Interestingly, this year’s report reveals that External Fraud has entered the top five (from 9th place), replacing Business Continuity. The variety, volume, and sophistication of External Fraud attempts present an evolving and ever-present challenge in an economically turbulent environment.   

 2. The top five ranked risks from the last three Top Risk Review surveys  

Luke Carrivick, Director of Research and Information from ORX explains, “Fierce competition from digital-centric disruptive market entrants, the threat of rapidly evolving cybercrime, the lasting impact of the COVID-19 pandemic, and growing stakeholder expectations are all driving firms to adopt new technology at a faster pace than ever before. 

“The knock-on effect is a new form of risk management that will mitigate any potential oversight of change and vulnerabilities that may be exposed, discovered and potentially exploited (e.g. by cyber criminals) along the way. 

“At the same time, I’m not surprised to see an increase in External Fraud in this latest report. External Fraud has been an ever-present risk and alongside a growing cyber threat there has been an increasing variety of physical external fraud. These, combined with increasing fraudulent activity and customer vulnerability due to COVID, has created the perfect storm.   

Information security, including cyber, has topped a league table of operational risk concerns for risk professionals at global financial services organisations.  Followed by Technology and Third-party Risk, all three top risks reflect the industry’s current strategic priorities, with digital transformation heavily impacting these scores.

The findings were published in a report from ORX, the world’s largest operational risk association with a membership of over 100 banks and insurers globally.  

According to the report – Top Risk Review November 2021– information security risk, driven by cyber threats, continues to challenge the industry. With digitalisation continuing at pace and on a global scale, the cyber security risk landscape is evolving rapidly with more frequent and sophisticated attacks, especially phishing and ransomware - all creating a sense of ‘living in constant fear’.   

However, the good news is that whilst firms are seeing an increasing number of events across a range of industries, most are avoiding successful attacks.  

Figure 1. The top current risks facing the industry by rank score 

Interestingly, this year’s report reveals that External Fraud has entered the top five (from 9th place), replacing Business Continuity. The variety, volume, and sophistication of External Fraud attempts present an evolving and ever-present challenge in an economically turbulent environment.   

Now that the impact of the pandemic is beginning to be realised, the business continuity challenge is evolving.  Businesses are now focusing to a greater extent on building their operational resilience, with focus on areas such as the impacts of hybrid working, and longer term, how a changing climate will impact operations.”