a systematic and analytical approach is crucial. Understanding the investment opportunities, the root problems they address, and the potential impact of those problems is essential.
This, argues Castelli, requires a very systematic approach: “What investment opportunity does it fall under? What is the root problem? What is the impact of that root problem? What needs to happen to fix the issue that’s been caused by the root problem? How soon does it need to happen”
“And then, what then generates the benefits of that opportunity that will then come automatically? Fundamentally, it’s a very methodical, quantitative, analytical process. It’s not a process based on hunches and gut feelings. You literally have to run models.”
transition finance, while it might be excluded under traditional ESG criteria.
Those models — similar to those used for stress testing and climate modeling — assess the complex nature of the phenomena being addressed and are crucial for determining the viability and timing of investments.
As one example, geothermal energy is expected to become more prominent around 2030, but investing in it requires immediate action given the long lead times for infrastructure projects. Timing, says Castelli, is where you make or lose money.
In addition to rigorous modeling, having subject matter experts who can review and challenge the interpretations of these models is vital.
These experts provide the nuanced understanding necessary to evaluate the technical, managerial, and financial aspects of potential investments. Moreover, investors must remain humble and adaptable, ready to adjust their strategies if initial estimates prove inaccurate.
Building a Transition Finance Portfolio
Building a portfolio in transition finance presents unique challenges due to the lack of historical comparisons. Unlike traditional assets, where past performance can guide future expectations, transition finance operates in uncharted territory.
Castelli says: “The very nature of transition finance means we don’t really have a historical comparison. We’ve never done this transition before.”
To overcome this challenge, fund managers must rely on forward-looking models, expert analysis, and innovative benchmarking strategies. The timelines for these investments are much longer than typical investments, often spanning 15 to 30 years.
This long-term perspective requires fund managers to adopt a more sophisticated approach, using tools like Monte Carlo simulations and extensive quantitative analysis to establish reasonable benchmarks and expected returns.
Given the complexity and diversity of transition finance opportunities, a one-size-fits-all approach is not feasible. Each investment strategy—whether focused on growth, public strategies, alternatives, physical assets, or infrastructure—requires a tailored approach.
“None of it can really be done with AI or simplification. It’s good old-fashioned analytics and quantitative work,” says Castelli.
Transition finance represents a significant and complex opportunity that requires a deep understanding of both financial and environmental factors.
By employing a systematic, analytical approach and leveraging the expertise of seasoned professionals, investors can navigate the challenges and seize the opportunities presented by this unprecedented economic shift.
