Cybersecurity Tops the List of Risks for Global Banking CROs, According to Latest EY & IIF Survey

Key Takeaways

• Cybersecurity Remains Top Risk: 75% of global banking CROs identify cybersecurity as their primary concern for the next year, driven by escalating geopolitical tensions.
• Geopolitical Risks Surge: Geopolitical risk has risen from 12th to 3rd place in the rankings, with 38% of survey respondents naming it a top priority for the coming year.
• Wholesale Credit Risk Now a Greater Concern Than Liquidity: CROs are shifting their focus to credit risk as the primary financial risk, surpassing liquidity.
• AI Faces Budget Constraints: AI adoption in risk management is limited by budget and scale constraints, with 49% of CROs prioritizing AI initiatives over the next three years.

Deep Dive

In a world that’s changing faster than a New York minute, banking chief risk officers (CROs) are feeling the pressure. According to the latest survey by EY and the Institute of International Finance (IIF), cybersecurity remains the number one concern for CROs globally. In fact, a staggering 75% of them flagged it as their top priority for the next year. But that’s not the whole story—geopolitical risks are also rising fast on the horizon, with geopolitical tensions leaping from 12th to 3rd in the list of risks to worry about.

If there’s one thing that’s not changing anytime soon, it’s the top priority for CROs - cybersecurity. Cybersecurity is not just important—it’s essential. The data from this year’s joint EY and IIF survey is crystal clear. With 75% of CROs identifying it as the top risk for the coming year, it’s clear that cybersecurity remains the number one issue they’ll be tackling. And it’s not just a one-year worry. A huge 87% of these risk leaders expect cybersecurity to stay at the top of the list for at least the next three years.

Nigel Moden, EY’s Global Banking and Capital Markets Leader, put it simply, “To maintain their competitive position, banking CROs must prioritize both technology and talent; it’s not one or the other. With cybersecurity topping the charts again, CROs need to cultivate a pipeline of talent to enhance operational resilience.”

It’s clear that, for CROs, success hinges on both cutting-edge technology and the right people.

Geopolitical Risks Are Rising

But cybersecurity isn’t the only thing keeping CROs up at night. Geopolitical risks have suddenly taken center stage. Last year, only 16% of CROs considered geopolitical risks as a top priority. This year, that number has surged to 38%. It’s a big leap that reflects the growing uncertainty in global politics. From trade policies to market volatility, geopolitical tensions are changing the game.

For CROs in larger banks and in the Middle East and Africa, the worry is especially strong. But in contrast, Latin American CROs seem less concerned, with only 12% identifying geopolitics as a pressing issue. Tim Adams, President and CEO of the IIF, stressed the importance of collaboration between the financial sector and the public sector in this uncertain environment.

“It is more important than ever that the financial sector work closely with the public sector to protect the global financial ecosystem,” Adams said. As global politics shift in the coming years, it’s clear that geopolitical risk will continue to be a major factor for CROs to manage.

AI Innovation Faces Financial Hurdles

Beyond cybersecurity and geopolitics, there’s another emerging trend: artificial intelligence. Nearly half of the CROs surveyed (49%) named AI as a key initiative they plan to focus on over the next three years. From improving data analysis to automating tasks, AI is changing the way banks manage risk. But there’s a catch—AI adoption is expensive. Budget constraints are the primary barrier for 41% of CROs, while 33% say the scale of the changes required makes it difficult to deploy AI more broadly.

At the same time, CROs are also grappling with the risks that come with AI. In particular, responsible AI usage is a challenge for 60% of CROs. As AI technologies become more integrated into daily operations, ensuring they are used ethically and responsibly is a growing concern.

The Rising Complexity of Risk Management

The survey also highlights the increasing interconnectedness of risks. The financial sector is facing more complex challenges than ever before, from cybersecurity to AI to geopolitics. This growing complexity is compounded by regulatory uncertainty, particularly with the looming rollout of Basel III. As regulations vary from region to region, many CROs are scrambling to stay ahead of the curve.

In North America, 64% of CROs are concerned about changes to the regulatory agenda, a far higher percentage than the global average of 32%. This fragmented regulatory environment adds an additional layer of complexity, making it even harder for CROs to stay compliant across multiple jurisdictions.

Talent also remains a key issue. With the increasing need for specialized skills in cybersecurity and AI, 54% of CROs say that attracting and retaining talent is one of their biggest challenges. As a result, developing the next generation of risk leaders is now a top priority for 55% of CROs.

What’s Next for CROs?

As the risk landscape grows more complicated, CROs are stepping up to the challenge. They are juggling everything from cybersecurity to geopolitical risk to AI innovation. But one thing is clear, the future of risk management lies in balancing technology and talent. With new risks emerging every day, CROs must be agile, forward-thinking, and ready to adapt to whatever the future holds.

The latest EY and IIF survey paints a picture of a banking sector that’s grappling with a broad range of interconnected risks. But it also shows that the leaders who are able to navigate this complex web of challenges are those who will set the standards for the future. As CROs continue to evolve in response to these pressures, the financial world is watching closely to see who rises to the occasion.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.