iNFRont Magazine - Dec 22 - Jan 23 Edition

GREEN DREAM OR CLIMATE

Think big during these uncertain times

Ken

From

Reducing the threat posed by professional money launderers

Brian

Ryan

Top

Caitlin Saykal,

THINK BIG DURING THESE UNCERTAIN TIMES

Nordea

New York Branch

It’s been nearly 20 years since Bill Gates said the world needs banking, but not banks. Yet banking and insurance companies are adapting to technology and offering market stability during the most uncertain times in history. Since that statement was made, consider the sheer number of macro challenges that the financial services industry has navigated. And with each crisis, we have had to examine and reset our thoughts about risk.

The world economy is facing many risks, but it seems to me the master challenge is the speed at which change is occurring – making transition risk the godfather of them all. Every aspect of our world is changing, and we have been reminded in 2022 that all our centralized efforts to plan for and manage change can be set back years by a single tyrant’s actions. Just this month, we learned that an entire industry like crypto can collapse around the unscrupulous behavior of a single company, even of a single individual.

Regulation cannot keep up with reality. The media cannot vet the truth. The free market holds the keys. The financial services industry plays a major role in the business winners and losers, because the solutions may come from anywhere, even the smallest corners of the world.

On the theme of solutions to big problems, the recent COP27 conference is a key theme in this issue of iNFRont. After the momentum made at COP26, this year’s event served to highlight just how far we still have to go to make a meaningful impact on climate change. How inspired I am, therefore, by Prince William’s Earthshot. We need more leaders to challenge people to solve problems and expose our solutions to the public for scrutiny, rather than governments and big business that might want to arrogantly control them. So, to those of us who have a finger in the risk pie, I say to think big when looking at the small.

MAGAZINE ADVISORY BOARD

We welcome contributions. If you or your organization are interested in featuring in our next issue, please contact editor@cefpro.com

If you are interested in sponsorship and advertising opportunities, please contact: sales@cefpro.com

Operational Risk Metro Bank

Philip White Senior Vice President – Head of Transformation Strategy & Reporting – Market, Liquidity and Non-Financial Risk Danske Bank Ken Wolckenhauer VP, Vendor Management Nordea Bank, New York Branch

FROM PLEDGE TO IMPLEMENTATION?

ASSESSING THE IMPACT OF COP27

Anne-Sophie

Over recent years, the annual UN Climate Change Conferences have increased in momentum, making headline news around the world. With finance taking center stage at last year's COP26 event in Glasgow, the 2022 conference in Sharm el-Sheikh, Egypt, was a little more downcast as delegates grappled with global crises including the Ukraine conflict, global inflation, the energy crisis, and a host of climaterelated weather events.

COP26 saw net-zero commitments made by 450 banks, investors, and other financial institutions. To place this year’s conference in context, CeFPro interviewed a number of industry experts to gain their views on the key achievements from COP27…

Maya Hennerkes, Director, Green Financial Systems, Climate Strategy and Delivery, EBRD

“Many financial institutions have come forward in recent months with pledges to meet net zero by 2025. At COP27, the conversation turned from pledge towards implementation. What do we need to start doing now to reach net zero by 2050? What interim targets are required? How do financial institutions deal with high emitting sectors? What does a robust transition plan look like? And how do financial institutions robustly align with the goals of the Paris Agreement?

Multilateral development banks such as the EBRD are supporting their clients not just with financing – they have also published methodologies for financial institutions to align with the goals of the Paris Agreement and are providing not only knowledge transfer but also dedicated advisory services for

client financial institutions working on ambitious transition plans.

In addition, while recognizing the urgency and priority of addressing the climate emergency, climate action needs to be placed in the wider ESG context. Climate change has a human dimension and cannot be separated from wider nature-related and social matters. The financial industry will need to move from greenhouse gas (GHG) accounting to thinking about biodiversity and naturepositive financing; promoting greater traceability and transparency in supply chains; and considering a just transition and the social impacts related to the move to a low-carbon world. EBRD is placing climate action at the heart of our strategic priorities, while working on just transition models, reviewing naturepositive lending opportunities in the run up to COP15 in Montreal this December, and applying social safeguards as much as environmental safeguards in all our investments.”

Anne-Sophie Castelnau, Global Head of Sustainability, ING

“COP27 did not turn out to be the implementation COP we had hoped for. It’s disappointing that no further steps seem to have been made in tightening emissions targets and following through on previous commitments to ‘keep 1.5°C alive’. Now, even more emphasis needs to be placed on taking action on the road to COP28 by all parties, including financial institutions. Transparency on progress and honesty about dilemmas are key here.

Next to that, the agreement on a climate loss and damage fund for vulnerable countries underlines the importance of an inclusive, just transition, as well as

the reality of climate adaptation. These issues should also be on the radar of financial institutions.”

Tobi Petrocelli, Director, Environmental and Sustainability Management, MUFG Americas

“Loss and damage were arguably the most important and contentious issues being negotiated at COP27, with developing and climate-vulnerable nations united behind getting an agreement to create a separate funding facility (to cover irreversible economic and non-economic costs) that can then be worked out over the next two years. But the G7 countries – historically those most responsible for the global greenhouse gases causing extreme weather events and slow-onset climate disasters, and who for years have delayed and denied the need for a loss and damage fund – are pushing the Global Shield insurance scheme as an alternative. This has not gone down well with climate justice advocates or developing countries, some of which would be excluded for being too developed.

To this effect, President Biden, Japanese Prime Minister Kishida, and Indonesian President Widodo announced the launch of the Just Energy Transition Partnership in Indonesia (JETP-I). The goal of the project, co-led by the governments of the US and Japan, is to ‘facilitate power sector transition in Indonesia’ through an estimated $20 billion in public and private sector funding. The private sector entities involved are primarily global financial institutions, including MUFG, who worked in coordination with the Glasgow Financial Alliance for Net Zero (GFANZ). GFANZ and the participating firms had engaged government entities

over the past six to eight months leading up to this agreement.

