The 2024 ORX Horizon research has recently unveiled the most pressing emerging risks facing global financial institutions, with technology, cybercrime, and business disruption taking the forefront. This year’s study has also brought to light new concerns surrounding artificial intelligence (AI) and cloud computing for the first time.
For the third consecutive year, cybercrime has been identified as the primary evolving risk, closely followed by technology and digital strategy. The survey, carried out by ORX, a global operational risk association, involved 48 financial services businesses.
In a separate section of the study, participants were asked to specify and prioritize the top five technologies posing the highest risk to their companies in the next 12-36 months, as well as over the next five years. The findings revealed a sense of urgency around AI and cloud computing.
The heightened focus on artificial intelligence, particularly with the emergence of natural language processing chatbots powered by generative AI technologies, has significantly raised AI’s profile in the last year. Businesses are wrestling with concerns about potential criminal exploitation of this technology and its potential impact on current operations.
Furthermore, there is apprehension about the concentration risk associated with the financial sector’s reliance on major technology vendors, even as the sector becomes more resilient in its use of cloud computing.
Steve Bishop, ORX’s research and information Director, underscored the mounting concern surrounding technology and digital strategy as an emerging risk factor. He emphasized the need for substantial investment in risk management capability to address the risks associated with the rapid development of generative AI, including concerns related to data protection and regulatory compliance.
The study also outlined several key risk challenges in AI adoption, such as monitoring and control, ‘loss of control’ over outputs from AI and machine learning tools, unexpected or inaccurate algorithmic results causing potential reputational damage, skills shortages, reliance on manual controls, ethics, data privacy, regulation, and cybersecurity threats.
The report also delved into the major risk issues with cloud computing, including limited supplier resources, data security, management, and control, and effective supplier management.
Bishop concluded by emphasizing the need for close monitoring of the development and application of AI and the evolving use of cloud computing. He stressed the importance of continuously adapting and evolving risk frameworks to keep up with the pace of change.