In an era where data is the currency of risk, Vaughn Alliton, Senior Managing Director at TIAA, outlines how technology—particularly AI and quantum computing—is transforming risk management at its core.

While AI is often viewed as a tool, Allerton warns that it also introduces new vulnerabilities.

Managing AI effectively hinges on reliable, purpose-fit data, which remains a persistent challenge across financial services. Poor data quality doesn’t just undermine decision-making—it renders key risk indicators (KRIs) ineffective, leading to false assurance or missed warning signs.

Alliton describes how TIAA’s structured emerging risk process, bolstered by cross-functional working groups, enabled them to fast-track preparations for quantum computing—an advancement previously thought to be further on the horizon.

This proactive approach exemplifies the kind of foresight required to prevent future disruptions, especially as quantum capabilities threaten to upend current encryption standards and data processing timelines.

Third-party cyber risks, including ransomware attacks, continue to be a pressing concern.

Alliton emphasizes the value of a bifurcated incident response strategy that simultaneously handles operational containment and executive-level communications.

Notably, he recounts how clear and timely messaging during vendor-related cyber incidents actually strengthened customer trust, transforming a potential crisis into an opportunity for brand credibility.

Looking forward, AI use cases will dominate risk agendas. But as Alliton notes, AI’s power is double-edged: it can sharpen enterprise-wide visibility when implemented correctly, or spiral out of control if built on flawed data foundations.

The next five years will be defined by how institutions adapt to this balance—while keeping a watchful eye on the accelerating pace of quantum development.