Key Risks


FIS RISC Solutions provides clients with a 360-degree solution set of products and services that enable enterprise risk management, the enhancement of overall compliance programs, and the ability to mitigate risk through a best-practices-based model that ensures regulatory compliance proficiencies now and in the future.








Credit Risk

Credit risk is the risk of loss of principal or loss of interest stemming from a borrower's failure to repay a loan or otherwise meet a contractual obligation.

Exposure to credit risk continues to be the leading source of problems in financial institutions. The last several years are a painful reminder of the cost of poorly managed credit risk that not only subjected financial institutions to reputational risk, but resulted in many financial institutions with regulatory supervisory actions, the imposition of civil money penalties and in some cases, financial institution closures.

In today’s environment, effective management of credit risk is a critical component of a comprehensive approach to risk management and essential to the long-term success of any financial institution. In order to effectively manage credit risk, financial institutions need to establish a strong, scalable and sustainable risk management infrastructure for their financial institution that is in line with regulatory expectations. Regulators expect financial institutions to employ a proactive vs. reactive approach to the management of risk across their organization. Consequently, financial institutions have to take the necessary steps to implement a comprehensive credit risk management program that is practical, functional and provides sufficient risk-return discipline in their credit risk.

Financial institutions need to manage the credit risk inherent in the entire portfolio as well as the risk in individual credits or transactions. They need to ensure they have established an appropriate credit risk environment and are operating under a sound credit granting process and are maintaining an appropriate credit administration, measurement and monitoring process.

Our Early Risk Manager (ERM) product utilizes quarterly Call Reports and a series of regression models similar to what banking regulators use. However, it goes beyond the regulatory models to identify emerging risks before they happen and enables an institution to attain optimal risk management performance.

ERM provides a risk dashboard of 25 reports containing key risk management intelligence in relation to three focal points:

  • CAMELS rating
  • Probability of undercapitalization
  • Economic value
In addition, our staff of highly-trained and experienced loan experts can assist in the following credit risk management services:
  • Credit Risk Assessments
  • Credit Policy Review
  • Credit Policy Training
  • Loan Loss Reserve Analysis Review
  • Loan Grading and Pricing Review
  • Asset Quality/Loan Portfolio Review

Credit risk in loans is the largest and most obvious source of credit risk; however, other sources of credit risk exist throughout the activities of a financial institution, including both on and off the balance sheet. Financial institutions encounter credit risk in various financial instruments other than loans, including acceptances, inter-financial institution transactions, trade financing, foreign exchange transactions, financial futures, swaps, bonds, equities, options, and in the extension of commitments and guarantees, and the settlement of transactions.

Request more information »   Back to Top ↑


Operational Risk

Operational risk is the risk of unexpected losses arising from deficiencies in an institution's management information, support and control systems and procedures. Operational risks are one of the major reasons for financial loss in the banking sector.

FIS RISC Solutions partners with financial institutions to help them manage the complexities associated with operational risk. Our team is comprised of former Big Four risk management consultants and heads of risk departments within leading financial institutions. With this experience, we provide comprehensive risk consulting services that encompass the entire enterprise and operational areas specific to your institution including: interest rate risk, liquidity risk, operational risk, reputational risk and strategic risk.

Our team will assist you in creating an operation risk management framework that is practical, scalable and sustainable. The risk management framework will help in risk identification, assessment and treatment of key risks affecting your institution. Developing a formal risk management program requires collaboration between the board of directors, the management team, and all lines of business and support functions in order to be successful.

Some of the risk management activities we consider when serving our clients include:

  • Governance and Organization (including Policies and Standards)
  • People, Roles and Responsibilities, and Performance Expectations
  • Risk Assessment
  • Risk Monitoring (i.e., Risk Metrics)
  • Risk Reporting
  • Communication and Training

By teaming with FIS RISC Solutions to develop or maintain a practical and effective Risk Management Program, you will derive the following key benefits:

  • Improved identification and visibility of risks across the organization, with linkage of risk management objectives to your business strategy and regulatory requirements
  • Increased cooperation, alignment and communication across business, operational and corporate functions
  • Improved understanding of employee roles in relation to risk management
  • Improved response to high-risk situations and more complete information provided to senior management and the board
  • Reduced amount of risk management issues, possible financial losses and reputational issues.
  • Long-term linkage between growth, risk, return and performance

    Request more information »   Back to Top ↑


Compliance Risk

The recent influx of regulatory requirements resulting from the Dodd-Frank Act on top of the ever-demanding and complex regulations already in place put an increased burden on financial institutions. The FIS RISC Solutions team understands compliance complexities and their implications. Our full spectrum of products and services addresses the compliance risk mitigation needs of banks, credit unions, mortgage companies and other financial institutions, and we will recommend the most effective course of action that is customized for your institution.

