1. Trang chủ
  2. » Ngoại Ngữ

Rebuilding trust next steps for risk management in financial services

25 206 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 25
Dung lượng 816,08 KB

Nội dung

Rebuilding trust Next steps for risk management in financial services A report from the Economist Intelligence Unit Sponsored by Rebuilding trust Next steps for risk management in financial services About this research R ebuilding trust: Next steps for risk management in financial services is an Economist Intelligence Unit report that examines the steps that banks and insurers around the world are taking to reinforce their risk management capabilities in response to the global financial crisis The report is sponsored by SAS The author was Rob Mitchell and the editor was Abhik Sen The Economist Intelligence Unit bears sole responsibility for the content of this report Our editorial team executed the online survey, conducted the interviews and wrote the report The findings and views expressed in this report not necessarily reflect the views of the sponsor Our research for this report drew on two main initiatives: l We conducted an online survey of 346 executives from around the world in January and February 2010 The survey included companies of a variety of sizes from the banking and insurance industries All respondents have a primary focus on risk management l To supplement the survey results, the Economist Intelligence Unit conducted a programme of qualitative research that included a series of in-depth interviews with industry experts We would like to thank the many people who helped with this research May 2010  © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Executive summary T Report available at www eiu.com/afterthestorm  he global financial crisis had many causes but failures in risk management were clearly a contributory factor Although there were technical shortcomings, especially related to the use of risk models and metrics, a more widespread problem was a failure of governance, which meant that the legitimate warnings of risk managers went either unheeded or unnoticed In the euphoria of the credit bubble preceding the crash, a culture in banking and insurance that prioritised short-term gains over prudence all too often rode roughshod over the concerns of risk managers Many senior executives were more concerned with outperforming revenue and profit targets than paying heed to growing risk concentrations The crisis has changed that Across the financial services industry, risk management has moved to the centre of strategic decision-making, and many institutions are revamping their entire approach to understanding and mitigating the risks that they face Our 2009 report, After the Storm: A new era for risk management in the financial services industry1, found that the majority of financial institutions have been conducting wholesale reforms to the way that they manage risk If anything, the pace of change has accelerated since then, with institutions reappraising their corporate governance structures, risk functions, data, information systems, and business processes and procedures Many banks and insurers have come a long way in their efforts to strengthen risk capabilities Discussions about risk have become a key part of the boardroom agenda, chief risk officers have a prominent seat at the top table and there is a renewed zeal for instilling a greater awareness of risk principles in the front office — the so-called first line of defence Despite this progress, however, weaknesses remain The enthusiasm for a large-scale overhaul of risk management in the industry has created human capital shortages as companies and regulators scramble to acquire suitable expertise Data and information management systems remain significant impediments to an overall understanding of risk exposures, while regulatory uncertainty makes it difficult for organisations to plan for the long term In February 2010, the Economist Intelligence Unit conducted a global survey on behalf of SAS to track the progress of financial institutions in strengthening their risk management since the crisis The survey attracted 346 respondents from across the banking and insurance industries The report that follows presents the highlights of those survey findings along with related additional insights drawn © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services from interviews with industry experts and commentators Key findings from this research include the following: Confidence levels are high but there is a risk of complacency Financial institutions are feeling much more confident about the future compared with 12 months ago Around three-quarters of respondents believe that prospects for revenue growth over the next year are good, whereas 68% are positive about the prospects for profitability These levels of confidence, which are around double the levels reported in a similar survey conducted last year, reflect a widely held view that the financial system has stabilised There is a risk of complacency, however As governments withdraw stimulus packages and liquidity support for the financial sector, revenues and profitability could yet fail to meet expectations The focus on regulatory compliance could distract attention from emerging risks Around the world, regulators have stepped up their scrutiny of financial institutions While few people would argue against a tougher regulatory regime in financial services, respondents to the survey highlight uncertainty regarding regulation as the main barrier to effective risk management There is a danger that the focus on compliance could be “crowding out” day-to-day risk management at a time when formerly low probability risks, such as sovereign debt crises, are becoming more commonplace A clearly defined risk strategy is in place at most institutions, but significant areas of weakness remain Investment in risk management is increasing almost across the board, with risk processes, data, information systems and training being key areas of focus for the majority of institutions Six out of 10 respondents now say