Geopolitical tensions are dominating the headlines across the globe with little evidence that they will subside in the near term. As the industry experienced during the Russian invasion of Ukraine, geopolitical risks are real and can manifest quickly. Most firms were ill-prepared for this event, and many suffered significant disruption and economic damage. Banks need to avoid this happening again

It is not ‘only’ equity analysts and supervisory boards who are asking questions about banks’ preparedness. Supervisors have started paying attention to the topic, with the ECB naming geopolitical risks as the number one priority for 2025-2027. However, while supervisors are clear that banks must understand and manage geopolitical risks, they are vague on HOW exactly banks should do this and where the bar lies

Unsurprisingly, we see considerable uncertainty amongst global CROs about how to respond to stakeholder queries and expectations. The four most common questions are:

What are the expectations from external stakeholders? How are geopolitical risks different from well-known macroeconomic and country risks? What are other institutions doing? What can I practically do to manage my geopolitical risks? Which existing capabilities can I build on and what else do I need?

Today, we want to start answering these questions, drawing on the expertise of Oliver Wyman’s global geopolitical risk platform. We have been engaging with clients globally on geopolitical risk management for many years, with a significant uptick in activity since the Russian invasion of Ukraine

Managing geopolitical risks may seem like an abstract thought exercise but it should not be. There are practical actions you can take and capabilities you can build on to increase your preparedness and resilience in the face of an increasingly risky geopolitical landscape

7e62f829-0f46-4277-adb6-123b1cc571f8-image.png

Get in touch to hear our latest thinking

Welcome to RiskbOWl – the first closed community of Risk professionals to share ideas and best practices

Through RiskbOWl, you will be able to anonymously ask questions, share perspectives, run targeted polls, discuss recent regulatory developments and so much more.

We are already live with the pilot, and can’t wait for you to contribute as well. But before you do, two things:

1. Security
The only way this community will work is if we keep the environment highly secure and therefore we have integrated the login with our Oliver Wyman Single-Sign-On infrastructure that we use for all client work where the information being shared is sensitive.

By now you should have received an e-mail from our IT services on how to set up your User ID on the OW Digital workbench. These are your RiskbOWl User ID and password.

For any questions regarding your account set up please e-mail: riskbowl@oliverwyman.com

2. Community rules
Remember to maintain anonymity at all times and :

i. Limit your discussion to details of methodologies (e.g. formulae or equivalent), including the relative merits of different methodologies for capital adequacy best practice.

ii. Never disclose or otherwise discuss actual input or output values used by them in respect of any methodologies.

iii. Never engage in discussion of information that relates to your institution or other’s commercial positioning or strategy.

iv. Adhere strictly to the letter and spirit of competition and antitrust laws - RiskbOWl is a space for knowledge exchange, not collusion.

We will be pre-screening all messages to start with, but depend on our community to be the first line of defense

And lastly, remember this is a pilot: we are still fixing some bits and bobs, so bear with us with any hiccups while we make RiskbOWl the best it can be!

Thank you for being part of this community. We think and hope it will transform how we share knowledge in the risk world in a timely fashion.

The RiskbOWl team

Conversations with our clients reveal the imperative of realizing the benefits from the promise of digitally transforming credit decisioning and lending journeys, driven by the need to control bank costs and retain customer loyalty in the face of competition from more nimble, digitally-native banks

To better understand current trajectories in the lending transformation space, Oliver Wyman conducted a survey of banks across several markets, looking at the overarching burning platform, budgets, barriers to transformation, data, analytics, underlying technology, customer management, and organisational setup. In summary, our high-level, selected findings indicate

Lending transformation is a high priority topic, with participants sequencing Retail and SME first in their lending transformation programs Respondents see the traditional incumbent breakthrough as the biggest competitive threat over the new fintech challenger looming on the horizon Decisioning time, revenue growth and cost reduction cited as top 3 benefits, whilst expected uplift is highest for customer experience Budget for lending allocation is approached on program level or on individual level, with very few respondents approaching it as a strategic objective Most budget is spent on customer journeys, internal workflows and underlying IT infrastructure rather than analytics capabilities

Lending transformation survey infographic.png

Reach out for more insight, but we’d be keen to hear from the RiskbOWl community how this stacks up against your lending transformation program – post your thoughts below !

Greg Wiltshire is a Director in Oliver Wyman's Risk Delivery Team. Greg brings over 15 years of risk modelling and analytics experience, specialising in risk and technology transformations.

Matias Coggiola is a Manager at Oliver Wyman and specialises in Credit Risk modelling methodology and regulatory compliance. He curates the monthly Risky Business series.

A noteworthy oddity potentially affecting the choice of modelling approach: In the slotting approach, the risk mitigating effect of ECA coverage cannot be recognised. I.e. for transactions with ECA coverage, there is a significant over-estimation of risk in the slotting approach. On the other hand, FIRB and AIRB as well as the standardized approach do allow for consideration of ECA coverage.

