Skip to main content
search

Visionary Voices

Finding Your Risk
Threshold

Finding Your Risk Threshold in a World of Uncertainty

Richard Toledo
Director
Financial Services & Risk

In our latest Visionary Voices  conversation, we sat down with Richard Toledo, a leader in our Financial Services Practice, to explore how financial institutions are managing risk in an era of unprecedented regulatory uncertainty. It’s all about finding your core when the rules keep changing—and discovering what the data is really telling you.

Here’s what stood out most:

Civil Suits Are Now Exceeding Regulatory Enforcement Payouts

Richard has been tracking a fascinating trend: “In the past three or four years, the payouts related to civil suits are now exceeding or on par with the payouts related to enforcement actions.” This shift fundamentally changes the risk landscape for financial institutions. While regulatory enforcement may be softening, customer litigation remains a significant threat that risk officers can’t ignore. “If you look at consumer protection, in 2023 for every $1 in regulatory fines financial institutions paid about $2.33 in civil lawsuits. And in 2024 the ratio was roughly 50-50.”

The implications are profound. As Richard notes, even when regulators say they’re not enforcing certain rules, banks still face the question: “What if we get sued? Which happens a lot.” This uncertainty creates a complex decision matrix for risk professionals who must navigate between regulatory relief and litigation exposure.

You're sort of straddling two very different worlds right now, right? One in which there's massive deregulation and one in which things are getting much, much, more challenging.

The International Dichotomy Creates Impossible Choices for Global Banks.

For institutions operating internationally, 2025 presents an unprecedented challenge. While the U.S. moves toward deregulation, “the regulations in Europe are getting far, far, far more stringent.” This includes initiatives like the European Commission’s proposed Financial Data Access Regulation (FiDA), the EU AI Act and other regulatory frameworks that are tightening rather than loosening.

Richard paints a striking picture: “You’re sort of straddling two very different worlds right now, right? One in which there’s massive deregulation and one in which things are getting much, much, more challenging.” For global financial institutions, this creates operational complexity that demands sophisticated risk management strategies.

“Hong Kong is still on the bleeding edge. Singapore is still on the bleeding edge. Europe is still following them.” In 2018 for instance, the Monetary Authority of Singapore released Principles to Promote Fairness, Ethics, Accountability and Transparency (FEAT) in the Use of Artificial Intelligence and Data Analytics. Three years later US regulators released a RFI on banks’ use of AI. This was meant to lay the groundwork for future rule-making that is still pending.

This regulatory leadership from Asia-Pacific markets provides a glimpse into the future. As Richard observes, “It begins with the Hong Kong or Singapore and makes its way to Europe and then it would typically make its way to the US.” The current U.S. divergence from this pattern may not be sustainable.

Forget the rules, forget the regs. Do you have the right thresholds set across all of your risk stripes?

When the Rules Are Uncertain, Go Back to Your Core: Risk Appetite

In this environment of regulatory confusion, Richard advocates focusing on fundamentals: “Forget the rules, forget the regs. Do you have the right thresholds set across all of your risk stripes? And are you confident that the risk data feeding your risk appetite is comprehensive, accurate, timely?”

A risk appetite isn’t just a single metric—it’s an entire framework encompassing market risk, liquidity risk, interest rate risk, operational risk, strategic and compliance risk. As Richard explains, “There are thresholds that are established by the executive team, approved by the board, and those thresholds cannot be breached.” Creating and maintaining this framework “takes months” and requires “a small army of people,” but it serves as the foundation for all risk decisions.

As we look ahead, the risk management landscape will be defined by three key realities:

1

Regulatory Uncertainty Management: Institutions must develop frameworks that can operate effectively regardless of which way regulatory winds blow, focusing on core risk principles rather than specific compliance requirements.

2

Global-Local Balance: International institutions need sophisticated approaches to manage the growing divergence between regional regulatory requirements while maintaining operational efficiency.

3

Data-Driven Decision Making: The most successful institutions will be those that challenge conventional wisdom with rigorous data analysis, even when it contradicts regulatory assumptions.

The Bottom Line

The financial services industry isn’t just adapting to change—it’s learning to thrive in permanent uncertainty, where the only constant is regulatory flux.

If you’re navigating these complex waters and need a partner who understands both the regulatory landscape and the data beneath it—let’s talk.

Visionary Voices is a segment of RGP’s LinkedIn newsletter, Mindshift. Each month we highlight a unique futurist who challenges us to think differently and to drive innovation. Mindshift also contains valuable research and curated content.

RGP logo
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.