Heightened Risk + Stringent Regulation = Need for RiskTech Solutions

It’s been nearly 15 years since the start of the global financial crisis of 2008. A significant portion of the risky borrowing that precipitated that crisis came from investors looking for short-term profits by “flipping” houses and by “subprime” borrowers faced with higher default risks, either because of their relatively low income and wealth status or their inability to repay previous loans.

Due to the housing bubble and low interest rates, banks and other lenders saw nothing wrong with facilitating increasingly large volumes of risky loans. Regulation of subprime lending and Mortgage-Backed Security (MBS) products was also not stringent enough. A good example was the lack of sufficient regulation on institutions responsible for creating and selling complex and nebulous MBS products to investors.

In the aftermath of the financial crisis, regulatory authorities came up with a plethora of regulatory measures to help banks and other affected institutions out of the mess. Since then, more risk factors, including a global pandemic, have emerged to challenge banks and other companies.

Balancing coins on mini seesaw

The Main Financial Regulations Influenced by the 2008 Financial Crisis

Dodd-Frank Wall Street Reform And Consumer Protection Act

The controversial Dodd-Frank Act of July 2010 is widely regarded as one of the most restrictive legislations enacted in response to the financial crisis. Captured in an 848-page document, the Act focused on banks, mortgage lenders, and credit rating agencies and sought to establish a safer U.S. financial system for consumers and taxpayers.

In 2018, the Trump administration rolled back the Act by passing the Economic Growth, Regulatory Relief, and Consumer Protection Act.

Though the 2018 law weakened the effects of the Dodd-Frank Act, some of Dodd-Frank’s directives are still in practice. For example, bank stress tests are still being used today and are regularly published by the Federal Reserve. However, compliance with stress tests is not that smooth and still requires a significant effort from financial institutions despite the Trump rollback.


Rule 2a-7

Before 2008, there was a belief that money market funds (MMFs) were safe investments. This was the impression until the fund’s share value dropped below $1. The SEC subsequently came up with the 2a-7 Rule to help prevent the total collapse of MMFs.

Rule 2a-7 stipulated that the average dollar-weighted portfolio maturity of investments in a money market fund must not extend beyond 60 days. Funds are also subjected to stress tests to confirm whether they’ll have a stable NAV when faced with adverse conditions.

Presently, funds are still not finding it easy to comply with the reporting requirements of Rule 2a-7.


SR 11-7 Guidance on Model Risk Management

SR 11-7 is a regulatory framework designed to provide supervisory guidance on model risk management (MRM). It was first published in April 2011 by the US Federal Reserve Board and the Office of the Comptroller of the Currency (OCC). SR 11-7 applies to banks under the supervision of both the Fed and OCC.

SR 11-7 encompasses the following three areas:

  • Model development, implementation, and use
  • Model validation
  • Governance, policies, and controls

Not long ago, in August 2021, the OCC published a model risk management handbook that includes more information concerning the standards stipulated by SR 11-7. Today, risk departments continue to grapple with the effects of this ever-increasing scrutiny even as their model risk management teams struggle to cope with workloads.


Basel III

Basel III consists of internationally approved guidelines formalized in 2009 by the Basel Committee on Banking Supervision (a syndicate of central banks across 28 countries) in response to the financial crisis of 2008. The guidelines are meant to strengthen the supervision, regulation, and risk management of banks.

The measures are still being implemented today. The most recent implementation date was scheduled for January 1, 2023.

Like the aforementioned regulations, Basel III was developed to mitigate risk through improved supervision and regulation of the banking sector.

However, as is the case with the other regulations, it places a burden on banks in terms of carrying out the reforms and keeping up with reporting requirements. Over a decade after it came into existence, banks still struggle to implement all its aspects.



The Markets in Financial Instruments Directive II (MiFID II) is a legal framework developed by the EU to regulate financial markets in its territory. It aims to increase protection for investors, standardize financial market practices throughout the EU area, and rebuild confidence in the markets.