Our Compliance Risk Products can support your program in the following areas:

Risk Identification – Premium Membership keeps banks up-to-date on compliance risk, both existing and emerging, through one-to-one telephone and e-mail advisory services, webinars covering the latest compliance topics, and a variety of off-the-shelf procedures, policies, checklists and other job aids.

Risk Assessment – Compliance Risk Indicator provides banks and other financial institutions with a software platform on which to conduct a risk assessment covering consumer protection laws and regulations, BSA/AML as well as select safety and soundness laws and regulations.

Policies and Procedures – Control your compliance risk environment with policies and procedures derived from the FIS Regulatory Advisory Services Compliance Manual known as the “FIS Banker’s Guide to Compliance” as well as Quick Reference Guides that distill complex law and regulations into easily managed elements.

Training – Educate your staff with Regulatory University. Regulatory University supplies all federally required bank compliance training and is used by banking agencies – the FDIC, FRB, CFPB and the CSBS. In addition to a suite of more than 250 regulatory compliance courses, Regulatory University features “soft skills” training covering popular topics such as elder abuse, bank robbery, networking and business etiquette, to name a few. Further, Regulatory University features robust reporting, SCORM compliance, data feeds and other critical infrastructure that you need for effective, risk-based compliance training.

Monitoring – In addition to a custom monitoring program that can be efficiently implemented by seasoned consultants, FIS offers ComplianceAnalyzer® for monitoring compliance in the high risk area of mortgage lending. ComplianceAnalyzer is the mortgage industry’s standard for automated compliance and provides cost-effective monitoring to hundreds of institutions, including four of the top five mortgage lenders, as well as to regulators. Indeed, the Conference of State Bank Supervisors (CSBS) selected ComplianceAnalyzer to be used by state mortgage and banking regulators in the electronic examination process. In addition, FIS’ AML and OFAC compliance solutions, AML Compliance, OFAC Watch and Compliance Databank help automate the BSA compliance process.

Audit – FIS RISC Solutions consulting is at the ready to engage in a variety of compliance audits.

Reporting – FIS RISC Solutions’ regulatory reporting suite of products helps banks ensure the timeliness and accuracy of regulatory filings such as the Call Report, FR2900, Summary of Deposits and Y9. The regulatory reporting suite of products is the industry standard and is used by more banks than any other solution. In addition to ensuring the accuracy and timeliness of required filings, the regulatory reporting suite of products is fully supported by a team of experienced regulatory reporting professionals who are available by telephone and e-mail to provide stellar support.

R&D Center − Our experienced professionals are supported by our highly acclaimed Research & Development Center which is headed by a dedicated team of lawyers and former senior federal regulators and compliance executives. Our R&D Center continuously monitors regulatory updates and announcements and translates them into practical implementation strategies. Our Quality Assurance Division, headed by former senior federal regulator and industry expert, ensures quality deliverables are provided to clients and evaluates our products to ensure efficiency and effectiveness and to ensure that they are in line with regulatory expectations.

In addition, our staff of highly specialized compliance individuals of former federal regulators and bank compliance officers can help you manage the complexities associated with regulatory compliance with services including:

  • Compliance Consulting
  • Customized Compliance Programs
  • BSA/AML/OFAC Compliance
  • CRA Compliance
  • Fair Lending
  • Information Technology Compliance
  • Mortgage Quality Control
  • Compliance Training
  • State-of-the-art Compliance Risk Assessment models in the fields of Compliance, BSA/AML/OFAC, Fair Lending, ACH, Remote Deposit Capture, Foreclosure, Security, Information Technology, ID Theft/Red Flags, etc.
  • Policies and Procedures Development/Review
  • Targeted Reviews
  • Control Enhancements
  • Enforcement Action Assistance/Remediation
  • Bank Holding Company Program Design
  • New Product Development
  • Due Diligence
  • Investigation and Forensic Capabilities
  • Efficiency Studies

Our Compliance Disciplines include:

  • Consumer Compliance
  • Fair Lending
  • Community Reinvestment Act
  • BSA/AML and Sanctions
  • Foreign Corrupt Practices Act
  • Privacy and Information Security
  • Identity Theft − Fair Credit Report Act (FCRA Compliance)
  • Remote Deposit Capture
  • Disaster Recovery and Business Continuity Planning
  • Transactions with Affiliates
  • Vendor Management

    Request more information »   Back to Top ↑



Cybersecurity risk has emerged as one of the biggest threats to every financial institution, regardless of size. It is not a question of whether a cybersecurity failure will happen, but when it will happen. The key to proactively mitigating this risk is to understand vulnerabilities, including systems, procedures and people.

