Use this button to switch between dark and light mode.

The Changing Roles of Risk Managers in the Age of Data, Technology, and AI

September 20, 2023 (7 min read)
Risk managers jobs have changed with changing technology.

Risk management is paramount to the upkeep and success of a business. To make sure you are staying compliant, you should continuously check all operations for potential pitfalls, like illegal trades or unsavory business partners or unstable prospects. But what does that age-old process look like in the face of an ever-changing internet?

As data, technology, and artificial intelligence (AI) evolve before our eyes, it’s important to grow with them. Risk management and due diligence doesn’t look the same as it did ten (or even two!) years ago, so here’s where to start to get up to speed with the 2023 necessities.

The traditional role of risk managers

Although the field of risk management is constantly shifting, the general roles have been cemented for some time. Traditionally, risk managers perform due diligence checks to ensure that their organization is checking all the boxes before diving into new business opportunities or working with new partners.

That means checking sanction lists, building profiles for donors and potential partners, and regularly scanning news. For example, if a company regularly conducts business overseas, a risk manager needs to be completely on top of sanctions lists that cover all territories to know if the organization is legally able to work within a country.

If that changes overnight (which is all too possible), it’s the job of the organization to pivot and react to the new sanctions to mitigate risk. With traditional research tools, this can be a very manual and tedious job, requiring exhaustive searches of the open web and search engines to cobble together a list of potential obstacles.

Additionally, the risk manager would put together a report for decision makers to assess the gravity of each risk and the consequences associated with it. Based on that research and company’s risk controls and systems, the risk manager would design processes to best eliminate any risk and develop contingency plans should something go awry.

MORE: How to use adverse media to mitigate reputational risk in finance

What is modern risk management? The impact of the data revolution

There’s simply no way to discuss the current state of the internet without addressing the exponential growth of data. According to Statista, the total amount of data online went from 9 zettabytes ten years ago to 64 zettabytes by 2020. That number is now projected to exceed 180 zettabytes by 2025. This gets even more complicated with the addition of AI technologies.

So, not only do compliance workers need to find mentions of their organization and business partners across the web, but they also need to wade through millions of results, making it nearly impossible to do the job efficiently. Plus, data management is a crucial part of risk assessment and prediction — spending time diving into the facts can help a business avoid potential issues.

Therefore, it’s up to the risk manager to figure out how to keep up with this rapidly evolving landscape to provide the most accurate information in the most efficient way possible. With increasingly new regulations, risk managers would have to run constant updates or risk missing important legislation changes that could have an impact on your business. Additionally limited data sources and search engines that too heavily rely on historical data can mean that you’re making decisions on outdated information.

This is why technical solutions for risk management and data management are so crucial to the success of the modern risk manager. In the next section, we’ll go over how technology can help risk managers not only keep up with but get ahead of any challenges.

MORE: Decision Intelligence: What is it and why does alternative data make a difference?

Embracing technology for enhanced due diligence

While the access to an influx of data due to technology can be overwhelming, technological solutions can be leveraged to make enhanced due diligence easier. For the most robust due diligence, you need to monitor not only financial records, but also for third-party risks under PESTLE (political, economic, sociocultural, technological, legal, and environmental) categories. This includes reviewing sanctions and PEP lists for all entities that require this level of scrutiny.

While doing this enhanced due diligence research for every entity takes a lot of time, tools like Nexis Diligence+ can search, analyze, and report information for multiple entities on one screen, allowing you to easily make comparisons.

Instead of performing manual searches, risk managers can set up key alerts, like analyzing a new article for keywords and sentiment. They also can make previously unknown connections between seemingly unrelated entities and receive alerts regarding potential risks.

This saves time in increasing the efficiency of risk assessment, giving your team the space to analyze and extrapolate new learnings, coordinate across teams to avoid problems before they arise, and protect your business interests.

Managing risk with expanded data

With the ever-growing amount of data and frequently changing regulations, risk management have even more sources to monitor in less time to do it. And while due diligence tools are great, sometimes you need something more targeted to exactly your use case.

Using individual API sets like those that can be accessed with Nexis Data as a Service allows you to easily integrate thoroughly vetted data and apply them to your own familiar systems. This gives you the flexibility to monitor exactly what you need, while benefiting from enriched data that can provide you a complete picture of your prospects.

MORE: Using third-party data to empower decision makers

Adapting to AI: Redefining risk analysis

The above technology tools are a great way to streamline and expand your risk management research, but the developments Artificial Intelligence (AI) are constantly changing the way risk analysis is conducted.

For example, AI can be used for natural language processing for contract analysis and legal risk assessment that not only scans data for key findings, but also interprets those findings into larger takeaways. Things like sentiment analysis, another AI tool, will gauge public perception of thousands of articles and posts in mere seconds.

Similarly, AI-powered tools work to identify patterns, anomalies, and emerging risks; with AI algorithms, tools can scan a great deal of information and flag the most important parts, thereby saving tons of time.

These benefits do, however, come with challenges. When working with AI, it’s first imperative to consider ethics. Some ethical steps to take would be to ensure that AI does not become valued above tenured employees, and check that your AI tool uses responsible sourcing compared to stolen input. Similarly, it’s important to beware of algorithmic biases that might happen due to the way the AI is programmed.

MORE: Supply chain technology, ethics, and technology for due diligence

The human element: Collaborating with technology

AI and other technology are great tools to make life easier, but most major decisions require a human touch. These tools are created to problem solve, but they need help identifying the problems to solve. In this way, risk managers tend to take on a role as interpreters of AI-generated insights—familiarizing oneself with how new technology works is a key step in the industry.

Instead of taking all generated reports at face value, risk managers should make their own conclusions and present their findings to the larger team. This also requires ongoing professional development to stay aligned with technological advancements—regular trainings and classes can help employees remain up to date with the growing software capabilities.

Ethical and legal implications

A rise of information and technology also creates a rise in hacking and other cybersecurity concerns. Risk managers should be on the lookout for ways to keep their organizations safe from cyberattacks, and it’s of course important to keep data secure and be transparent with stakeholders whenever that security is compromised.

Encrypting important files, securing workspaces, training employees on cybersecurity hygiene, and using long passwords are all ways to secure data and mitigate risk. This way, companies and the people they serve can rest assured that important information won’t be accessed by the wrong people, which will increase a company’s trustworthiness and public image.

MORE: Why due diligence combatting child labor is critical

A new era of risk management

Data, technology, and AI have redefined risk management, but the basic needs of businesses remain the same. Compliance officers have the daunting task of continuing their usual work of scanning headlines and sanction lists and compiling data around risks, while also combatting the ever-growing pile of online data.

This calls for a holistic approach that combines human expertise and technological capabilities. Risk managers will simply not be able to keep up if they are not familiar with the increasing amounts of resources for their field, nor will companies be able to maintain their operations without use of things like AI. At the same time, though, AI cannot simply replace the work of a risk manager: so much inter-human analytical and strategic thinking is still necessary for mitigating risks.

To make this easier, Nexis Data as a Service and Nexis Diligence+ are equipped with everything you need to stay on top of your due diligence in today’s day and age. To explore more of how technology is changing the game for risk managers, check out our recent E-Book “The New Era of Due Diligence”.