You are currently viewing Risk Intelligence: AI in Risk Management

Risk Intelligence: AI in Risk Management

Gregory M. Carroll

Author: Gregory M Carroll

Pre-Orders before 5-Oct-2021

Risk Intelligence - AI in Risk Management

Amazon is now taking pre-orders for “Risk Intelligence” AI in Risk Management, scheduled for release 5-Oct-2021. 

Risk Intelligence:

How Artificial Intelligence can transform Risk Management

The title “Risk Intelligence: How Artificial Intelligence will transform Risk Management” is borrowed from Napoleon’s concept of “Military Intelligence”:

“a military discipline that uses information collection and analysis approaches to provide guidance and direction to assist commanders in their decisions.”

In the same vein, Risk Intelligence can be defined as:

“a business discipline that uses information collection and analysis approaches to provide guidance and direction to assist managers in their decisions.”

The book is not a technical manual on how to build AI models, but rather an executive’s guide to the application of AI related technologies. They will transform risk management to a proactive management tool for informed decision-making and exploiting opportunities.

I have separated the application of AI technologies by Risk Domains, adapting the healthcare risk domains for a general business environment. In doing so, I have reduce them from eight to seven domains. My seven (7) risk domains are:

Risk Intelligence - AI in Risk Management

Financial Risk

Although there are well establish risk analytics for managing Financial Risk, I propose the use of Bayesian Decision Network models with time-series forecasting. Essential to this, is the correct use of scenario analysis.

Third Party Risk

Supply chain risk has been expanded to Third Party Risk to include today “outsourcing” environments. Using Knowledge Graphs, unsupervised learning clustering models, and deep learning Recommender Systems will provide powerful insights into managing Third Party Risk by identifying vulnerabilities, possible points of failure, and alternative sources of supply.

Security Risk

Obviously cybersecurity is one of your highest concerns, but in a data driven organisation, inadvertent data corruption can have worse consequences than a ransom attack. I look at Data Governance and using Sensitivity Classifiers for Information Protection. There is an anatomy of a cyberattack, and models for monitoring network activity. Finally, I take a look into the future of Blockchain Trust systems that could eliminate fraud.

Operational Risk

Covering people, processes and systems, operational risk is what you have most control over. Sadly, it is also what you will be held accountable for. As they say, behaviour eats strategy for breakfast. I look at different Behaviour Analysis models, including the use of deep learning Sentiment Analysis to monitor Insider Risk and risk culture. As this introduces privacy issues, I look at  Differential Privacy as a method of “de-personalizing” data. There are also all the usual suspects of Robotic Process Automation for workflows and the use of Virtual Reality in training.

Market Risk

For Market Risk I look at establishing a portfolio view of risk using network analysis. Intrinsic to Portfolio Management is the ability to aggregate risk, for which I recommend using Bayesian conditional probabilities. When combined with Horizon Scanning and Threat Management, you start to move into proactive risk management.

Strategic Risk

Strategic Risk covers those risks inherent in setting and achieving an organisations strategic goals. This includes identifying objectives, planning strategies, and the role of Governance to ensure they are pursued. Included under Strategic Risk I cover the use of Bayesian models for Game Theory and how to identify Context using operational capabilities.

Compliance Risk

The two biggest issues in Compliance Risk are matching the framework requirements to your practices, and the effectiveness of audits. AI offers dramatic improvements in rectifying weaknesses in both. This includes using Text Analytics to match regulatory framework requirements, and regression models for risk-base auditing and target audit surveillance programs.