that they have a clearly defined risk strategy in place at their organisations that is updated on a regular basis However, this still leaves a worrying 40% whose companies not conduct regular updates or not have a clear risk strategy in place Banks and insurers are filling gaps in risk expertise with investment in training and recruitment Respondents recognise that shortfalls in the quality and quantity of risk experts have been an important part of the problem in risk management Asked about key areas in which shortcomings need to be addressed, respondents list issues related to expertise as three of their top four priorities More than one-half of respondents say that they are increasing their investment in training, both of risk professionals and across the broader business, and a similar proportion say that they are spending more on recruitment The silo-based approach to risk management continues to pose problems In the days leading up to the financial crisis, the separation of risk management into separate departments led many financial institutions to underestimate risk concentrations and correlations Even now, less than onehalf of respondents to our survey are confident that they understand the interaction of risks across business lines and poor communication between departments is seen as a key barrier to effective risk management Financial institutions need to further improve data quality and availability An over-reliance on risk models, and problems with the data used to populate those models, have been widely seen as a key failure in financial risk management Financial services firms recognise that data quality and availability need to improve further Collecting, storing and aggregating data is an area of weakness for many institutions, with only 39% of respondents believing that they are effective at all these activities  © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Key points n Short-term improvements in market conditions and liquidity have made the banking and insurance industries surprisingly optimistic about their prospects for the coming year n The emphasis in regulation is shifting from issues related to individual institutions to more macroprudential concerns associated with systemic risk n While many firms have overhauled their risk management following the financial crisis, a worrying number of them still not have a clearly defined risk strategy The new risk landscape T he financial services industry entered 2010 on a much more stable footing than last year Since the darkest days of the financial crisis, the share prices of major banks have rebounded, economic conditions have improved and the industry has benefited from a surge in liquidity facilitated by the actions of policymakers around the world These short-term improvements in the economic landscape have fostered a mood of surprising optimism among the respondents questioned for our survey Three-quarters see their prospects for revenue growth over the next year as positive, while 68% feel the same on the outlook for profitability In last year’s Economist Intelligence Unit survey for SAS, just 34% saw the prospects for revenue growth, and 33% for profitability, as being positive Optimism is particularly high within the Asia-Pacific region where financial institutions have been less affected by the crisis and where economic growth remains relatively robust Within the region, 86% of respondents see prospects for revenue as positive, and 77% think similarly on the outlook for profit Although the outlook has undoubtedly improved significantly across the whole industry, it would be wrong to be complacent Sluggish economic growth in developed countries, combined with stubbornly high unemployment, are likely to lead to further difficulties in mature markets New regulations and the imposition of more conservative capital and liquidity buffers will drive down How you currently rate the prospects for your business in the following areas over the next year? Please rate to where is significantly positive and is significantly negative and signifies no change (% respondents) Significantly positive No change Significantly negative Revenue growth 23 51 14 10 Profitability 18 50 18 13 Share price 10 42 41 61 Relations with customers 16 52 27 Relations with investors 12 42 37 Capital adequacy 13 46 29 Source: Economist Intelligence Unit survey, February 2010  © The Economist Intelligence Unit Limited 2010 11 Rebuilding trust Next steps for risk management in financial services corporate profitability, while new macroeconomic risks, such as the sovereign debt crisis in Greece, could derail any nascent recovery In the medium term, policymakers will be looking to withdraw fiscal stimulus packages and return debt and equity capital holdings to private investors Over the same period, a more stringent regulatory environment will emerge Banks, for example, face the prospect of tighter restrictions on capital reserves under proposals dubbed as the “Basel rules” The emphasis in regulation is shifting from issues related to individual institutions towards macroprudential ones associated with systemic risk “Previously, regulators were just not focused on systemic issues,” says Viral Acharya, professor of finance at the New York University Stern School of Business “It was almost as if the micro objective of making each bank safe was somehow clouding the focus of regulation from what it really should be doing, which is to guard the system as a whole.” With which of the following stakeholders of your company has there been the most change in the transparency of communication on risk issues over the past 12 months? Select up to two (% respondents) Regulators 63 Board of directors 37 Investors 30 Rating agencies 17 Government bodies 16 Creditors 10 Media What you consider to be currently the main barriers to effective risk management in your organisation? Select up to three (% respondents) Uncertainty over future regulation 39 Poor communication across departments 38 Insufficient data 32 Risk management function lacks authority 29 Lack of confidence in existing risk