The Biden Administration is touting this initiative as a key deliverable emerging from COP27 and a model that could be used to transform the economies and reduce the carbon emissions of other countries – India and Senegal are among those also being eyed for JETPmodeled public-private transition finance projects. The announcement also proved timely as world leaders subsequently descended on Bali, Indonesia to attend the G20 Summit. This initiative, and the mobilization of $20 billion in funds, will go towards assisting Indonesia – one of the largest sources of carbon emissions in Asia – to shut its coal power plants and bring forward the sector’s peak emissions date by seven years to 2030.”

Maria Lombardo, Head of ESG Advisory, Standard Chartered Bank “If COP26 was the summit of finance and ambitions, COP27 has been the summit of just transition and implementation. How much has been achieved, though, is still in question. Financial commitments by governments were under more scrutiny and the 1.5°C target risked being diluted, saved only by the parallel G20 summit in Bali which kept it alive.

Despite this backdrop, two positive takeaways are the Just Energy Transition Partnership (JETP) and the approval of and support for the loss and damage fund. Starting with the latter, the breakthrough success here has been in getting countries’ acceptance after years

of demand – this is a great achievement.

Standard Chartered’s ‘Just in Time’ report calculated that US$94 trillion is needed for this. As a bank with a footprint in countries that need this support the most, we are focusing on dramatically increasing the availability of finance in these markets. The by-product of it is the urgent need for adaptation finance; this is where finance solutions must be addressed.

Regarding JETP, there is a growing international and cross-sector movement focused on the early retirement of coalfired power plants, alongside the scaling up of financial support for renewable energy. We are one of seven global banks leading on the JETP financing solutions for Indonesia, where targets on peak emissions will be brought forward by seven years to 2030, with the aim of eliminating 300 million tons of emissions.”

Clinton van der Spuy, former Head of Risk Management Financial Markets Americas, Rabobank “After heady commitments at COP26, issues of implementation are now front and center. Bank representation at the meeting was weak, which was unsurprising given softening guidance at GFANZ and considering that numerous banks softened their own net-zero commitments earlier this year.

For me, the top takeaways were the tweaking of multilateral development banks’ mandates, which should help increase financing flows to energy

transition and adaptation projects in developing economies, while enhancing investment opportunities for the private sector. And the acceptance that gas may be a transition fuel in Africa. This will require infrastructure investment, but ultimately is at odds with many investors’ and banks’ portfolio commitments. The immediate question this raises is, who will fund it?”

COP27 conclusions

Although perhaps not as productive a summit as many were hoping for, finance and business discussions at COP27 were lighter than in 2022, which some have referred to as ‘green-hushing’. Organizations globally face complex decisions in order to implement long-term goals and pledges. It was also highlighted that as part of Mark Carney’s 2022 alliance announcement, 53 banks now have science-backed targets, up from zero in 2021. The industry continues to embrace the meaning and understanding of ESG challenges, although plenty of work lies ahead in order to ensure they are incorporated into day-to-day risk management processes and that boards are included within any decision making.

In short, COP27 has kept the conversation going, acting as a reminder of the important pledges made and reigniting efforts towards their implementation.

What are the key signs that firms should look out for to detect activity by PMLs?

PMLs are experts at distancing themselves from the actual laundering process. This makes it very difficult to detect PML activity straight away. Usually, it will require additional investigation, which is something that HMRC and law enforcement can help with.

Because PMLs use such a wide variety of methods, there are many different signs that might indicate professional money laundering. The best advice we can give firms is to take a holistic approach when doing Know Your Customer checks, due diligence, or transaction monitoring.

When looking for PMLs, it’s important to see the full picture. The combination of jurisdictions and businesses involved, business models, trade routes, and company ownership can help a firm to see whether a PML might be involved.

“The Joint Money Laundering Intelligence Taskforce (JMLIT) is a key initiative in tackling PMLs. JMLIT is a partnership between law enforcement and the financial sector to tackle money laundering and economic crime. It consists of over 40 financial institutions, the Financial Conduct Authority, Cifas, and five law enforcement agencies. Requests we have received through the partnership have helped us to develop intelligence on known PMLs.”

of PMLs handling the proceeds of fiscal crime. Collaboration across the system will be key to achieving this. We want to share what we know about PMLs with the regulated sectors. Specifically, we are keen to work with the industries they exploit. Our focus is on education; helping firms spot PML exploitation and ensuring they know what to do.

The submission of Suspicious Activity Reports (SARs) is of significant value to HMRC, including in ways that are not immediately apparent. This includes our ongoing intelligence development against identified PMLs.

We use an intelligence-led approach to identify PMLs with the biggest impact. This allows us to develop bespoke disruption plans to target them and their networks, including professionals who are aware that they are working for PMLs and do not take their regulatory or reporting duties seriously.

recently observed that a PML used corrupt financial services companies to facilitate their criminal activity.

Brian Mullen Threat Lead: Professional Money Launderers, Fraud Investigation Service HM Revenue and Customs

REDUCING THE THREAT POSED BY PROFESSIONAL MONEY LAUNDERERS

Can you provide an overview of professional money launderers and their tactics, and how financial services firms could be unknowingly facilitating their actions?

Professional money launderers – or PMLs – are people who, for a fee, provide services to organized crime groups (OCGs) by laundering the proceeds of their crimes. They launder for multiple OCGs and do not concern themselves with how the proceeds were generated. In other words, they’ll just as happily launder for drug traffickers or human traffickers as they will for tax fraudsters.

PMLs operate globally. They facilitate the movement of dirty money through multiple jurisdictions and are often based in countries where they (wrongly) think they are out of reach of UK Law Enforcement.

