Key risks in banking

Industries face different risks each year, as things change over time. The key risks in banking this year are influenced by a number of factors including the economic climate, recent events and the ongoing increase in digitalisation.

As risks evolve and change, organisations need to have the infrastructure in place to address how these risks might affect both their business operations and customers.  

Top 3 risks faced by banks in 2020 

According to the ECB Banking Supervision, the top three risks this year are:  

1. The challenges faced by unsustainability in the euro (economic, political and debt) 
   
   
2. Sustainability of business models  
   
   
3. The threat of cybercrime and deficiencies in IT [1] 

Challenges faced by the euro 

2020 has, of course, been seriously impacted by the COVID-19 pandemic which has led to businesses across the world to close, or temporarily stop their operations. The economic impact of this is self-evident, which in turn feeds into the risks identified above. BCG state that pandemic is: “the strongest test that the global financial system has faced since 2007–2009.”  

This is, of course, in combination with Brexit, where there is a lot of uncertainty about the impact it will have on many areas, not to mention the political disagreements that have arisen regarding the subject. These are two major factors which feed into the top risk identified by ECB. 

Watch our internal audit and the risk of macroeconomic and political uncertainty podcast

Sustainability of business models 

Businesses are having to rethink the way they operate in order to adapt to the increasing reliance on digitalisation. This is particularly prevalent in the era of COVID-19 where some business models have been negatively impacted by the pandemic and the necessary shift in consumer behaviour. For example, on-premise based stores or face to face selling.  

Cybercrime and IT deficiencies  

As digital tools and platforms continue to grow and evolve, cybercriminals are finding new ways to target organisations to gain access to their data. Methods like spear-phising, where individuals are targeted, are becoming more common. The COVID-19 pandemic has increased the vulnerability for cybercrime as so many people are working in isolation with added stress and worries, or may not be working from a secure network. Having outdated or underperforming IT systems also increases the risk of cybercrime and leaves the system more vulnerable to hacks. 

Watch our internal audit and the risk of cyber security podcast

IIA and risks across industries  

While the risks identified above focus more on the European banking sector, the IIA have also defined their top 10 risks for all industries in 2020:  

1. Cybersecurity and data privacy - rising expectations of internal audit 
2. Increasing regulatory burden 
3. Digitalisation and business model disruption  
4. Looking beyond third parties 
5. Business resilience, brand value and reputation  
6. Financial risks: from low returns to rising debt 
7. Geopolitical instability and the macroeconomic  
8. Human capital: the organisation of the future 
9. Governance, ethics and culture
10. Climate change: risk vs opportunity [2] 

While many of these identified risks overlap, the increased burden of following and evidencing regulatory compliance will only increase for organisations who continue to rely on manual processes. Using audit automation software like Pentana Audit automates this process and allows you to implement a continuous risk assessment methodology. 

Manage your risks with Pentana Audit 

Have you identified your top ten risks for your business? Pentana Audit allows you to build these risks into a ‘Key Risk library’ and then map these risks to specific entities ready for auditing.  

The new feature ‘Key Risks’ within Pentana Audit’s Annual Planning provides an enterprise-level risk library within the application. Key Risks integrate seamlessly throughout the audit workflow and can be mapped via matrices into the Entity Universe structure, to ultimately provide the opportunity for coverage outputs and testing gap analysis.  


[1] European Central Bank, ‘ECB Banking Supervision: Risk assessment for 2020’: https://www.bankingsupervision.europa.eu/ecb/pub/ra/pdf/ssm.ra2020~a9164196cc.en.pdf  

[2] Institute of Internal Auditors, ‘Risk in Focus 2020: Hot topics for internal auditors’: https://iia.no/risk-in-focus-2020-hot-topics-for-internal-auditors/’ 

Written by

Jennifer Greig

After university Jennifer moved to Australia to complete a business diploma and has since helped businesses improve productivity and maximise efficiency through implementing enterprise software solutions. Jennifer is now based in Glasgow as part of the Banking, Audit and Finance team at Ideagen and has worked with both internal audit departments and accountancy firms to help safeguard their reputation, mitigate risk and increase efficiencies. Through working with some of the top accountancy firms in the UK, Jennifer has gained insights into the ways in which technology can assist organisations in meeting their key objectives.