management tools 26 Inadequate real-time (intra-day) risk management 21 Lack of adequate investment 21 Use of spreadsheets in risk management 12 Others, please specify There are no barriers Source: Economist Intelligence Unit survey, February 2010  © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Which of the following statements best describes the situation regarding the risk management strategy at your company? (% respondents) We have a clearly defined risk management strategy that is updated on a regular basis 60 We have a clearly defined risk management strategy, but it is not updated on a regular basis 21 We not have a clearly defined risk management strategy We are creating a new model for our risk management strategy after the financial crisis 10 Source: Economist Intelligence Unit survey, February 2010 Regulators look at risk This is not to say, however, that regulators are downplaying their micro-prudential responsibilities In the past 18 months, supervisors have been carefully scrutinising the way in which individual institutions identify, monitor and mitigate risk, and the steps they are putting in place to ensure that boards are fulfilling their mandates on governance and oversight The dynamic between regulators and individual firms has changed immeasurably, according to Barrie Wilkinson, a partner in risk and finance at Oliver Wyman, a consultancy “In the UK, the Financial Services Authority is recruiting very aggressively and has armies of people coming in almost every day to inspect the banks,” he says The extent of dialogue with regulators emerges as a key concern for respondents to our survey Asked about the stakeholders with whom transparency of communication on risk issues had changed most over the past 12 months, respondents cite regulators by a significant margin They also point to regulatory uncertainty as the main barrier to effective risk management Pressure from regulators and other stakeholders, along with the sheer scale of the recent crisis, means that very few financial institutions now take risk management for granted As highlighted in our 2009 report, more than one-half of institutions said that they were conducting a thorough overhaul of their risk management Today, there is greater confidence that some issues have been resolved Six out of 10 respondents say that they have a clearly defined risk strategy in their organisations that is regularly updated, although this still leaves a worrying 40% that either not have such a strategy in place or have significant work to to make the necessary changes In the case of organisations with less than US$500m in assets, just 43% have a clearly defined strategy in place  © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Key points n There is a growing consensus that good risk management at organisations starts at the top n It is increasingly common for CROs to have a dual reporting line to the chief executive and to the risk committee or equivalent n There is still plenty of room for improvement in risk management and reporting practices at most companies Setting the tone T here is an emerging consensus that good risk management starts at the top of the organisation Board members need to have sufficient knowledge and information to be able to challenge and question executive management, and they need to devote an appropriate amount of time to understanding the business “If you are going to have a risk culture that is embedded within an organisation, it has to start from the top,” says Richard Apostolik, president of the Global Association of Risk Professionals, a trade association Survey respondents consider board-level expertise to be one of the top three risk management issues that they would like to address Yet somewhat surprisingly, less than one- half say that they are devoting resources to improving risk governance by board members Many institutions are addressing these shortcomings by forming board-level risk committees This is one of the key changes proposed by the UK government-sponsored Walker Review of corporate governance in the banking industry There is also a strong focus on board competencies in the US Proposed rules from the Securities and Exchange Commission will require disclosure of the board’s In the past 12 months, what change has there been to the amount of investment your firm has made in the following areas? Please rate to where is significantly more and is significantly less and signifies no change (% respondents) Significantly more No change Significantly less Training of risk professionals 14 40 41 Training of general workforce in risk 10 41 42 Training of board members in risk 40 47 31 Recruitment of specialised risk professionals 12 38 43 Improvement of risk processes at strategic level 19 51 25 41 Improvement of risk processes at operational level 18 54 25 Data quality and integrity 13 49 34 IT systems 14 43 38 31 Third-party risk advisory services 24 61 Source: Economist Intelligence Unit survey, February 2010  © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services “There is much to be said for having a risk committee to look over the horizon while the board steers the ship, but economic storms arrive unexpectedly” – David Allen, partner at Mayer Brown, a law firm qualifications and its role in risk management Among respondents to our survey, almost three-quarters say that they have a board-level risk committee in place Not everyone believes, however, that stand-alone risk committees are essential in every organisation “It depends what the firm is doing and the scope and depth of its activities,” says Mr Apostolik “In some cases, this role can be performed perfectly adequately as part of an audit committee.” More important than the existence of a risk committee is the content of the board’s discussions and their interaction with executive management and the risk function “The board needs to know what they don’t know and they need to find a way of finding out what that information is,” notes Andy Clinton, managing director of Protiviti, a risk consultancy Boards across the industry are facing a significant