PMLs may work in financial services themselves. Often, however, they simply use the expertise, influence, or access of others. By exploiting professional businesses or individuals, PMLs create a veneer of legitimacy for their laundering techniques.

PMLs use multiple methods to hide the true source of funds. For example, a PML may hire the services of a wealth manager who then (unknowingly) invests

proceeds of crime in legitimate products. Legitimate investment return then further obscures the original source.

PMLs are also known to exploit correspondent banking. Exposure to high-risk jurisdictions is attractive to PMLs. Similarly, lack of oversight of every party in a chain can make it easier to hide the true source of funds.

Money mules are another area of concern. A money mule is someone who allows criminals to use their bank account to launder money. PMLs recruit money mules – often through social media – to open accounts. They also control business accounts to move illicit funds.

What are some of the consequences of assisting PMLs?

If a person knows or suspects that the value they moved was derived from criminal conduct, they are liable to criminal prosecution. This can include being sent to prison. Those found guilty of money laundering will also likely be subject to confiscation proceedings, meaning they will be forced to repay any benefit made from their crimes. They will also be effectively excluded from operating within the UK’s regulated sector.

Firms involved can be fined, have their licenses revoked, and even be prosecuted for breaches of the money laundering regulations. Both for individuals and firms, reputations can be easily tarnished and difficult to recover.

Can you provide an example of a PML case you have experienced?

We are aware of the threat PMLs cause to our national security and economic prosperity, so we have designed a dedicated response. For example, we

On this occasion, an electronicmoney institution under the control of a PML was used to facilitate the movements of illicit funds, including illegally exchanging funds into crypto assets, which transferred offshore. It is estimated that, in total, the firm handled about £2.5bn. It is now in administration, with most of the customer funds frozen by HMRC and the police.

In this case, we worked together with other UK law enforcement agencies to secure the criminal funds, disrupt the OCGs involved, and protect the integrity of the payment system.

What can be done to tackle the threat posed by PMLs across the industry?

As the saying goes, organized crime will prevail over a disorganized system. Only by working together across the public and private sector can we tackle PMLs.

At HMRC, we have set ourselves the goal of completely dismantling or significantly degrading the capability

We are also keen to prevent PMLs from increasing the risk and cost of doing business in the UK. We are working across Whitehall and with other jurisdictions to address legislative and policy loopholes used by PMLs and are also in discussions with private sector partners to understand how technology can be used to support our work.

The Joint Money Laundering Intelligence Taskforce (JMLIT) is a key initiative in tackling PMLs. JMLIT is a partnership between law enforcement and the financial sector to tackle money laundering and economic crime. It consists of over 40 financial institutions, the Financial Conduct Authority, Cifas, and five law enforcement agencies. Requests we have received through the partnership have helped us to develop intelligence on known PMLs. We are currently scoping a PML JMLIT cell (a focused group to deliver public-private threat response activity) with partners to further enhance our understanding of the threat posed by PMLs.

CeFPro’s Fraud & Financial Crime USA Congress (March 22-23, 2023, NYC) will explore new complexities in the fraud and financial crime landscape and best practices to stay ahead. For full details or to book your place, go to www.cefpro.com/fraud-usa.

THE EVOLUTION OF THIRD-PARTY OVERSIGHT

Since the return of live events, we have enjoyed some lively and exciting debates with delegates at CeFPro summits on both sides of the Atlantic. Here, we include a summary of the key points that were addressed with the audience at one of our recent events in New York City, covering the evolution of third-party oversight and featuring live polling of the assembled audience…

Operational resilience rests on a foundation of many existing competencies, such as third-party risk, business continuity, and cyber risk, etc. Throughout this session, we wanted to get a sense of where people are in their overall operational risk program and then link that back to third-party risk. So, the first question to our audience was, does your firm have an operational resilience program?

From the results of the poll, it was clear that most people in the room were leveraging existing programs, although a handful hadn’t implemented anything yet. This underlined the fact that lots of industry professionals are still trying to figure out operational resilience and what it means. Is it its own area or an offshoot of either business continuity or traditional operational risk?

The second question we posed to delegates was, what’s the focus of your operational resilience program?

Interestingly, identifying a single point of failure was a key focus area. Many firms are dealing with vendors that are common across not just one industry, but multiple industries. Highlighting those areas where a single point of failure or a single vendor could lead to the failure of the firm or maybe even the industry, is crucial.

On the topic of single point of failure and third-party risk, it was noted that third parties should also be looked at through the lens of the business process they’re supporting, to ensure that the appropriate level of focus is being applied. But this is not a quick or simple exercise: identifying a single point of failure essentially means you’ve mapped out your firm’s processes end to end, and then taken a critical eye to identify either those third parties or business processes that are most

impactful to you. How does a firm approach this exercise? What steps must they have taken to get to the point where they’ve mapped out all their different processes, for example?

This proved a good segue into our next question, which was, has your business defined its critical operations, risk appetites, or impact tolerances?

This was an interesting discussion point among the assembled delegates as once critical operations have been identified and mapped to third parties, different strategies must be considered. Ultimately, this comes down to a firm’s risk tolerance and risk appetite. Certain critical operations may be being run by a third party; without them, the reputational impact to the firm could be severe.

The different options to mitigate against this proved a key area of debate among the audience. Do firms need to bite the bullet and accept they need a contract with an alternative third party to protect them if the worst happens? Or do they need a strategy where they use two vendors rather than one for the same service, to make sure they have the ability to divert services if necessary?

When defining their critical operations, it became clear from the audiences’ responses that a key difficulty for some firms is in deciding on which areas to focus first. One approach is to figure out which area has the most direct client impact, as this obviously carries an associated reputational risk.

The next question asked, are your key data sources aligned?

Are your key data sources aligned (e.g., service RTOs, BCP plans, impact tolerances)?

