A Strategic Guide to Navigating Complexity and Innovation
Our reflections on 2024 and what to expect in 2025
As we close out 2024, the financial services (FS) sector stands at a critical juncture, shaped by a confluence of forces that include loosening monetary policy, changing of the political guard in a number of countries, rapid technological advancements, evolving regulatory landscapes, and shifting consumer expectations. To thrive in this dynamic environment, financial institutions must move beyond adaptation and proactively define their strategies for innovation, risk management, and compliance in 2025.
Besides highlighting five key themes in 2024 identified by Ulysses Partners practice leaders, this guide aims to provide actionable insights and recommendations for Chief Innovation Officers (CInOs), Chief Risk Officers (CROs), and Chief Compliance Officers (CCOs), to navigate the year ahead with confidence.
The Fragmentation of Financial Product Usage: Strategic Opportunities and Challenges
In 2024, U.S. consumers and small-to-medium-sized businesses (SMBs) increasingly diversified their financial product providers. Payments, lending, saving, and investing are now often handled by different entities, including fintechs, traditional banks, and embedded financial solutions. (For example, Bain and Company estimates that by 2027, software providers will capture approximately 10% of SMB transaction banking revenues, highlighting the growing trend of embedded financial services)
This fragmentation is driving innovation, offering consumers and businesses more tailored, flexible financial products across payments, lending, saving, and investing platforms. The opportunities and challenges of this ongoing trend were highlighted in a recent podcast with industry experts Jim Marous, Ron Shevlin and Brett King [2] . One of the (many) insights is that the long used concept of a ‘primary banking relationship’ is no longer a meaningful way for banks to think about customers. Consumers (especially Gen Z and Millennials), as well as SMBs, have no such ‘primary’ relationship in their minds. Instead, they see (and buy) a collection of tools and providers most suited to solving specific financial services needs - savings with one organization; transacting with at least two providers (bank and non-bank), and lending with another (often a specialist lender).
In 2024 we also witnessed the finalization of the long outstanding Section 1033 of Dodd-Frank into a rule by the Consumer Financial Protection Bureau. Whilst not without challenge, it is expected to accelerate ‘open banking’ in the U.S., increasing consumer choice of products and service providers. It will also require banks to set up the necessary technology infrastructure to share consumer data safely and securely with third parties, including Fintechs and data aggregators.
In 2025, expect further competition among providers to streamline these fragmented ecosystems through orchestration platforms and embedded finance solutions. As we move into 2025, financial institutions must focus on creating seamless, integrated experiences to retain customer loyalty and market share.
Actionable Recommendations:
For CInOs: Develop or integrate orchestration technologies to better manage fragmented innovation ecosystems, including fintech firms, accelerators and VCs
For CROs: Implement real-time risk monitoring systems to track performance, compliance and vulnerabilities across third parties and ensure operational resilience principles are followed.
For CCOs: Develop cross-platform compliance protocols to ensure regulatory adherence without stifling innovation, particularly as it relates to fair and ethical treatment of customers.
Generative AI Adoption and AI Risk Management
While most financial institutions are no strangers to artificial intelligence (AI), Generative AI (GenAI) became a strategic focus in 2024, with 17% of banking leaders saying they had fully integrated GenAI into their regular processes, and 60% using it to some degree, across marketing, customer service, risk management, and fraud detection. While there is much excitement about GenAI and the promise it holds, most financial institutions are approaching it cautiously and deploying use cases taking a ‘risk-based approach’ - i.e. focused on the lowest risk use case with the highest returns.
While some GenAI risks are known, such as model risk, privacy risks and data risks, others are knowable such as confabulation, bias and discrimination and others are unknown and yet to emerge.
In many of these risks, GenAI is adopting both a defensive and offensive persona and banks will have to speed up the adoption in specific areas as a defensive strategy. Fraud risk is a case in point - it is rapidly evolving and becoming increasingly sophisticated - using GenAI in offense, through deep fakes, as an example, leveraging text, images and video to defraud banks and its clients.
In 2024 we also witnessed the finalization of the most comprehensive AI legislation to date, the European Union AI Act. We also observed the world’s leading standard setting and regulatory authorities publish guidelines and principles for the safe deployment of AI. This has prompted financial institutions to revisit their Enterprise Risk Management Frameworks, consider AI-risk as a new risk ‘sub-type’ and also consider its ability to amplify other risks such as cybersecurity and fraud. This led further to development of AI risk frameworks, policies and procedures and governance and oversight to monitor effectiveness.
In 2025, FS players will likely focus on balancing innovation using Gen AI with accountability as regulators scrutinize AI-driven systems more closely[5][6].
Actionable Recommendations:
For CInOs: Implement clear, repeatable processes for multi-disciplinary team collaboration along the AI lifecycle to expedite use case deployment. Involve risk and control function owners early in the process for input.
For CROs: Create a dedicated “AI Risk” category within enterprise risk frameworks that specifies risk categories, risk mitigants and risk appetite.Collaborate with regulators to help identify new and emerging risks and ensure that regulations are fit for purpose and balance ongoing innovation with effective risk management.
For CCOs: Ensure that Codes of Conduct and Ethics Frameworks incorporate guidelines for safe, transparent and ethical deployment of AI that poses no harm to customers.
Regulatory Compliance Challenges
The regulatory environment remained intense in 2024 as U.S. banks faced heightened scrutiny around governance, liquidity standards, and consumer protection, following the 2023 U.S. banking crisis.