increase in their workload and responsibilities Key among these is the need to set and monitor the overall risk appetite, which should articulate the institution’s willingness to take risk in order to pursue business objectives A recent report from the Senior Supervisors Group—a collection of financial regulators from Canada, France, Germany, Japan, Switzerland, the UK and US— found that financial institutions still have some progress to make in setting and monitoring a robust risk appetite2 Until recently, risk appetite was generally regarded as a mechanical, compliance-driven activity that required the approval of boards but little active involvement from them “Most of the risk appetite work that we see now is trying to get boards to own the risk profile of the organisation, and talk openly about what kind of risks the company should be running and under what circumstances it might need to take certain precautionary actions,” comments Andrew Rear, head of European insurance at Oliver Wyman David Allen, a partner at law firm Mayer Brown, says that an organisation’s risk appetite should be informed by the broader economic outlook, but he warns that this could be a source of tension “There is much to be said for having a risk committee to look over the horizon while the board steers the ship, but economic storms arrive unexpectedly, and it will take robust committee members to persuade the board to reduce its risk exposure when the waters still appear calm,” he says Role of the CRO Many financial institutions are changing reporting lines for the chief risk officer (CRO) in order to strengthen their overall risk governance It is increasingly common for CROs to have a dual reporting line to the chief executive and to the risk committee or equivalent Among our survey respondents, 57% say that their companies have a CRO with a direct reporting line into the board A dual reporting line ensures that the CRO has access to executives at the very top of the company Does your organisation currently have the following? (% respondents) Yes, already have No, but intend to recruit No plans to recruit Chief Risk Officer 65 12 22 Risk committee 73 11 17 Board member with expertise in risk Risk management lessons from the global banking crisis of 2008, October 2009  67 11 22 CRO reporting to board or executive directors frequently 57 14 Source: Economist Intelligence Unit survey, February 2010 © The Economist Intelligence Unit Limited 2010 29 Rebuilding trust Next steps for risk management in financial services How effective is your organisation in each of the following areas? Please rate to where is very effective and is not effective at all (% respondents) Very effective Not effective at all Aggregating risks at firm-wide level 16 42 27 13 Applying risk management to support broader strategic goals 10 44 34 12 Understanding the interaction of risk across business lines 39 38 14 Managing real-time (or intra-day) risk 29 38 21 Instilling a culture of risk more broadly in the company 13 37 34 14 Providing timely, relevant risk reports to the board 39 38 12 19 Collecting, standardising and storing risk data 31 40 Using human judgment to supplement quantitative tools 13 46 28 12 Constructing a governance, risk and compliance framework 14 44 29 11 16 Managing the pace and amount of change 33 44 Source: Economist Intelligence Unit survey, February 2010 and it also enables an open and unfettered access to the board, with an information exchange that flows both ways “The CRO needs to be at the top table and be involved in the strategic decisions the company makes, so that he or she can provide an independent view over whether they fit with the risk appetite of the company,” says Bruce Munro, group CRO of National Australia Bank, who himself reports into the CEO and has a veto over any decision in the organisation Reporting The success of these new reporting lines and governance structures depends on a robust, two-way communication between the board and senior risk managers A key area of focus for many firms has been the strengthening of their management information systems and responding to the more diverse and frequent reporting requirements of the board “It becomes a much more two-way interactive process rather than a mechanical monthly meeting where you just talk about whatever has come through the system that month,” says Mr Munro Axel Lehmann, group CRO of Zurich Financial Services, one of the world’s largest insurers, says that boards are typically requesting more forward-looking data, and expect both a holistic overview of the key risk exposures as well as more granular information on specific risk categories “They also want to have a better awareness of the risk models that the company is using and a good understanding of the assumptions that go into those models,” he adds Yet respondents to our survey admit that they still have improvements to make in risk reporting Just 47% say that they are effective at providing timely and relevant risk reports to the board Given that boards expect to get both greater detail from reports and an insightful summary of overall risk exposure—all in a highly accelerated time frame—it seems clear that many organisations still have some way to go to satisfy these new requirements  © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Key points n Shortage of risk professionals with the right expertise is forcing most companies to spend significantly more on recruitment and training n The scarcity of talent is most acute in the areas of compliance and governance n Companies are looking for risk experts with not just technical capabilities but also softer skills like the ability to communicate across functional silos and reporting lines War for talent G reater expectations from boards, combined with sustained pressure from regulators and other stakeholders, are placing significant pressure on risk functions With many financial institutions actively recruiting and embarking on major risk projects, risk expertise is becoming a scarce and expensive commodity According to a report in Risk magazine3, shortages of