Obviously, maintaining two sets of processes comes at a great cost. Do firms spend the money now and plan for that potential event, knowing that if it does happen, they have something else ready to go? That can be a hard sell because you’re spending dollars today preparing for something that may never happen.

That perspective led nicely into the next question: how are you minimizing impacts to critical operations from a TPRM perspective?

How are you minimizing impacts to critical operations from a TPRM perspective?

For example, a firm may carry out a risk assessment when onboarding a third party and upon completing the business continuity plan, define that third party as a medium risk service, as it is critical to ongoing operations. However, it is important to ensure these different data sources are aligned as one person or department’s definition of high risk or critical will not necessarily be the same as another’s. Having a common foundation is key and will help to ensure that those terms mean the same thing to all.

To add to that, audience members highlighted the importance of breaking down silos. Having conversations with stakeholders across different departments can help to remove that individual lens and the silo mentality that many of us have and force us to think differently.

The next question asked, are your third-party services mapped to your critical operations?

Within the area of cloud providers, for example, increasingly, firms are seeing not hundreds of providers, but the same three or four. This posed the question: what should a firm do if something catastrophic happens to their cloud provider? How will the provider deal with their backlog? What if they were to give priority to another firm? If so, while you are waiting for the provider to address your issue, your risk, your reputational damage, your damage from a financial perspective, are getting higher and higher. How can firms prepare for and mitigate against that?

As the session drew to a close, the clear takeaway was that it’s not enough to just look at third parties. Firms must now look further ahead at their fourth parties and beyond to assess any potential impact.

Operational risk, including third-party risk, business continuity, and resilience, is a key theme at CeFPro’s flagship event, Risk Americas (May 23-24, 2023, New York City). For the full agenda and to book your place, see page 20 or go to www.risk-americas.com.

And for more engaging industry insight, sign up today for CeFPro Connect at www.cefpro.com/connect

THE IMPORTANCE OF EXPLAINABILITY IN AI & MACHINE LEARNING

*The views and opinions expressed in this publication are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.

Can you define explainability and its importance when managing AI and machine learning?

Explainability is the reason why a particular outcome has been taken by an algorithm in an AI or ML system –what was the driving force that led to a decision being made and setting that as the context around which all the method’s supporting evidence will be framed.

Context is an important area to consider when talking about AI and machine learning. It’s not enough to look at just the methodology that’s going to be utilized or the data; considering both of these components together, in context, will ultimately drive the level of explainability needed to understand which target audience will be receiving those explainable predictions, and why.

Looking into it a little deeper, there are three attributes to consider. First, we need explainability to understand why decisions are being made for the model (in the context of the algorithm) as a whole. The second part is around individual and local predictions – maybe a certain decision was different for you than for me. Understanding the primary drivers behind why an offer was made to a certain level, to a certain individual, is important because some of these relationships may have multiple non-linear interactions. And third is the case of counterfactuals – what

level would be required for a different outcome to have been made? What are the thresholds? Those are the three main attributes of explainability in this context.

One more item to address is that explainability is not only important in the context of understanding why a decision was made, but also within the concept of model fairness. It’s important to look at these two items as entities deserving of their own treatment and interactions, and not necessarily co-mingled together.

We often hear the terms explainability and interpretability used interchangeably. What are the differences between the two?

Something we’ve come up with as part of a financial industry working group that I’m part of is that interpretability is a property of a model. I tend to think of like a decision tree. If you look at a decision tree and make a prediction, you can essentially see the threshold. A simple example is whether or not somebody likes a certain food; it would be easy to understand why a decision was made and you could follow the decision path in a relatively intuitive, straightforward manner.

When we look at models that are more complex – for example, a deep neural network with multiple levels of hidden layers – investigating the process to understand the primary reason why certain things happened becomes more

difficult. You could say that the model becomes less interpretable.

In this instance, you may require explainability techniques that humans will understand. This is where we get into explainable AI/ML. With this, there are multiple different paths you could take as far as who the explainable predictions are for, how they are broken down, or how insights are made. One example could be reason codes: e.g., for this particular case, this decision was made because of reason 1, reason 2, reason 3, etc. This is where methods come into play.

There are several different methods to consider – one is known as Shapley values; another methodology in the case of local explanations is called Lime. It’s really about trying to understand the drivers behind decisions being taken at an individual incident level. Why was this offer not made to this potential person, versus why does the model do X?

Who is explainability for? Who are the consumers of the predictions?

There are multiple different stakeholders for whom explainability could be provided, and it’s important to know which group you’re targeting to be able to effectively communicate the decision making process.

One example could be that of data science or machine learning teams,

building models and utilizing advanced methodologies that are generally less interpretable. Team members may communicate with one another in a certain way as they understand at a mathematical level why particular decisions are being made and can appreciate the challenges around getting to that level of interpretability.

Other stakeholders will have a less technical nature but just as valid a reason – and in some cases more so – to understand why certain decisions are being made; for example, a regulator. Explainability can therefore be helpful in the context of providing detail in understandable terms. Being able to explain how and why certain decisions are being made and the context that they sit is extremely important for all model stakeholders. Ultimately, providing explainable predictions and utilizing explainable methods help to build trust in in the model making decision.

But these are by no means the only audience. Model owners, regulators, other business line individuals, individuals within different teams, compliance groups, legal departments, third parties… All of these groups must be able to understand why decisions were taken, despite not necessarily having the domain knowledge or not understanding the statistical

methodology that underpins why certain algorithmic decisions are being made.

Furthermore, it’s important for model owner teams, model developers, or model validators to have that additional granularity of the probability level to enable them to consider whether the algorithm requires some fine-tuning to achieve a more positive outcome. In the case of a regulator, explainability could be needed to understand how a model is performing at a broad level; even having surrogate models to attempt to estimate the global behavior of the algorithm to give a better picture in a more interpretable way.