FIS offers cybersecurity risk assessments, reverse stress tests, exam readiness evaluations and a state-of-the-art data analytics software, CyberForce™, that detects the most critical cybervulnerabilities in real or near real time for timely risk mitigation.

Cybersecurity Assessment

CyberForce Overview

Cybersecurity Exam Readiness

Cybersecurity Reverse Stress Test

Request more information »   Back to Top ↑




Our cybersecurity subject matter experts can:

  • Perform an end-to-end and comprehensive review of your institution’s cybersecurity program from both a business and IT perspective
  • Perform reverse stress tests to identify blind spots, vulnerabilities and internal control weaknesses
  • Understand the current timeline for response and the teams involved in handling a cybersecurity attack and model the ideal timeline of recovery
  • Measure the effectiveness of current malware defenses and understand the extent of monitoring for unauthorized privileged account activity
  • Rehearse a DDoS attack scenario using latest methods
  • Assess business continuity and disaster recovery of critical Internet-facing assets and validate recovery time objective
  • Benchmark cybersecurity incident handling methods to increase predictability
  • Design a plan of action with explicit roles and responsibilities during a cyberattack for IT, risk, operations, call centers, business executives and other stakeholders
  • Vendor management review and external security assessment

Market Risk

The financial crisis experienced in the last several years is evidence of how market conditions can affect a bank’s financial condition and viability. In order to reduce the impact of market conditions, banks must begin by first assessing their risk profile and determining their risk tolerance.

Let our staff of industry experts assist you in taking the necessary steps to build a risk management framework that is commensurate with the bank’s size, complexity, business activities and overall risk profile. The stress tests we design for your bank will be tailored to the relevant level of aggregation, capturing critical risk drivers, internal and external influences, and other key considerations at the relevant level. We will assist you with the implementation of a practical risk program that is functional and provides real-time information to senior management and the board.

FIS RISC Solutions offers market risk management services including:

  • Stress tests:
    − Transactional stress testing
    − Portfolio stress testing
    − Enterprise-level stress testing
    − Reverse stress testing
    − Scenario analysis
    − Sensitivity analysis
    − Ad hoc risk analysis
  • Safety and Soundness consulting including gap analysis/simulation analysis, interest rate risk management with VaR models
  • Enterprise Risk Management Design and Assessments


Request more information »   Back to Top ↑


Liquidity Risk

Liquidity is the risk that a financial institution will be unable to meet its cash and collateral obligations without incurring unacceptable losses. The recent instability in the financial industry underlines the significance of liquidity risk management for the safety and soundness of financial institutions.

To effectively manage funding and liquidity banks must implement a well-developed liquidity plan. A bank's liquidity policies and liquidity management approach are key elements of the institution's general business strategy. The framework for assessing and managing bank liquidity has three major dimensions: (a) measuring and managing net funding requirements (b) managing market access and (c) contingency planning for alternative scenarios.

Our Early Risk Manager product utilizes quarterly Call Reports and a series of regression models similar to what the banking regulators use. However, it goes beyond the regulatory models to identify emerging risks before they happen and enables an institution to attain optimal risk management performance.

ERM provides a risk dashboard of 25 reports containing key risk management intelligence in relation to three focal points:

  • CAMELS rating
  • Probability of undercapitalization
  • Economic value

Our Liquidity Risk Services include:

  • Cash flow projections
  • Stress testing
  • A formal, well-developed contingency funding plan for measuring, monitoring and managing liquidity risk
  • Funds Management Review
  • Financial Risk Assessments
  • Enterprise Risk Management Design and Assessments

    Request more information »   Back to Top ↑


Fraud Risk

Fraud has not only financial and legal ramifications but can give rise to operational risks resulting in the institution’s inability to deliver products or services. The key to controlling operational risks from fraud-related activities requires effective policies, procedures, and controls to meet these risk exposures. Basic internal controls including segregation of duties, dual controls, and reconcilements remain important. Information security controls, in particular, become more significant requiring additional processes, tools, expertise and testing.