risk professionals in the UK are forcing salaries to rise by between 20% and 30% Among our respondents, 50% say that their organisations are spending more on recruiting risk professionals, and just over half say their companies are increasing investment in training programmes to improve the risk function’s skills Asked about the areas where shortages are most acute, respondents list compliance and governance by a considerable margin The problem is compounded by the fact that recruiters are becoming increasingly demanding “Before the collapse of Lehman Brothers, banks hired candidates who ticked seven out of 10 boxes,” says Blair Cashin, a risk management consultant at Joslin Rowe, a recruitment firm “Now they want In which of the following areas has there been most change – if any – in the need for expertise in personnel and technology in your organisation over the past 12 months? Select up to three (% respondents) Compliance and governance 44 Stress-testing 32 Firm-wide risk 31 Liquidity risk 31 Credit portfolio management 26 Asset liability management 26 Risk forecasting 22 Fraud risk 15 Credit scoring (if applicable) 14 Others, please specify Risk magazine, December 1st, 2009 10 Source: Economist Intelligence Unit survey, February 2010 © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services “Even the smartest risk managers will fail if they can’t communicate” – Richard Apostolik, president, Global Association of Risk Professionals people who tick eleven out of ten.” The development of a formal certification programme, established by organisations such as the Global Association of Risk Professionals, is helping risk management to gain more recognition as a business discipline, and gives financial institutions a better yardstick for measuring expertise.“ Banks need to know from an objective point of view that the people they are entrusting their risk management function to possess the baseline competencies to perform their role,” says Mr Apostolik But beyond the technical capabilities required by risk professionals, there is also a growing emphasis on softer skills “You have to be able to take a relatively complex activity and describe it in simple terms so that people on the board or in the business can quickly understand it and be able to act on it,” says Mr Apostolik “Even the smartest risk managers in the world will fail in the role if they don’t have the ability to communicate.” Many commentators believe that greater movement of managers between the front and back offices can help to address talent shortages and, perhaps more importantly, build bridges between the risk function and the business at large “You’ve got to get more movement between the two,” says Mr Munro “I think companies ought to insist that their top talent have significant stints in risk during their career I also think it’s important that people who want a career in risk spend time in the business so they understand one another better.” Enforcer or enabler? The financial crisis has dramatically changed perceptions of the risk function, giving it unprecedented power over the lines of business While few would dispute that this is generally a positive development, the question is whether there is a danger that the risk function could wield too much power, and say “no” to the front office too often “You’ve got to use authority carefully,” says Bruce Munro, group chief risk officer of National Australia Bank “It’s easy to overreact in the current circumstances, but you can’t say ‘no’ to everything.” This highlights the importance of forming a positive working relationship between the risk function and the business, so that the front office sees risk as making a positive contribution—more than just as an enforcer “Risk functions need to shift towards being an enabler, developing an external and independent view and finding a way of convincing the business that it has value, to listen to that view 11 and act on it,” says Mr Munro Instilling this relationship requires strong leadership and professionals in the risk function and front office who respect each other Rather than relying on the risk function to manage risk, financial institutions need to hold accountable and empower the first line of defence—the sales teams, underwriting functions or trading floors—to make decisions in a more risk-aware way “The best enterprise risk management practice is to have business managers, profit centres, business unit heads and functional heads really assuming full responsibility and accountability for the risks they take,” says Axel Lehmann, group CRO of Zurich Financial Services Risk management currently enjoys an unprecedented level of authority within organisations, but this could prove temporary when confidence returns and there is a renewed focus on performance and investor returns “That is the $64,000 question,” says Mr Munro “It’s not hard at the moment to get risk around the table The challenge will be to keep risk at the table once conditions demonstrably improve.” © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Key points n Enterprise risk management remains a work in progress for most institutions in the banking and insurance industries n The vast majority of financial institutions surveyed for this report are improving risk processes at the operational level while a smaller proportion are doing the same at the strategic level n Major obstacles remain in integrating the management of credit and market risk Breaking down silos W ithin the risk function itself, there is a recognition that not enough has been done to encourage communication across risk silos In many institutions, market and credit risk were managed by different teams using separate systems, which made it difficult to gain an overall aggregate view of risk exposures, and meant that some problems inevitably fell through the cracks Recognising these shortcomings, some banks are seeking to combine or improve co-ordination between risk departments Last year, for example, HSBC combined its market and credit risk functions Although financial institutions are making progress on aggregating