What are some of the key opportunities and challenges that you see within explainable AI/ML?

I think there are opportunities for explainable AI/ML wherever a model is utilized to make some type of decisioning process, and also in the context of increasing model fairness and building trust. How explainable AI/ML can support these initiatives – whether that’s for lending ECOA or UDAAP – will only continue to grow.

A key challenge relates to knowing your audience and goes back to the stakeholder point I made earlier. So, not just providing information around

explainability but also providing insights in a way that is actionable, that doesn’t translate into information overload, and that provides real value to the model stakeholder. I think this is a constant challenge that no algorithm, no implementation or utilization of explainability itself can inherently solve. There will always be a very human effort required to continually refine what explainability means and how it can be delivered to a stakeholder in a way that is meaningful to them.

The second challenge is more of a computational one. As far as the scope of application use cases is considered, some of these methods can become extremely computationally intensive. Ensuring that the explainable predictions are delivered in a way that is not computationally intractable is essential.

For example, a model may be delivering real-time information to a front-line representative, but the explainable prediction takes five minutes to compute after that decision has been rendered because of upstream dependencies or computation times. This could potentially significantly impact the user experience because the explainable prediction isn’t being delivered at the speed of the model results. Making sure that these align in a way that is not computationally intensive is a key challenge that we need to overcome.

Model algorithms, AI & machine learning, and ethics & bias will all be discussed at our forthcoming Advanced Model Risk USA Congress, taking place in New York City, March 22-23, 2023. To book your place, go to www.cefpro.com/model-risk

COP27: PLAYING CLIMATE CATCH-UP COP27: PLAYING CLIMATE CATCH-UP

The statistics behind the headlines from the 2022 UN

Climate

Change Conference

After the momentum made in Glasgow during 2021’s successful COP26, for some, this year’s conference, held in Egypt’s Sharm el-Sheikh, has felt like a return to reality. Only 30 of the 193 countries that attended last year’s event have updated their emissions target, prompting the UN chief to warn that the world is ‘on a highway to climate hell’ unless drastic action is taken. During COP27, one topic that garnered much attention was that of vulnerable countries – the so-called V20 – bearing the economic brunt of climate damage caused by rich nations. In recognition of this, COP27 saw the joint launch by the V20 and G7 of the Global Shield against Climate Risks, an initiative for pre-arranged financial support designed to be quickly deployed in times of climate disasters. Here are some of the other key findings from the conference, showing just how far we still have to go in the fight against climate change…

Source:

Total

Number of countries attending COP27

Source: The Guardian

80 1.5°C

Percentage of the world’s emissions caused by G20 countries

Source: OECD

Source: FT

Source: Emissions Gap report 45%

Emissions reduction needed by 2030 to meet the 1.5°C target

Redirecting investments going into new fossil fuel projects this decade could fully finance the wind and solar energy scale-up required to meet the 1.5°C goal

Source: IISD

Amount expected to be spent on new oil and gas development and exploration annually between 2020-30

Source: IISD

Amount global CO2 emissions from burning fossil fuels are set to rise

TOP 4 RISK FACTORS FOR 2023

Risk factor #2: Operational risk: Supply chain

Against the backdrop of an unstable geopolitical landscape, it is clear that global business is being heavily affected, with supply chains increasingly impacted.

With supply chains shocked first by the global pandemic and then by the conflict in Ukraine, firms now need to get ahead and review their current business processes or run the risk of losing customers due to inevitable supply chain delays. The incoming recession poses an additional challenge – a firm’s current vendor ecosystem may need to be evaluated and adapted, perhaps with certain activities no longer needing to be outsourced.

Financial institutions are also having to carry out more in-depth risk assessments on their current vendors, as well as ensuring that correct due diligence is being performed. While increasing delays may tempt firms to look for new vendors, the onboarding process is often lengthy and cumbersome, meaning that relying on existing vendors may be the preferred option for many.

Risk factor #3: Market risk: Rising interest rates

As part of our preparations for Risk Americas 2023 (May 23-24, NYC), CeFPro’s research team has undertaken a campaign to uncover the key risk factors affecting banks and financial institutions as we head into 2023.

Our research focused on four main areas of financial and non-financial risk: technology; operational; market; and ESG. Here, we reveal the leading threats for each of these silos as highlighted by the numerous industry thought leaders we interviewed in advance of our flagship US event…

Risk

factor

#1: Technology risk: AI and machine learning

Over the past few years, there has been a rapid acceleration towards developing and implementing AI and machine learning (AI/ML). From our research, it is clear that this is still an area of real uncertainty.

Firms are having to navigate how to optimize the benefits of AI/ML while reducing risk to an acceptable level, and, of course, being cost effective. As well as the competitive disadvantage to be considered if it is not adopted, the rapidly changing geopolitical landscape means that firms that are not leveraging AI/ML are being left increasingly exposed.

It is clear that some firms are struggling to ensure that their internal teams fully understand the concept. For example, although a bank may be running scenario analyses through AI/ML programs, managing this process and interpreting the outputs are still proving to be a challenge. This poses the question of how helpful this tool really is.

Finally, while AI/ML is beginning to be used in tasks such as mitigating new fraud techniques, this is an evolving area, and many firms are still trying to understand how to reduce false positives to make this tool as accurate as possible.

Since the pandemic, financial institutions have been navigating a new normal. However, there is more change to come as we head towards a global recession, with rising interest rates creating market volatility which is impacting the overall macroeconomic environment. Such a situation has not been seen for many years, prompting firms to question how best to limit their exposure to risk.

A lack of regulatory direction is only causing further uncertainty which, combined with increased pressure from an unstable geopolitical landscape, could lead to potential credit issues as firms try to mitigate micro challenges alongside balancing macro ones.

Some are trying to navigate this landscape using a new suite of tools and resources, in a bid to mitigate upcoming ramifications as well as help predict how the economic environment will respond to inflation and when interest rates will begin to decrease.

