Page 28 - Souvenir - v4 (2)
P. 28

This is driven by proliferation of digital tech stack as discussed in the previous section. This implies that organizations
         across industries are gearing up for updating their tech stack, operating model, customer engagement models and
         fundamental business model. While these are digital building block, however, faster adoption is giving rise to a set of
         newer risks and evolution of existing risks. The keys trends of these risks are discussed below.


         Managing the AI-ML Black box
         While more and more sophisticated AI and ML driven algorithms have been adopted widely by risk management
         models for various purposes such as identifying frauds, surveillance purpose for example, there are concerns around
         its explainability, bias & interpretability – especially when compared with more traditional approaches such as
         Regression. This can lead to erroneous decisions, delayed TAT, reputational, legal and regulatory consequences.

         Regular audit & access to audit trail reports, enhanced disclosures, development of control and thorough
         understanding of the models need to be deployed to manage this risk.

         Governance risk and control for automation
         Increased automation as underlined in RPA, AI-driven algorithms call for newer governance mechanism. Un-intended
         consequences including obsolescence of existing controls, cascading errors (one error triggering a series of errors)
         are some top areas of concerns. For example, an company’s completely automated manufacturing process flow
         without changing the QC, which is supposed to be handled by manual a team of human experts, gave rise to reduced
         product cost and increased cost.

         Cyber hackers may access an RPA system and cause an amplified damage for the organization. Redesigning control
         framework, centralized governance & control of RPA work flows with proper accountability and organization wide
         education and sensitization around automation could be key steps in this regard.

         Ever-evolving cyber security risk landscape
         A software company lost millions as it fell prey to a malware attack that scrambled computer hard drives that are
         responsible for storing order processing data.
         Rapid adoption of digital tech stacks also brought with it most evolved cyber security threats ranging from older
         identity thefts, online account hacks to emerging patterns of incidence of ransomware attack. Complexity of digital
         technologies including IoT, Clouds, AI-ML, automated bots opened newer avenues of attack.

         Building a culture of risk intelligence emphasizing security roles, more awareness & sensitization around cyber
         security threats and measures, mainstreaming cyber security for any development are the few key initiatives an
         organization should undertake.

         Risk of data theft and need for data protection
         While data is newly found oil (single most valued assets) for a digital organization; however, it gives rise to new
         challenges of data security, privacy, accuracy, transparency and regulatory implications.

         Data storage & sharing guidelines are in place to protect customer data privacy. Any breach in that respect, will
         trigger regulatory & reputational implications. It may prohibit monetization of customer data. Internally, huge data
         also translates to elaborate requirement of standardization of data.

         Setting proper accountability & ownership for data, treating & protecting it as valuable assets, safe-guarding critical
         data, abiding by the local & global regulatory guidelines are key steps that need to be followed.

         Digital responsibility & Culture risk
         While an organization embarks on a digital transformation journey, the fabric of the organization should also support
         the change. An organization’s fabric undoubtedly is its people and the culture it promotes. Failure to build a digital
         culture may slow down adoption adding to cost pressure, create a skill obsolescence and loss of market
         competitiveness. Unprecedented level of transparency may spell out reputational consequences driven by
         prevalence of social media and public forums.
         Organization needs to create a digital culture thoughtfully starting from education on the changed roles and
         responsibilities, encouraging a culture of experimentation, risk taking, continuous learning and collaboration. The
         cultural fabric should transcend even to the vendors and partners to create a digitally sensible ecosystem of
         stakeholders.

                                                                                                                    28
   23   24   25   26   27   28   29   30   31   32   33