risk exposures at the enterprise level, a firm-wide view of risk remains a work in progress for the vast majority of them Just 47% of respondents consider themselves effective at understanding the interaction of risks across business lines, and 58% are confident in their ability to aggregate risks at the firm-wide level Poor communication across departments is also identified as the second most significant barrier to effective risk management In which of the following areas you think the most significant focus should be to address current shortcomings in risk management? Select up to three (% respondents) Risk management processes and systems 48 Business risk expertise 46 Board-level expertise 38 Risk function expertise 32 Data quality 30 Defining line responsibility for risk management 25 Risk reporting 21 Data availability 16 Real-time (or intra-day) risk Others, please specify Source: Economist Intelligence Unit survey, February 2010 12 © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Financial institutions also recognise that their existing risk structures and processes failed to account for the liquidity crunch that crippled the industry following the collapse of Lehman Brothers 13 This ongoing reassessment of organisational structures reflects a general trend whereby financial institutions are examining risk processes and considering whether they are still fit for purpose Asked about the changes to levels of investment in key aspects of risk, almost three-quarters of respondents say that they are increasing expenditure on the improvement of processes at the operational level A slightly smaller proportion of 70% say that they are increasing investment in risk processes at the strategic level Processes and systems are also seen as the aspect of risk that is in most need of attention There are obstacles for initiatives designed to break down risk silos, however “Credit risk and market risk tend to be big departments and have very different cultures,” says Mr Wilkinson from the consultancy Oliver Wyman “Trying to get those guys to work as a single team is easier said than done.” There are significant data infrastructure challenges too, as credit risk and market risk typically operate separate systems that cannot easily be integrated Even if the two functions are not formally combined, better co-ordination between them can help to serve as an early warning system of emerging risk correlations “The best way to break down a silo is to have a culture where people in different departments know each other and can figure out what links there might be between particular risks under certain circumstances,” says Mr Munro Financial organisations also recognise that their existing risk structures and processes failed to account for the liquidity crunch that crippled the industry following the collapse of Lehman Brothers Often liquidity was something that was managed by the treasury function, and not seen as a risk category in its own right Even regulators tended to neglect it “Liquidity risk was always a bit of a sleeper risk,” says Mr Munro “Like many banks, we have given it greater focus, more sophistication in the way we manage it and more conservatism in the buffers that we hold.” © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Key points n Institutions are increasingly combining traditional measures of risk management with more forwardlooking tools and techniques n Collecting and analysing data to effectively manage risk is still a big challenge for many organisations n Four out of five companies surveyed say they are increasing investment in data quality and integrity The devil is in the data A ccurate and reliable data are the cornerstones of good risk management, yet continue to be an area of considerable weakness As the Senior Supervisors Group noted in a recent report, many financial institutions have information management systems that are inadequate to monitor their risk exposures The problem is especially acute at multinational banks and insurers that have grown through acquisitions Among survey respondents, just 39% say that they are effective at collecting, standardising and storing data Insufficient data is also seen as among the top three shortcomings preventing more effective risk management “Data is everything,” says Mr Apostolik “Without data you’re not going to be able to make any kind of educated risk assessment.” Signs of stress The financial crisis has highlighted the problems of over-reliance on quantitative models It is now generally agreed that techniques such as Value at Risk (VaR), which are used to calculate the risk of loss in a portfolio, should not be used in isolation A key problem with VaR is that it is based on historical data, often of a relatively short timeframe, that fails to account for the possibility of catastrophic outcomes in financial markets Although some financial institutions continue to use VaR, it seems likely that regulators will push them towards using an adapted measure, such as Stressed VaR, which examines how a firm’s trading position changes during times of acute market stress More generally, there is a shift towards combining these traditional measures with more forward-looking risk tools and techniques Stress testing is one tool that is rapidly gaining ground as an important input to understanding risk exposures Although it is not new, financial institutions previously used it in a rather 14 mechanical way, and were dismissive of scenarios that were seen as too outlandish “Stress testing is vitally important,” says Gordon Scott, managing director in the financial institutions group at Fitch Ratings “You’ve got to understand how robust your positions are to alternatives of macro events and other stresses, no matter how implausible they may seem.” For many institutions, stress testing is increasingly being applied in a more systematic way that is linked with the overall risk appetite It remains a relatively unfamiliar concept for some institutions, however, and an area where the necessary skills may be in short supply According to survey respondents, stress