Thought Leadership >

Digitalize Risk and Compliance in the Finance industry

Hot on the heels of ICT and Media, Finance is catching up as one of the most digitized industries in the world. While the term Finance can refer to any domain of Banking, Financial Services, Insurance (BFSI) and more, this article will focus on the Banking landscape to illustrate salient points.

A digitization index provided by McKinsey Global Institute (MGI) looks into the key areas that banks are using technology well. Unsurprisingly, the extent of development is “relatively high” in terms of transactions. We see this in the rise of mobile payment solutions (eg. DBS Paylah!) and virtual bank account openings made available for corporate clients.

Nonetheless, the lagging aspect of digital use in the Finance sector points to Risk and Compliance processes. Before delving into the reasons, let us define Risk and Compliance in the context of Banking Finance.

According to eFinancialCareers, risk professionals at the bank ensure that the firm does not exceed its risk appetite in its pursuit of profits. They work to identify potential risks before any decision is made, analyse these risks, and then accept or take action to mitigate them. To understand its importance, the collapse of Lehman Brothers leading up to the Global Financial Crisis in 2008 was primarily caused by poor credit risk management, culminating in hefty loans that could not be repaid.

Correspondingly, the compliance department ensures that a bank adheres to external and internal controls. This goes hand-in-hand with the risk function. Notably, the 2008 Financial Crisis led to increased regulatory scrutiny, pushing compliance departments to move from an advisory role to active risk management.

The following is a breakdown of risk-related and compliance-related job scopes, latest updates in the industry and our view to enhancing work in a digital world.

1) Credit risk is the most significant risk for banks. It refers to the risk of a company or individual defaulting on their contractual obligation to repay a loan or other debt, resulting in a loss of principal or loss of financial reward. 

The bank’s credit risk department is responsible for the following procedures. Firstly, to analyse the credit status of a prospective borrower, based on measures eg. firm’s credit history, capacity to repay and associated collateral. Next, the bank decides to accept the level of credit risk or find ways to reduce it. Lastly, processing and approval of the credit transaction takes place. As we speak, the latest McKinsey report on Digital Risk: Transforming Risk Management for the 2020s has been released. A critical point – “Credit delivery is hampered by manual processes for data collection, underwriting, and documentation, as well as data issues affecting risk performance and slow cycle times affecting the customer experience.” The Exhibit below shows the extent to which Industry 4.0 Technologies can be leveraged for credit risks management. 

The Exhibit above further articulates that Machine Learning and Automation have reported the highest usage levels and hence banks are most likely to use the technologies (in addition to Blockchain and IoT) in credit risks management. However, as of 2020, it is clear that firms have a long way to go in digitizing the risk function. In addition to improving default predictions, studies have shown credit risk improvements in these areas creating a revenue lift of 5-10 percent and lowering costs by 15-20 percent.

2) Operational risk involves assessing the risk of a bank incurring losses due to internal factors, such a systems breakdown or employee fraud. Background Screening can help to mitigate this risk to a considerable extent. 

3) Anti-money laundering (AML) and financial crime compliance professionals are tasked with identifying the financial proceeds of illegal activities which have been disguised as being from legitimate sources. AML jobs range from know-your-customer (KYC) roles – verifying the identity of clients, to more strategic positions – managing relationships with local regulators eg. Securities and Exchange Commission in US or Monetary Authority of Singapore in Singapore.

For many global banks, operational risk and compliance activities rely on manual processes. The case for AML is especially dire. With large volumes of data coming in, costs have skyrocketed and efforts have become ineffective. Much potential for improving the effectiveness and efficiency of AML testing lies in digitization. Advanced analytics tools such as Machine Learning are used to test and refine the case-segmentation variables and automate decision-making. Additionally, work-flow tools help in automated filing of suspicious-activity reports. Studies have shown that the greatest digitization for both global and regional banks are in the areas of operational and compliance risks. 

Credit risk, operational risk, anti-money laundering and financial crime compliance are just some aspects of Risk and Compliance. The overarching consensus is – a digitized risk function offers better monitoring and control, as well as more effective regulatory compliance. Then why is progress slower than expected?

  1. Firstly, banks have traditionally focused on frontline digital transformations as these directly increase revenue. For instance, the development of mobile wallets and the use of technology to enhance a customer’s banking experience. In comparison, the revenue lift from a digital risk program is much less obvious, since risk plays a supporting role within the bank. Nevertheless, banks need to take a strategic and balanced approach in the long run. This means focusing on profitability as a whole – by increasing revenue and lowering cost, instead of considering the revenue aspect in silo.

  2. Secondly, Chief Risk Officers (CROs) have been wary of the test-and-learn approach used in digital transformation, as the cost of errors in the risk environment can be unacceptably high. Perhaps the best way to overcome this would be using iterative test-and-learn processes that take place within environments featuring relatively higher control standards. Stakeholder feedback and regulator reviews are obtained prior to the actual implementation of any digitized process. 

  3. Lack of know-how on these technologies as they seem intimidating and technical. Avvanz has been working with several BFSI companies in the region, helping them to understand these technologies in a layman way, and driving them to adopt these technologies to achieve their digital vision. More information here 

It is well-understood that Risk and Compliance in the Finance industry cannot escape the reach of digital transformation. With the evolving nature of banking competition and the onslaught of the fourth industry revolution that demands more innovative business models, firms must continue to push the boundaries of the future of risk management.

This article is researched and written by Gwyneth Chun, a penultimate year Accountancy undergraduate at Nanyang Business School. She is now an intern with DBS Legal and Compliance. 

Research Sources:

Butcher, S. (2015, September 3). The jobs you’ll do in risk and compliance. Retrieved June 3, 2020, from

Ganguly, S., Harreis, H., & Rowshankish, K. (2017, February 10). Digital risk: Transforming risk management for the 2020s. Retrieved June 3, 2020, from

Mortlock, S. (2015, September 12). Risk and compliance investment banking careers explained. Retrieved June 3, 2020, from

Yiu, C. (2017, November 11). Technology for the Many: A Public Policy Platform for a Better, Fairer Future. Retrieved June 3, 2020, from

Share this story:

Send Us A Message
To Learn More