Can Your Shared Services Group Manage Enterprise Risk? | Blog

Posted On July 17, 2019

The financial crisis of the late 2000s, increasingly stringent regulatory requirements, growing competitive pressures, and a host of other factors have vaulted the risk management function to new heights of strategic importance for banking, financial services, and insurance (BFSI) companies.

Our ongoing research in the sector shows that most enterprises handle risk management out of their onshore headquarters locations, rather than giving ownership of the function to their offshore shared services centers, or what we call Global in-house Centers (GIC).

When we asked BFSI companies why they were keeping risk management on their home turf, they cited several reasons:

  • Because they’re still trying to streamline their risk management frameworks, structures, and processes, they’re unclear what to keep onshore and what to offshore to GICs
  • As risk management is becoming an increasingly critical component of the overall enterprise strategy, they view offshoring the function as a risky move
  • They’re concerned that the offshore talent lacks the needed business acumen and understanding of sourcing geography’s regulations
  • They feel constant interaction and frequent coordination with multiple business units and teams is the first line of defense for reducing risk at the origin

What’s the common thread behind all these rationales? They’re all perceptions, rather than reality.

In fact, our research shows that GICs are particularly well-suited to deliver the risk management function. Why?

  • Many shared services organizations are the driving force behind their enterprise’s digital, automation, and analytics initiatives, and their deep knowledge in these specialized capabilities can be highly useful in the risk management function. And there are synergies in areas such as risk modeling, forecasting, scenario analysis, and reporting. For example, a leading bank’s GIC has successfully automated local regulatory reporting, and is transitioning to be a centralized reporting team
  • There is a dearth of risk talent globally, but offshore GIC locations, such as India and Poland, have strong, solid pools of talent with deep risk management knowledge. This talent is coming from their domestic market (e.g., local banks) and existing GICs that, over time, have scaled their risk management function
  • To deliver real risk management value to the business, the GIC and the group risk team must be integrated; shared services groups have already cracked this operating model way back in areas such as investment research (e.g., sell-side and buy-side) and actuaries (e.g., pricing and valuation).

How can your shared services organization assume responsibility for your enterprise’s risk management function? Like most GICs, yours was probably established to handle scale-oriented transactional work. But risk is about value, not scale. So, you need to change your parent company’s mindset about your group’s capabilities by proactively identifying, proposing, and demonstrating how you can add value and be a strategic partner in managing risk.

Here are a couple of examples that may help get your creative juices flowing:

  • One GIC parlayed its experience with machine learning algorithms to build “Challenger Models” that significantly increase the precision of dataset validation for its company’s credit analysis
  • Another shared services group championed creation of its company’s “Operational Risk Center of Excellence” through process enhancements, global transformation projects, continuous process review and improvement mechanisms. This helped streamline and simplify various processes and risk frameworks.

Our two cents to enterprises: you stand to lose a lot if your risk management capability isn’t up to snuff. Your best solution may be right in front of you, even if not geographically right next to you.

Everest Group Executive Viewpoints icon Related Articles