With an increase in the use of models internally, it is important that these are now adapted to the current volatile market to predict upcoming losses – not an easy task amid such a fast-changing economic environment. A lack of data is creating further difficulties as firms struggle with the best way to adapt their models.

The issue of ESG shows no sign of receding, with increased regulatory pressure from multiple governing bodies. However, organizations are mainly focusing on the ‘E’ and navigating how best to integrate climate risk into their existing frameworks and operational resiliency plans, to avoid regulatory scrutiny and decrease the likelihood of reputational risk.

While actions are being taken in the climate risk space, such as companies starting to make commitments towards lowering their carbon emissions, many financial institutions are unsure what to do next. Firms will need to be able to perform climate stress tests, begging the question of how new sets of data, metrics, and tools will be developed.

There is also a trend towards quantifying risk appetite and setting acceptable limits and thresholds, as it is important for firms to drive their ESG efforts beyond regulatory reporting. This is prompting some institutions to look internally at their current resources to ensure the correct governance and skill sets are in place to allow for this. What is clear is that risk management teams and climate specialists need to integrate to avoid making siloed decisions that are not joined up.

Finally, while many organizations are striving to be seen as ‘green’, undergoing an environmental transformation whilst remaining compliant brings a budgetary pressure – many firms are still awaiting guidance from governments and regulators to understand the kind of investment they should be making. This only serves to highlight the lack of experts in this field required to help firms navigate the best way to ensure that ESG is being embedded across their business activities. Hear from industry experts on all these topics and more at America’s premier financial risk and innovation convention – Risk Americas 2023 (May 23-24, 2023, New York City). For full details and to book your place, see page 20 or go to www.risk-americas.com

ACCELERATE THE TRANSITION TO NET ZERO BY LEVERAGING THE POWER OF THE RISK OFFICER

There are many ways banks can accelerate this. The first is to provide funds, either through lending or investing, to projects or companies aimed at helping with the transition to net zero. They may be projects that work to develop, refine, or commercialize low-carbon technologies; technologies that remove carbon from the atmosphere; or climate mitigation activities. Financed activities may be entirely green or to companies that are looking to pivot their business model, products, or services.

The second way is by engaging with clients to raise their awareness of climate change, providing them with the insights and frameworks to become more sustainable, and making them aware of any specific financial instruments that may enable their transition, such as green bonds.

Earlier this year, our GIB group issued a sustainability-linked loan, illustrating its commitment to alignment with Sustainable Development Goals. This was the first such loan for a Saudiowned bank. The issue was significantly oversubscribed, giving a clear incentive to continue issuing in sustainability rather than traditional form. The bank is now working on meeting the commitments that were made under the sustainability terms.

What are the barriers to banks of playing this role?

Before they can help transform their clients’ business models, banks must first integrate sustainability into their own strategies and processes. That means having people with the right skills and the right tools. So, as well as a willingness to change, banks must also possess the capacity and capabilities to integrate sustainability into their lending and investment processes.

In the UK, most if not all banks have now established or are accelerating their transformation. However, when I first started communicating with banks around climate risk, the common belief was that they lacked the skills, experience, data, and tools necessary to commence or accelerate the transition to net zero.

Similarly, on the investment side, analytics around sustainability risk and climate risk were very limited. In fact, there is still a limited offering in terms of climate value in risk tools, especially on the fixed income side; it is much easier to find a tool to calculate climate value at risk on equities rather than fixed income securities.

Another important barrier is culture. To embark on this transformation, there needs to be a true and deep understanding of what climate and other sustainability risks mean for both our future and our present. It is extremely hard to change people’s behavior when they feel the risk is distant; we tend not to want to make decisions for a long-term outcome. While there remains scepticism that climate change is a top material issue for banks, having a curious and open culture within the organization is vital to enable the net-zero transformation.

How can the risk officer help to facilitate this transition?

The job of the risk officer is to be forward looking. The risk management processes can raise awareness of future risk to the entire organization and help colleagues to understand that climate risk is a current and shared risk, not something that can safely be ignored.

The risk officer’s job is also to assess and quantify the impact of risks and therefore, the impact of climate change. They provide metrics, monitoring, and reporting, but they also understand the importance of culture, and how to affect and mold it to make sure that sustainability is everyone’s responsibility. This can help boards, management, credit officers, and investment managers understand the true measure of climate and sustainability risk on their banks, portfolios, transactions, clients, and activities; sequentially prompting a change in behavior.

As well as being an early catalyst for change, the risk officer also represents a continuous feedback loop to the business due to the importance of embedding sustainability risk, both at a strategic and transactional level. Since the financial crisis, risk management has evolved to become more holistic, encompassing culture and incentives. Risk officers can help to ensure that the right incentives are set to manage sustainability risk and the consideration of climate issues in the bank’s credit or investment framework.

Besides the risk officer, every department, function, and individual in banking and financial services can help with the transition to net zero through informing themselves of the risks and then translating that information into suggestions or initiatives that they can take forward in their day-to-day role, or through their departmental responsibilities. Everybody can and must play a part in this transition.

For example, the IT department can raise awareness about the digital impact of our lives, such as the fact that every email sent through the cloud has a real energy consumption attached to it. That portion of energy consumption can be greatly reduced by not retaining data unnecessarily, and by not copying in people to emails unless we really need to. Minimizing the transportation of digital messages and reducing storage in physical data centers are areas in which the IT function can educate the rest of the company. This is a small but concrete example of how everyone, even if not directly employed in a sustainability-focused role, has a part to play.

Furthermore, there are numerous courses and educational initiatives that people can access to help advance their knowledge and learning; for example, the Climate Safe Landing Fellowship, which offers a six-month leadership development program for banking professionals seeking to enhance the climate agenda within their institutions.