MiFID II went into effect on January 3, 2018, more than six years after the executive branch of the EU adopted its legislative proposal. The need for MiFID II became clear after the 2008 financial crisis revealed the weaknesses of the original MiFID, which was introduced in 2007. MiFID II boosts transparency by imposing more reporting requirements and tests.

When the framework was rolled out, it had a global impact concerning how the buy-side consumed sell-side research. Presently, businesses are still navigating the terms of MiFID, with events such as Brexit creating further compliance complications.

Financial Crisis of 2008

Post-2008 Risk Factors for Financial Institutions and other Businesses

Banks face several types of risks, including model risk, cybersecurity risk, contagion risk, compliance risk, credit (or counterparty) risk, liquidity risk, market risk, and operational risk, among others. A few of them are discussed below.


Model Risk

In order to function efficiently and systematically, banks adopt a variety of models to facilitate their day-to-day operations. Model risk refers to the probability that at least one of the models used by a bank will go contrary to expectations.


Cybersecurity Risk

The world is more digital than ever before. The benefits brought by digitalization are not without corresponding costs. One such challenge is cybersecurity, which tends to target financial service providers such as banks and FinTech firms more than most other industries.


Contagion Risk

Contagion risk refers to the risk that banks are exposed to from potentially deleterious (or contagious) exogenous economic phenomena. A good example is the recent effects of the global pandemic.


Compliance Risk

Banks do not find it easy to comply with all regulations stipulated by monitoring and supervisory agencies. Indeed, some of these regulations can be risky or have negative consequences, such as costly operational adjustments or reduced profits.

The financial sector commits more resources to compliance than was the case 10 years ago. Moreover, banks also face the risk of litigation and reputational damage from delayed compliance or non-compliance. 


How RiskTech Can Help Companies Mitigate Risk and Ensure Compliance

RiskTech makes use of InsurTech-related tools and other resources specially created for risk management professionals. With the constant evolution and multiplication of risk factors, there will be a corresponding increase in the utilization of RiskTech tools and data-generated insights on the part of risk managers, for the purpose of risk mitigation and control.

Effective RiskTech solutions tend to be holistic enough to include identifying and evaluating the nature of the various types of risks confronting an organization. These solutions ensure that risk is always a priority topic of discussion at the top of the organizational hierarchy. They also induce an enhanced understanding of risk management for more efficient deployment of other risk mitigation resources rather than adopting a scattershot policy.

According to the IDC, model use among banks is growing by over 20% annually. As financial institutions adopt more highly-complex models to facilitate better decision-making, they expose themselves to more model risk and increasing regulatory pressures.

From SR 11-7 to CP6/22, regulatory agencies are pressuring model risk management (MRM) teams to improve model governance, actively prevent model misuse and deterioration, and look into potential negative consequences.

MRM teams are responding not only by taking a critical look at their workforce strategies but also by utilizing new solutions in RiskTech to cope with increasing risk, regulatory scrutiny, and workload. Evolving from traditional risk management tools that are siloed and limited in capabilities, firms are creating new governance frameworks around advanced technology that is easily adapted to meet their unique and changing needs.


This tightening regulatory environment makes conventional regulatory risk-management mechanisms unviable today. Risk managers will have to develop more robust regulatory and stakeholder-management capabilities, such as those enabled by RiskTech. As digitalization gathers pace, banks and other companies not only need to comply with the latest regulations but also evolve better ways to comprehend, predict, and protect against both traditional and emerging risks, such as climate change and pandemics.

RiskTech tools can help banks and companies forecast effectively, understand trends and patterns, and analyze data in real time. This allows them to safeguard their investments while delivering top-notch products and services to customers.

Contemporary challenges such as stress testing, counterparty risk mitigation, intelligent fraud detection, and cybersecurity, require quick responses. To overcome these threats, banks and other firms need modern and efficient RiskTech solutions to help them mitigate and control risks and stay safe.

Allison Cornett

Latest Posts