After a decade of negative or zero interest rates, European economies entered a rising rate cycle in 2022. Now, as markets anticipate the beginning of an easing cycle, deposit betas are expected to catch up. The question is, are banks prepared to compete for deposits in this environment, which is unfamiliar to a whole generation of bankers?

In 2024, a systematic approach to deposit management is not only a critical value driver but also a necessary defensive tool. By leveraging smart deposit management techniques, anchored on advanced analytics and operational capabilities, banks can optimise their deposit costs significantly.

What actions have you taken? Where can the community help you?

I would also like to learn more about this

@OP

In my experience, it typically depends on the bank's approach to the override:

Pre-calibration would typically be included if they are trying to include is as an statistical predictor of risk: i.e. you have some historical information that help you calibrate the specific weight and you only include the override if it increases the predictive ability of the model

Post-calibration if they want it to be a “penalization” mechanism for management (however this will not be fully compliant with EBA calibration guidelines for the use of overrides in IRB models)

In the context of the 2025 EBA Stress Testing exercise we’ve convened our sixth EBA Stress Test industry roundtable, involving representatives from 25 of the largest European banking institutions across ten countries.

While each bank is looking to approach the stress testing exercise from its own unique perspective, we’ve found that two common trends seemed to emerge:

Banks expect the anticipated depletion of the Common Equity Tier 1 (CET1) ratio under adverse scenarios to align closely with the outcomes seen in 2023.

Banks see the operational complexity of the exercise as their main challenge. Participants were concerned about potential CRR3 re-statements (particularly the difficulty in accurately projecting a CRR3 Fully Loaded framework that incorporates all CRR3 phase-ins expected by 2032) as well as the need for top-down calculations to estimate CRR3 compliant RWAs, which could complicate reconciliation efforts and impact result accuracy.

Other concerns raised by participants included the new timeline and significant changes to Quality Assurance processes - especially regarding potential on-site visits and inspections by the European Central Bank (ECB) - and the unpredictability of the new Net Interest Income (NII) platform and Quality Assurance machinery, which banks believe leaves them with less control over projections and adds to the uncertainty of the exercise.

Overall, it was insightful to see how given the inherent complexity of the exercise participants agreed on the need for thorough upfront preparation and a robust end-to-end stress testing infrastructure as conditions to success. What are the main concerns at your organisation? How do you feel your competitors will react to EBA’s requirements for this year’s stress testing?

Graphics: How Oliver Wyman supports Financial Institutions carry out stress testing:
cc0303ff-d517-49f9-b22c-e6d2071f1964-image.png

Lots of good answers here.

One tough learning from implementing this at scale is that unlike traditional ML, automated tests can only capture a small fraction of what can go wrong with GenAI. While the automated validation is necessary, it is not sufficient.

We have typically needed to also develop large manual testing protocols for releases, where humans (either developers or a set of test users), attempts a mixed of predefined and new prompts, and judge the quality of the answers. Often we will uncover “issues” that are very subjective, such as the answers technically being correct but pulling from different files that we wished, or answers being less/more detailed than the average user prefers, or an entirely new file format having issues (hence not covered by tests yet), or a million other things!

For one of our recent clients, we ran “hackathons” along with releases where both new and power users would try various prompts and score the output. It was incredibly helpful to identify things the tests had failed to see

Hi RisbOWl community.

I have been thinking lately about the dynamics of the working relationship with 2nd and 3 LOD from a 1LoD perspective.

While there is much talk about these dynamics from a high-level, ERM or governance perspective, those of us who are in involved more on the day to day interactions need to make sure we 'walk the talk'.

While clear, continued communication is key, I have found the use of shared resources (such as evidence repositories, plans, collaborative query logs, etc) have really made a difference in the relationship we have built with our validators in the second line of defence.

What does the community think about common techniques for increasing cross-line of defence productivity.

Thank you in advance.

Very good questions. I’ve come across this as well on operational resilience and
cyber, where the challenges are similar

Some thoughts on this (also with the ex-regulator hat on):

Management bodies should acknowledge the challenge and be thoughtful around
how to address this, e.g. through training; reporting; succession planning
etc. We recently heard from a regulator that they were worried that sometimes
these topics are ‘outsourced’ to one person on the exec/ Board who
understands it, whereas they are looking for broader skills and knowledge in
the group. Again I think this is important to acknowledge, including the fact
that building those muscles take time In terms of ‘evidencing’ appropriate oversight and challenge by the Board,
when supervisors look at meeting minutes they would expect to see critical
questions being asked and a level of discussion (rather than the Board just
‘noting’ things) The quality of the materials and reports being presented to the Board is very
important, both data, but also someone bringing out the ‘so what’ and in
particular where there are areas of judgement and uncertainty, and where
there are trade-offs