testing is the area where there has been most change in the need for expertise after compliance and governance While stress testing has emerged as a useful tool to explore the impact of potential scenarios, there continues to be debate around how to embed the outcomes of the activity into management decision-making Qualitative tools are inherently subjective, but this should not prevent their adoption as an early warning system designed to prepare the institution for different eventualities and to provide an indication of trouble on the horizon © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services “Institutions need to ensure that the same sources of data are available to people across the organisation so that results are comparable” – Sam Harris, director of enterprise risk management, Teradata 15 An important challenge for many firms is that they have multiple or disparate legacy systems that have built up over a period of years “When a decision is made to launch a new product, or respond to a new regulatory initiative, the tendency is to solve that quickly and meet the requirements by building a new system,” says Sam Harris, director of enterprise risk management at Teradata, a technology provider Reconciling these disparate systems across multiple borders and currencies requires a significant amount of manual intervention This time-consuming and resource-intensive process creates a time delay in the availability of data—a major problem when an institution is trying to formulate a response to an unexpected event, such as the collapse of a counterparty In recognition of these shortcomings, 62% of survey respondents say that they are increasing investment in data quality and integrity Data quality underpins the efforts that financial institutions are making to aggregate risk exposures and break down the silos between risk categories “Institutions need to ensure that the same sources of data are available to people in different parts of the organisation so that results are comparable across business units and different risk measures,” says Mr Harris © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Conclusion R isk management is viewed as one of the culprits of the financial crisis but it should also be seen as one of the main instruments for safeguarding the future Although actions taken now should not be expected to prevent every future crisis, some lessons have been learned and many organisations are moving towards a more sustainable approach to the balance between risk and reward There is still significant progress to be made, not least in building a firm-wide risk culture and ensuring that there is sufficient, timely information available to make appropriate decisions The risk function has now attained an unprecedented level of authority With regulators, boards and executive management desperate to ensure that the mistakes of the past are not repeated, risk management has become central to the strategic agenda and few major decisions will now be taken without involving senior members of the risk function Chief risk officers have a seat at the top table and the ear of the board, and the regulatory process points to a deeper role for risk management at every level of the organisation But this new mantle of authority needs to be used wisely Although risk must retain its controls and enforcement responsibilities, CROs and their reports should be careful to strike a balance between the prevention of excessive risk-taking and a more constructive role in helping the business to achieve its broader objectives In the current environment, it may be tempting to err on the side of prevention, but the risk function must also build a more trusting, positive relationship with the revenue-generating departments while still preserving its objectivity and independence Moreover, it should be recognised that the level of authority currently enjoyed by the risk function could be fleeting Although risk management is at the top of the agenda now, and is attracting investment and stakeholder attention, the key question is whether this situation will endure when market conditions turn the corner and the pressure to improve financial performance returns Efforts and investments made now will determine whether risk has a seat at the top table through the good times as well as the bad 16 © The Economist Intelligence Unit Limited 2010 Appendix Survey results Rebuilding trust Next steps for risk management in financial services Appendix: Survey results In January and February 2010, the Economist Intelligence Unit conducted a survey of 346 senior risk professionals from the banking and insurance industries Our sincere thanks go to all who took part in the survey Please note that not all answers add up to 100%, because of rounding or because respondents were able to provide multiple answers to questions How you currently rate the prospects for your business in the following areas over the next year? Please rate to where is significantly positive and is significantly negative and signifies no change (% respondents) Significantly positive No change Significantly negative Revenue growth 23 51 14 10 Profitability 18 50 18 13 Share price 10 42 41 61 Relations with customers 16 52 27 Relations with investors 12 42 37 Capital adequacy 13 46 29 11 With which of the following stakeholders of your company has there been the most change in the transparency of communication on risk issues over the past 12 months? Select up to two (% respondents) Regulators 63 Board of directors 37 Investors 30 Rating agencies 17 Government bodies 16 Creditors 10 Media Which of the following statements best describes the situation regarding the risk management strategy at your company? (% respondents) We have a clearly defined risk management strategy that is updated on a regular basis 60 We have a clearly defined risk management strategy, but it is not updated on a regular basis 21 We not have a clearly defined risk management strategy We are creating a new model for our risk management strategy after the financial crisis 10 Source: Economist Intelligence Unit