To conclude, while risk officers often look at the negative aspects of the future, we must not be paralyzed by pessimism. It is important that we retain enough optimism that action is still possible and that all individuals working within banking and financial services understand and recognize that they are uniquely placed to help accelerate the transition to net zero.

“Besides the risk officer, every department, function, and individual in banking and financial services can help with the transition to net zero through informing themselves of the risks and then translating that information into suggestions or initiatives that they can take forward in their day-to-day role, or through their departmental responsibilities. Everybody can and must play a part in this transition.”

CeFPro’s Non-Financial Risk Leaders 2022 report provides up-to-date analysis and insight into the key NFR themes affecting financial services firms today. This year’s highest climbing non-financial risk is ESG. To understand what this means for your business, download your free copy of NFR Leaders today at www.nfr-leaders.com

OPERATIONAL RISK MANAGEMENT USA

BRINGING TOGETHER THE RISK COMMUNITY

Taking place across two days in October, CeFPro’s seventh edition of Operational Risk Management USA marked the event’s first return since the start of the pandemic. As such, networking proved highly important to the diverse audience of familiar and new faces representing a host of operational risk fields, with attendees enjoying over seven hours of face-to-face networking opportunities on day one alone. Here, we summarize the key takeaways from both days of this popular conference...

What is the focus for your operational resilience program?

Minimize supply disruptions

DAY 1 HIGHLIGHTS: OPERATIONAL & SUPPLY CHAIN RESILIENCE

The event opened with a panel discussion on the increasing focus on resilience and the need to develop agile programs, chaired by Phyton Consulting and accompanied by industry experts from ICBC, Sia Partners, and HSBC. When questioning the audience as to their progress regarding operational resilience, 60% of attendees stated they had a partial resilience program, leveraging existing operational risk and business continuity programs. Only 13% described their program as mature, with 11% admitting to having no resilience program as yet.

When reviewing the focus of those operational resilience programs (see graph below), 42% of delegates stated that their main goal was to identify a single point of failure, with a fairly even split across the remaining options, namely to minimize supply disruptions, prepare for black swan events, or build in duplication of key processes.

Discussion then moved towards third-party risk management and enhancing control environments across supply chains to manage exposure. This is a vitally important subject matter given continued supply chain disruptions and increasing security risks across vendors and third parties.

Next up was the Federal Reserve Bank of New York who shared the stage with Phyton Consulting to debate data management and the evolution of data uses in operational risk, including that of tailoring customer experience. Discussing data as a fundamental and the minimum requirements to develop good governance processes, security programs, and operationalizing data for insight and analytics, the session proved the perfect segue into a more technology driven afternoon, with many speakers subsequently referencing the importance of having in place strong data management to support and feed technology programs.

DAY 2 HIGHLIGHTS:

MITIGATING THE IMPACT OF DISRUPTION

Moving into the second day, the first panel debated the use of scenario analysis and quantification methods to identify impact of disruption. Credit Suisse, CNM LLP, and Valley National Bank sparked a lively debate on the benefits and practicalities of quantification methods. This was supported by Archer who discussed building quantification into long-term risk management strategies and methods to add value throughout the business.

NEW GENERATION OPERATIONAL RISK EUROPE

8TH ANNUAL | MARCH 14-15, 2023 | LONDON REGISTER NOW>>

CeFPro’s New Generation Operational Risk Europe event returns to London on March 14-15, 2023, with an updated and detailed agenda reviewing the latest advances and trends in operational risk. Now in its eighth year, the 2023 edition aims to drive a new generation of operational risk amid an evolving and technologically advanced environment.

KEY TOPICS

RESILIENCE

Implementation progress and broadening to include critical third parties

CONSUMER DUTY

Understanding requirements and implications of consumer duty obligations

SUPPLY CHAIN

Continuing discussions on global supply chain challenges and impacts to financial services

CULTURE

Managing organizational culture in a changing environment with flexible office working

RISK

Monitoring geopolitical events and ripple effect across risk disciplines

Reviewing growing cyber risk and exposure with increased supply chain reliance and political volatility

20+ PRESENTERS INCLUDING

Leveraging technology including AI and machine learning to enhance risk programs

Incorporating climate risk considerations within an operational risk framework

Operational Risk USA will return to New York City in October 2023, while its sister event, New Generation Operational Risk Europe, will take place in London on March 14-15. See opposite page for details, or go to www.cefpro.com/oprisk

A double session focusing on RCSAs and increasing their effectiveness as a risk management tool then followed. Fannie Mae of the Inter-American Development Bank, and Silvergate Bank discussed making RCSAs more impactful and deriving value beyond a regulatory tick box exercise, extolling the benefits of taking a riskbased approach and incorporating process into reviews.

The day concluded with a range of engaging and interactive sessions led by industry experts from Wells Fargo, Société Générale, and Arvest Bank.

STAY IN THE KNOW WITH

What key takeaways were you hoping to see from COP27?

The 2022 United Nations Climate Change Conference, more commonly referred to as COP27, was held from 6-18 November 2022 in Sharm el-Sheikh, Egypt. Following the key promises made at Glasgow’s COP26, financial services organizations were among the many stakeholders keen to see what action would be taken at this year’s conference. In the weeks leading up to COP27, we asked a selection of industry leaders what key takeaways they were hoping for…

Eivind Lorgen

Chair Emeritus

– Investor Advisory Group

SASB Standards

Created by the industry, for the industry

Updated weekly, CeFPro Connect is a brand-new online platform featuring a comprehensive library of 100s of industry-specific resources, including:

• Articles, plus the full iNFRont back catalogue

• 1-1 exclusive interviews

• Industry reports, including Fintech Leaders and NFR Leaders

• Executive research summaries

• Free webinars

• Video Q&As

• Speaker presentations from CeFPro events

• And much more!

