The financial advice and wealth space has gone through an abundance of changes over the past decade. From the Retail Distribution Review to Mifid II, the sector and its regulation are ever-changing and evolving.
One of the latest shifts, especially in an post-covid world, is the increasing role risk management plays within the industry.
But what exactly makes good risk management and how does it fit within financial advice?
According to Mary Boyd, risk consultant at Blacktower Financial Management, a good risk framework “overarches everything in a business”, from legal to compliance to front line.
That, of course, comes hand-in-hand with good leadership and communication, she told International Adviser, because “there is no point in one person understanding risk and the rest of the business not being aligned”.
A good financial advisor should also influence and challenge even the most senior people within their business to make sure they stop and think about what’s ahead and the bigger picture.
This is because, in order for risk management to be efficient and effective across the company, “nothing can be hidden”, Boyd added.
One of the biggest risks financial advice is facing is, of course, the increasing need for technology and interconnectivity.
Boyd said: “Key changes that we’ve seen over the last few whiles are disruption risk and technological risk, especially because, since covid, everybody has become so reliant on technology to continue working.”
And while technology can certainly assist, it needs to be able to “talk to your own systems” across the business in order to be effective.
At the same time, tech is not going to be the answer to everything, she added.
“At the minute, AI can only spit data out, it still can’t do the human analysis because it doesn’t know our business, it doesn’t know what our directors have signed off as our risk appetite. So, there still needs to be a human element looking at the data.”
Change in attitudes
Positively, Boyd said that small and medium-sized financial firms have started thinking about risk from the outset, especially considering what has happened in the last couple of years.
She added that companies used to set up their compliance functions first, as they were seen as a necessity and almost as a ‘regulatory requirement’. But risk management would only come to play later, like “an evolutionary step”.
Boyd said: “I think that’s probably why most people see compliance as a subset of risk. But there’s definitely a keener focus out the backside of covid. There’s definitely a keener focus for firms to have that additional layer in their control environment besides the compliance firms.
“Now, I get asked for risk management strategies by the likes of professional indemnity insurers and regulators alike. Everybody’s looking to have those three lines of defence and not just the two, and I think that’s very much filtered down from the bigger institutions into the financial services industry.
“So, if I’d say that there’s been a change on the back of covid, it would be that we’re seeing risk being a really defined function within our small to medium-sized businesses in financial services, not just the bigger institutions.”
But the traditional list of risks, such as market, credit, liquidity, and operational, is not going to be an exhaustive one anymore, Boyd warned.
“I think the risk landscape has changed for us. If I look at board reports and my own risk framework, the list of risks is almost never-ending, it touches so many aspects of the business.
“I think geopolitics is definitely a key risk, and clearly technology is everywhere, with cyber risks being discussed at every board meeting.”
When it comes to geopolitics, Boyd said that nobody can look at their business in a vacuum any longer. Since everything has become global and cross-border, those features come with their own set of risks.
For instance, the time needed to secure licences in different jurisdictions, whether some of those may end up in the EU’s grey list for tax non-compliance, and even Brexit are all part of the additional layers of risks that need to be mitigated, and an alternative strategy must be put in place to deal with them.
Compliance vs risk
Boyd previously mentioned that many see compliance as a sub-category of risk, but what sets the two apart?
“I think there’s a difference between compliance and risk, compliance very rarely adds value to the business,” she said. “It can certainly save value in terms of avoiding big fines or litigation and potential reputational damage, but it very rarely adds actual value. Whereas risk can actually be a value proposition.”
As risk management is taking an increasingly central role in the running of a financial advice business, what can smaller firms do to make sure they keep up with the bigger players without having to break the bank?
Boyd said: “Other than joining a network, which I think is really a sensible solution, they can engage with some really good third-party providers of risk and compliance services out there who deal with those types of firms on a day-to-day basis, they understand what the regulator wants to see.
“Also, they have big departments watching out for the disruptions and changes in regulations; that’s the way to do it. It’s not to try and second guess yourself, but you should bring experts and employ them.
“And there’s some really good value in some of those firms; they are not really expensive, but rather than try and doing it yourself, rely on those types of experts to support your business.”