Riskhantering inom svenska banker : En kvalitativ studie om hur banker uppfattar samt formar sig efter rådande krav gällande digitalisering, Kundkännedom, GDPR och PSD2

Sammanfattning: Purpose: This study aims to examine how digitalization affects risk management procedures within Swedish banks in relation to the implementation of GDPR, PSD2 and KYC. Method: The empirical result is due to semi-structured interviews with four bank representatives from the Swedish bank sector as well as three representatives from the Swedish RegTech industry. The interviews took place in person or via telephone. Empirics and Conclusion: The result shows that digitalization has affected the way Swedish banks handle their risks. New risks have emerged resulting in a more complex environment, where several factors need to be taken into consideration such as operational risks. Depending on the type of bank, different risk strategies have been identified. The bank- and RegTech representatives point out several aspects that need to be improved to make risk management more efficient. This includes increased digital automatization to handle big data more efficiently resulting in more adequate KYC analysis. Lastly the empirical result shows that digital banks together with RegTech companies set the normative standard on how to approach risk management in a digital era. From a new institutional perspective legitimacy is attained when banks conform to present norms within the industry caused by the three types of isomorphism. Where the institutional forces mould, construct and regulate the social structures. Furthermore, nudging can be applied as a tool that banks have been using to adapt to current requirements, by educating their workers and using digital tools to make better decisions.