Enhance your learning beyond the main auditorium with insight and thought leadership from leading financial services professionals.

Join CeFPro connect today with FREE registration at www.cefpro.com/connect

“Since the IFRS Foundation announced at COP26 the creation of the ISSB – a robust global standard and framework for sustainability accounting – significant progress has been made towards delivering the global baseline of sustainability-related disclosures for corporates. This is in part because cost of capital and access to financing is increasingly challenging for corporate issuers that do not disclose financial material ESG information to investors. I foresee a future where financial and sustainability accounting is increasingly connected.”

Si-Yeon Kim

American Express Global Business Travel

“At last year’s COP26, many corporations and financial institutions set lofty goals and commitments. But as the year went by, we struggled to figure out how to achieve them. Fighting climate change is a movement, and you need all stakeholders and members of the value chain to be involved. My hope for this year’s COP27 is that we take the learnings from the past year – which gave us all due appreciation of how complex the issues we are grappling with are, ranging from regulatory, economic, geopolitical, to national security –and come to the table to start hammering out a plan for implementation.”

CeFPro’s ESG Europe Summit (April 18-19, 2023, London) will consider the key outcomes from COP27 among a range of other related topics. To hear from industry leaders and debate key themes around this increasingly important area of non-financial risk, go to www.cefpro.com/esg-europe

Ekaterina Grigoryeva

Environment & Social Development Specialist, Global Lead, Financial Sector

The World Bank

“Growing pressures on resources pose a major challenge to governments, international organizations, and the private sector in the strive to achieve sustainable development across the globe. I hope COP27 will bring more collaborative solutions where all these entities can play equally important roles, also paying greater attention to aspects such as biodiversity loss, water, just energy transition, food and food systems, and livelihood security. It would not be possible to achieve climate targets without this holistic approach and I truly hope to see this paradigm reflected in the outcomes from Sharm el-Sheikh.”

Karl Pettersen

CSO

Société Générale

“COP27 is an opportunity to articulate a richer vision of our response to climate change. We see the need in calls for loss and damages, and to rethink climate finance and adaptation. Doubling down on pledges is not the answer – the problem is not a lack of pledges, but the need for commitments at the intersection of technology, economics, policy, and markets. Energy trends tell us we also need to start with descriptive statements on each of these topics, in addition to normative ones. My hope is that we can genuinely embark on this richer and more complex conversation.”

Gary R. Levante

Berkshire Bank

“I hope to see a strong spirit of collaboration and shared responsibility between the public and private sectors to accelerate the transition to a net-zero economy. It will require the development of new incentives and policies that support mitigation, adaptation, and equity in the transition. All must be engaged, deliberate, and act together. I also hope to see conversation elevate further on the need for international harmonization of climate and ESG reporting standards to bring consistent, comparable, and decision-useful information to the broader community.”

“I expect less excitement than that which surrounded the breathless COP26. Countries and financial actors committed to a range of targets, alliances, and pledges but one year later the full picture reveals the challenges of cutting carbon quickly. Although progress has been robust in many places and we have seen landmark government interventions such as the Inflation Reduction Act, the pace of change has been hampered by war, inflation, rising borrowing costs, and the logistically daunting nature of energy transition. The promises of 2021 were long term, and it would be surprising to see a new high-water mark.”

US EVENTS EVENTS CALENDAR 2023

March 22-23

March 22-23

ADVANCED MODEL RISK USA

New York City

www.cefpro.com/model-risk

FRAUD & FINANCIAL CRIME USA

New York City

www.cefpro.com/fraud-usa

TREASURY & ALM USA

March 28-29

May 23-24

New York City

www.cefpro.com/treasury-usa

RISK AMERICAS 2023

New York City

www.risk-americas.com

June 7-8

VENDOR & THIRD PARTY RISK USA

New York City

www.cefpro.com/vendor-usa

EUROPEAN EVENTS

NEW GENERATION OPERATIONAL

RISK EUROPE

March 15-16

April 18-19

June 13-14

London

www.cefpro.com/oprisk

ESG EUROPE

London

www.cefpro.com/esg-europe

VENDOR & THIRD PARTY RISK EUROPE

London

www.cefpro.com/vendor-risk

RISK EMEA 2023

June 15-16

London www.risk-emea.com

After the success of the 2022 inaugural event, Advanced Model Risk returns to New York City in 2023, covering topics such as ESG, model algorithms, AI and machine learning, and much more.

Now in its fifth year, this event will explore new complexities in fraud and financial crime and best practices to stay ahead, against the backdrop of a complex geopolitical landscape.

Covering implications on treasury and ALM teams amid macroeconomic uncertainty and change, this event will explore key areas such as liquidity, SOFR, interest rates, and regulations.

America’s premier financial risk and innovation convention is back for 2023, with keynote sessions on geopolitical trends, compliance, strategic risk management, and the global economy. Hear from more than 80 CROs and industry professionals across four separate workstreams. See page 20 for full details.

Returning for its eighth edition, join us in New York City for the latest updates as vendor and third-party risk continues to advance. Key topics expected to include supply chain risk, cyber disruptions, data privacy, Nth party monitoring, and more.

Now in its eighth year, the 2023 edition of this event will examine ways to enhance business processes and leverage technology to further advance the management of operational risk. See p19 for full details.

This increasingly significant area of non-financial risk will be explored in detail at ESG Europe, covering key themes such as regulation, data, the route to net zero, and climate risk.

Vendor & Third Party Risk Europe returns in its eighth year in 2023. This two-day event looks to advance discussions on key industry challenges including supply chains, geopolitical tensions, concentration risk, cybersecurity, and continuous monitoring.

The 12th edition of this flagship event will take place in London this summer. Hear from more than 60 CROs and industry professionals across three separate workstreams on areas including advanced model risk trends, non-financial risks, economic conditions, market risks, and future risk trends.