Despite intense regulatory changes that have occurred over the last 15 years since the global financial crisis, banks struggle with the effectiveness of their regulatory controls - and most importantly with reinforcing the desired conduct and culture in their businesses. Control failures come at an exorbitant cost to the economy, investors and most importantly customers. The recent AML control failures at TD Bank that spanned over a decade in the U.S. and resulted in fines exceeding $3bn is a case in point.
Under the incoming administration of a second Trump Presidency there has been much speculation about U.S. financial sector regulations. One thing is clear - U.S. risk appetite is increasing and risk aversion is subsiding, and this is likely to play out in different ways.
We have already witnessed changes to the heads of federal regulatory authorities that will introduce a new regulatory posture.
It is speculated that some regulations will be dialled back; others that have been proposed, potentially shelved; and a relaxation of the extent of scrutiny and oversight witnessed in recent years.
These could reinvigorate the FinTech and Crypto sectors and stimulate banking consolidation.
The finalization of Basel III rules marked one of the most significant regulatory shifts in over a decade, impacting capital requirements for large banks and extending compliance expectations to smaller institutions. But the more recent proposed changes to the Basel III Endgame rules in the US market have removed some of the stricter standards, potentially benefiting many US banks' business models and may potentially not be implemented at all.
Institutions must remain agile in adapting to these potential shifts while maintaining compliance with existing rules.
Actionable Recommendations:
For CInOs: Ensure processes for innovation are compliant with organizational policies that relate to 3rd party risk management, AI risk, data privacy and consumer protection. Include risk and compliance function owners early in the process.
For CROs: Leverage technology for real time risk monitoring and identification of new and emerging risks. Collaborate closely with other control teams in Compliance and Internal Audit to adopt shared Governance, Risk and Compliance platforms, as well as using scenario planning.
For CCOs: Implement regulatory change management systems that proactively identifies new regulatory developments and helps the organization determine impact and changes required to meet compliance deadlines.
Fraud Prevention: Staying Ahead of Sophisticated Threats
Despite advancements in security measures, fraud remained a significant challenge for US banks and consumers in 2024.
While there was a slight decline in fraud-related suspicious activity reports compared to previous years, the sophistication of fraud attempts increased. Fraudsters shifted toward more sophisticated tactics such as social engineering scams and deepfake-driven attacks. Losses from scams doubled compared to last year, with banks reporting growing costs despite advanced detection systems.
In 2025, fraud prevention will demand further investment in AI-driven prevention systems and biometric verification technologies. Collaboration across the industry will be essential to stay ahead of evolving threats, including investment in advanced technologies to identify new fraud typologies and customer education.
Actionable Recommendations:
For CInOs: Explore investment in new AI driven technologies either internally or through external partnerships that are capable of preventing sophisticated and evolving fraud archetypes
For CROs: Foster industry-wide collaboration by participating in shared intelligence networks focused on fraud prevention, and support standardized protocols across institutions to streamline fraud detection efforts. Deploy advanced fraud detection systems powered by machine learning algorithms capable of identifying emerging threats.
For CCOs: Ensure fraud investigation and resolution processes are fair to customers and align with organizations Code of Conduct. Ensure organization is aligned to evolving regulator expectations of fraud risk management. Ensure that all customer and employee training is effective. '
Closing Thoughts & Looking Ahead to 2025
The FS sector enters 2025 with cautious optimism. Economic conditions are expected to stabilize somewhat after a turbulent few years, but challenges persist. As we enter 2025, financial institutions must navigate a complex environment of innovation, regulation, and risk:
Consumer-Centric Innovation: Providers will compete fiercely to offer seamless experiences across fragmented financial ecosystems,
AI Governance: Striking the right balance between leveraging Gen AI's potential and mitigating its risks will remain critical.
Regulatory Dynamics: The interplay between heightened compliance requirements and potential deregulation will demand strategic agility.
Fraud Mitigation: As fraud tactics become more sophisticated, proactive measures will be essential to protect both consumers and institutions.
Financial institution leaders must adopt forward-looking approaches that prioritize innovation, while addressing risk and compliance challenges head-on. Below are key imperatives tailored for CInOs, CROs, and CCOs:
For Chief Innovation Officers:
Foster a culture of continuous innovation by aligning teams around measurable outcomes, and ensure that there is common language for innovation and clear ways of working on innovation projects.
Develop integrated ecosystems that address fragmentation challenges of working with multiple stakeholders, both internal and external.
For Chief Risk Officers:
Strengthen enterprise risk frameworks with dedicated focus areas like AI risk management. As dependence on 3rd parties grows so too should the focus on operational resilience. .
As uncertainty grows the development of plausible and severe scenarios is key for robust and real-time stress testing for early identification of vulnerabilities
For Chief Compliance Officers:
Prepare for regulatory uncertainty through proactive identification of regulatory changes and business impact assessments.
Centralize compliance functions using technology-enabled solutions that improve efficiency and internal collaboration, especially around regulatory change management.
Collaborate with regulators proactively to shape policies that balance innovation with risk management
The financial services sector is poised for another year of transformation in 2025. Collaboration will be critical - between banks, fintechs, regulators, and customers - to navigate these shifts effectively.
As you plan your strategic priorities for the year ahead, remember that success lies not just in adaptation but in shaping the future of financial services through bold yet thoughtful action.