How Generative Ai Can Help Banks Manage Risk and Compliance
How Generative Ai Can Help Banks Manage Risk and Compliance
How Generative Ai Can Help Banks Manage Risk and Compliance
March 2024
Generative AI (gen AI) is poised to become a efficiency in risk-related decision making, and
catalyst for the next wave of productivity gains partial automation in drafting and updating policies
across industries, with financial services very and procedures to reflect changing regulatory
much among them. From modeling analytics to requirements. It would act as a reliable and efficient
automating manual tasks to synthesizing source of information, enabling risk managers to
unstructured content, the technology is already make informed decisions swiftly and accurately.
changing how banking functions operate, including
how financial institutions manage risks and stay For instance, McKinsey has developed a gen AI
compliant with regulations. virtual expert that can provide tailored answers
based on the firm’s proprietary information and
It’s imperative for risk and compliance functions assets. Banks’ risk functions and their stakeholders
to put guardrails around gen AI’s use in an can develop similar tools that scan transactions
organization. However, the tech can help the with other banks, potential red flags, market news,
functions themselves improve efficiency and asset prices, and more to influence risk decisions.
effectiveness. In this article, we discuss how banks These virtual experts can also collect data and
can build a flexible, powerful approach to using evaluate climate risk assessments to answer
gen AI in risk and compliance management and counterparty questions.
identify some crucial topics that function leaders
should consider. Finally, gen AI could facilitate better coordination
between the first and second LODs in the
organization while maintaining the governance
Seizing the promise of gen AI structure across all three. The improved
Gen AI has the potential to revolutionize the way coordination would enable enhanced monitoring
that banks manage risks over the next three to five and control mechanisms, thereby strengthening the
years. It could allow functions to move away from organization’s risk management framework.
task-oriented activities toward partnering with
business lines on strategic risk prevention and
having controls at the outset in new customer Emerging applications of gen AI in
journeys, often referred to as a “shift left” approach. risk and compliance
That, in turn, would free up risk professionals to Of the many promising applications of gen AI for
advise businesses on new product development financial institutions, there’s a set of candidates
and strategic business decisions, explore emerging that banks are exploring for a first wave of
risk trends and scenarios, strengthen resilience, adoption: regulatory compliance, financial crime,
and improve risk and control processes proactively. credit risk, modeling and data analytics, cyber risk,
and climate risk. Overall, we see applications of gen
These advances could lead to the creation of AI- AI across risk and compliance functions through
and gen-AI-powered risk intelligence centers that three use case archetypes.
serve all lines of defense (LODs): business and
operations, the compliance and risk functions, and Through a virtual expert, a user can ask a question
audits. Such a center would provide automated and receive a generated summary answer that’s
reporting, improved risk transparency, higher built from long-form documents and unstructured
Risk functions can benefit from generate syntheses of counterparty Consider the benefits of gen AI
generative AI (gen AI) across a variety of transition plans and compare them against automation in helping customers move to
analyses. In the case of climate risk actual emissions to evaluate progress net zero. The tech can identify market
assessments, the technology—via tools toward goals. trends and environmental impact from
based on generative pretrained years of company reports. In turn, financial
Beyond measurement, gen AI can aid
transformers—can instantaneously draw institutions can use that new information
climate impact analysis by ultimately
from multiple, lengthy reports and distill to find investment opportunities.
automating reporting on environmental,
answers from source materials (exhibit).
social, and governance topics. It can aid
In addition, gen AI can provide support to risk by automating climate risk drafts, and
relationship managers to accelerate the it can spur growth by using customer data
assessment of climate risk for their to personalize green financial products.
counterparties. It can automatically
Exhibit
Another area in which gen AI can play an important — malicious use, such as dissemination of false
role is operational risk. Banks can use it for content and use of gen AI by criminals to create
operational automation of controls, monitoring, and false identities, orchestrate phishing attacks, or
incident detection. It can also automatically draft scam customers
risk and control self-assessments or evaluate
existing ones for quality. — security threats, when vulnerabilities within gen
AI systems can be breached or exploited
Rahul Agarwal is an associate partner in McKinsey’s New Jersey office, Andreas Kremer is a partner in the Berlin office, Ida
Kristensen is a senior partner in the New York office, and Angela Luget is a partner in the London office.
The authors wish to thank Adrija Banerjee, Stephan Beitz, Adrian Foerster, Yilin Li, Anke Raufuss, Ibtesam Siddiqui, and Claudia
Satrústegui for their contributions to this article.