Skip to Main Content

Key Takeaways from GCOR XV

Below are the highlights from GCOR XV sessions focusing on three main themes – megatrends that are shaping the future of operational risk management, organizational culture, and the complexity of the world that we live in.

Theme #1: Megatrends are changing the future of risk management.

  • Demographic and technological shifts are shaping the future.
  • ESG factors are here to stay.

Complexity has become the nature of risk management. Joseph Iraci, Vice President of Enterprise Risk and Internal Audit at Robinhood Markets, and Chair of RMA’s Operational Risk Council, pointed out that, in the 21st century, there have been more events that significantly impacted the global economy, compared to previous centuries.

Based on his research, there were 24 significant economic events during the 20th century. The 19th century only had 16, the 18th century had 10 and the 17th century had three. “The operating environment that we work through each day and live through is becoming much more volatile,” Iraci added.

Another keynote speaker, Mauro Guillen, a professor at the Wharton School of the University of Pennsylvania, identified two megatrends – demographic and technological changes – that will be crucial to the future of banking and risk management.

First, an aging population may lead to a decline in the savings rate due to expected withdrawals from retirement accounts. It might seem counterintuitive; however, in the future, banks should look at risk mitigation and diversification from a perspective of containing risks, according to Guillen

Environmental, Social, and Corporate Governance (ESG) factors are key emerging risks that RMA’s Councils have identified prior to discussions at GCOR XV. During the conference week, more than five industry veterans have shared their thoughts on best practices for financial institutions to effectively manage ESG-related financial and non-financial risk assessment activities.

Theme #2: Organizational culture is built on trust.

  • Risk controls are about how to set the conditions that allow what could be risky in a relatively safe environment.
  • Trust is the key enabler of organizational culture.

U.S. Army Major General William Rapp (Retired) of the Harvard Kennedy School said that risk controls are not about eliminating all potential risks, but about how to set the conditions that allow what could be risky in a relatively safe environment.

Glenna Hagopian, Head of Non-Financial Risk Management and Chief Conduct and Ethics Officer, Citizens Bank, said that trust is a two-way street and leaders need to move from monitoring to giving more autonomy and focusing on outcomes.

A panel discussion on the interagency guidance on sound incentive compensation policies has emphasized key considerations for senior executives who are responsible for any incentive programs in banking: identifying material risk-takers, establishing governance, and monitoring key metrics.

The panelists said that the subprime mortgage crisis in 2008 and 2009 was a contributing factor to the establishment of the interagency guidance on the incentive structures across the banking industry.

According to Todd Shipman, Senior Vice President, Compensation and People Risk, U.S. Bank, his team has been focused on those material risk-takers who can expose the bank to risk, such as the sales team. His team began looking and incorporating more of the control and support functions.

Theme #3: Complexity is the new adversary.

  • The risk environment gets more complex over time.
  • We validate models because they can only represent a version of reality.

Cyberspace today is no longer a collection of computers and networks. It is a rapidly changing real-time system of systems that enables exploitable and often irreversible breaches. Against this backdrop, four speakers at a session, “Complexity Is the New Cyber Adversary,” discussed the nature, the consequences, and the remedies for managing complexity in cyber systems.

Tom Walheim, Title Scientist and Staff Engineer for Cyber Systems at L3Harris Technologies, said cars and smartphones are examples of what a system is on a conceptual level, and these can explain what the difference is between parts and systems.

As one of the remedies to manage the complexity of a system of systems, said Greg Witte, a senior security engineer at Huntington Ingalls Industries - Technical Solutions, we need to think about what the risks are and what could go wrong.

Also, the increased use of artificial intelligence and machine learning across the banking industry raises several model risk management questions. According to Evan Sekeris, the Head of Model Validation of PNC, many modelers may bring their regression-related intuition into the situation of validating AI models or other new models which might not be appropriate.

Sekeris also pointed out reasons why model risk management is important to banks. It is because the model risk is costly and the negative externality around model risk failures tend to have adverse consequences.


After four days, with more than 3,028 attendees across 42 sessions, it was clear that megatrends are also changing the future of the risk management and the banking industry.

The operational environment for financial institutions is ever-changing. It requires risk managers to understand regulatory changes and emerging risk factors that impact current workflows, governance, as well as compensation structures. New risk factors such as ESG considerations and AI model usages are on their horizon as well.

As Hagopian noted, building trust within an organization and focusing on outcomes at each milestone can be a key enabler for delivering tomorrow's culture for the risk management industry.

Did you know that GCOR XV registrants earned up to 12 NASBA CPE Hours/CRC Credits? Register for upcoming events to get your next CPE Hours/CRC Credits.

Adalla Kim

As Product Marketing Specialist, Adalla is responsible for driving both the strategic and tactical aspects of RMA’s product sales. Prior to RMA, Adalla worked as a reporter for global media services and publication groups such as PEI Media and the Financial Times Group. She started her career at Campbell Lutyens, a global private capital advisory group. As an avid learner and a curious adventurer, Adalla speaks Korean, English, and Spanish, and has traveled to 19 countries. She graduated from Incheon National University with a Bachelor of International Trade in Northeast Asia Economic Studies.