Financial institutions, including banks and investment managers, are becoming more confident at risk management but recognise there are gaps in areas such as cyber security.
However, there is a wide disparity of risk maturity across investment management firms, Deloitte found.
The business consultancy surveyed 86 financial institutions globally, with aggregate assets of more than $18 trillion (€13 trillion).
Fadi Sidani, partner at Deloitte Middle East, says: “Financial institutions are becoming increasingly confident in their risk management abilities, but they also recognise where there are gaps.
“Where concerns linger particularly is around operational risk, with a number of recent headlines – like management breakdowns and large-scale cyber-attacks – underscoring the important impacts this area can have on an institution’s reputation.”
The Depository Trust and Clearing Corporation recently reported that cyber attacks on financial institutions from activists, nation states or paid hackers are the top systemic threat facing financial markets.
Beyond the issue of cyber security, the Deloitte survey found that data management and regulation were considered two of the most “extremely challenging” risks by investment management firms. Resourcing risk was also seen as high.
However, the Deloitte report - called Setting a High Bar – found that less than half of the investment management respondents considered any issue to be “extremely” or “very challenging” for their investment risk management function.
Overall, about two-thirds of financial institutions (65%) reported an increase in spending on risk management and compliance, up from 55% in 2010.
The survey was conducted from September to December 2012.
©2013 funds europe