FIS RISC Solutions’ full spectrum of products and services provided by highly skilled industry experts addresses the fraud risk mitigation needs of financial institutions.

Our Early Risk Manager product utilizes quarterly Call Reports and a series of regression models similar to what the banking regulators use. However, it goes beyond the regulatory models to identify emerging risks before they happen and enables an institution to attain optimal risk management performance.



Request more information »   Back to Top ↑



  • Enterprise Risk Management Design and Assessments
  • Sound and Comprehensive Banking Policies and Procedures Development and Review
  • Development of Customer Information Security Programs
  • Information Security Risk Assessment and Review
  • External Security Assessment
  • Network Vulnerability Assessment and Penetration Testing
  • Social Engineering Testing
  • Unlawful Internet Gambling Enforcement Policy Development
  • Unlawful Internet Gambling Enforcement Review
  • Identity Theft − Fair Credit Report Act (FCRA Compliance)
  • Internal Audit Services to periodically assess effectiveness of internal controls


Information Technology Risk

Given the complexity of information systems and heightened regulatory scrutiny, it is more important than ever for financial institutions to manage technology risk.

We understand your business and the regulations of your industry. Our Technology Risk Management team has many years of experience working in bank technology areas, as IT examiners, or as consultants for financial institutions. We can help you manage risk in your IT control environment, and further develop that environment into a strategic resource and source of competitive advantage.

Our risk-based independent testing procedures are customized to your institution’s size, complexity, scope of activities, risk profile, quality of control functions and use of technology. Our Technology Risk Management team can benefit your institution.

Technology Compliance Services include:

  • Customer Information Security Programs/Gramm-Leach-Bliley Act (GLBA)
  • Information Security Risk Assessment
  • Information Security Policies and Procedures
  • Vendor Management Program Development/Remote Deposit Capture/Risk Assessment/ACH Risk Assessment
  • Vendor SSAE 16 Review
  • Electronic Banking Risk Assessment
  • Disaster Recovery/Business Continuity Planning
    − Pandemic Preparedness
  • Network Vulnerability Assessment/Penetration Testing
  • Social Engineering Testing

Request more information »   Back to Top ↑


Third-party Risk

In today’s economy financial institutions’ reliance on third parties to provide various products and services has significantly increased. However, the use of third parties gives rise to additional risks. Improper management of third-party risks can lead to problems including, but not limited to financial loss, reputational risk, regulatory actions and loss of customers.

The effective management of the risks associated with third parties requires implementation of a comprehensive risk management process.

FIS RISC Solutions’ Third-party Oversight Services include:

  • Vendor Management Program Development
  • Vendor Management Risk Assessment
  • Third-party Due Diligence
  • Third-party Contract Review
  • Vendor Management Policies and Procedures Development
  • Vendor SSAE 16 Review

Request more information »   Back to Top ↑


Identity & Behavioral Risk Management

FIS provides clients with the expert guidance and leading solutions they need to manage their evolving transactional risk management demands. We offer layers of fraud, risk, and compliance assessment products including:

  • Account Ownership – Provides instant, third-party verification of an account’s existence, ownership rights to the account from the individual presenting the account and the business risk associated with this account
  • Address analysis – Identifies and scores inconsistent addresses. (Supports FACT Act compliance)
  • BizChex® – Performs real-time verification of the Business identity entity in addition to assessing risk and fraud to evaluate whether or not to open the business/commercial account.
  • ChexAdvisor™ – empowers lenders to raise the bar when assessing the overall risk of a consumer’s financial behavior by delivering alternative data and a risk score to advance the evolution of consumer lending credit underwriting - alternative data for smart growth.
  • ID Verification – identifies inconsistencies in new account processing and warns of OFAC listing in real time. (Supports CIP compliance)
  • ID Authentication – generates an interactive, multiple-choice, knowledge-based questionnare to quickly authenticate identity. (Supports FFIEC compliance)
  • QualiFile® – provides real-time automated and consistent decisions at the new (deposit) account desk based on fraud and behavioral risk parameters to target the right products for the right customers - applicants who otherwise may have been turned away or prospects for additional products that may have been overlooked.
  • Red Flag Checklist – Gathers and reports on output produced by the Decision Solutions services that could be a “red flag”. (Supports FACT Act compliance)

Request more information »   Back to Top ↑

Related Events