survey, February 2010 17 © The Economist Intelligence Unit Limited 2010 Appendix Survey results Rebuilding trust Next steps for risk management in financial services In the past 12 months, what change has there been to the amount of investment your firm has made in the following areas? Please rate to where is significantly more and is significantly less and signifies no change (% respondents) Significantly more No change Significantly less Training of risk professionals 14 40 41 Training of general workforce in risk 10 41 42 Training of board members in risk 40 47 31 Recruitment of specialised risk professionals 12 38 43 Improvement of risk processes at strategic level 19 51 25 41 Improvement of risk processes at operational level 18 54 25 Data quality and integrity 13 49 34 IT systems 14 43 38 31 Third-party risk advisory services 24 61 In which of the following areas you think the most significant focus should be to address current shortcomings in risk management? Select up to three (% respondents) Risk management processes and systems 48 Business risk expertise 46 Board-level expertise 38 Risk function expertise 32 Data quality 30 Defining line responsibility for risk management 25 Risk reporting 21 Data availability 16 Real-time (or intra-day) risk Others, please specify Over the next year, what change you expect to the geographical focus of your organisation? Please rate to where is significantly greater focus and is significantly less focus (% respondents) Significantly greater focus Significantly less focus Domestic market 31 27 36 51 Overseas developed markets 29 38 15 11 10 11 Overseas emerging markets 26 29 25 Source: Economist Intelligence Unit survey, February 2010 18 © The Economist Intelligence Unit Limited 2010 Appendix Survey results Rebuilding trust Next steps for risk management in financial services How effective is your organisation in each of the following areas? Please rate to where is very effective and is not effective at all (% respondents) Very effective Not effective at all Aggregating risks at firm-wide level 16 42 27 13 Applying risk management to support broader strategic goals 10 44 34 12 Understanding the interaction of risk across business lines 39 38 14 Managing real-time (or intra-day) risk 29 38 21 Instilling a culture of risk more broadly in the company 13 37 34 14 Providing timely, relevant risk reports to the board 39 38 12 19 Collecting, standardising and storing risk data 31 40 Using human judgment to supplement quantitative tools 13 46 28 12 Constructing a governance, risk and compliance framework 14 44 29 11 16 Managing the pace and amount of change 33 44 What you consider to be currently the main barriers to effective risk management in your organisation? Select up to three (% respondents) Uncertainty over future regulation 39 Poor communication across departments 38 Insufficient data 32 Risk management function lacks authority 29 Lack of confidence in existing risk management tools 26 Inadequate real-time (intra-day) risk management 21 Lack of adequate investment 21 Use of spreadsheets in risk management 12 Others, please specify There are no barriers Source: Economist Intelligence Unit survey, February 2010 19 © The Economist Intelligence Unit Limited 2010 Appendix Survey results Rebuilding trust Next steps for risk management in financial services In which of the following areas has there been most change – if any – in the need for expertise in personnel and technology in your organisation over the past 12 months? Select up to three (% respondents) Compliance and governance 44 Stress-testing 32 Firm-wide risk 31 Liquidity risk 31 Credit portfolio management 26 Asset liability management 26 Risk forecasting 22 Fraud risk 15 Credit scoring (if applicable) 14 Others, please specify Which of the following potential regulatory changes you think would most benefit the risk management system in your organisation? Select up to three (% respondents) Compensation linked more closely to long-term performance 42 More stringent capital and capital reserve requirements 40 More data transparency / auditing 32 Stronger macro-prudential regulation 26 Break-up of banks and insurers seen as “too big to fail” 20 Living wills (plans requiring banks to stipulate in advance how they would raise funds in a crisis and how their operations could be dismantled after a collapse) 18 Greater restrictions on derivatives and securitisation sectors 17 Greater restrictions on over-the-counter products / trading 14 Mandatory clearing and settlement of trades Tax aimed at curbing speculative currency transactions Other, please specify None of the above Source: Economist Intelligence Unit survey, February 2010 20 © The Economist Intelligence Unit Limited 2010 Appendix Survey results Rebuilding trust Next steps for risk management in financial services Does your organisation currently have the following? (% respondents) Yes, already have No, but intend to recruit No plans to recruit Chief Risk Officer 65 12 22 Risk committee 73 11 17 Board member with expertise in risk 67 11 22 CRO reporting to board or executive directors frequently 57 14 29 Where is your company headquartered? (% respondents) United States of America 23 United Kingdom Australia India Singapore Canada Netherlands Switzerland France Germany Hong Kong New Zealand Nigeria Sweden China Indonesia Japan Malaysia Spain Other 18 Source: Economist Intelligence Unit survey, February 2010 21 © The Economist Intelligence Unit Limited 2010 Appendix Survey results Rebuilding trust Next steps for risk management in financial services What is your primary industry / sector? (% respondents) Investment banking / wholesale capital markets operations / investment management 35 Corporate / commercial banking 23 Retail banking 20 Insurance 19 Reinsurance Which of the following categories best describes your organisation by revenue? (% respondents) $100 million or less 26 Between $100 million and $249 million Between $250million and $499million Between $500 million and $999 million Between $1 billion and $4.9 billion 19 Between $5 billion and $9.9 billion Between  $10 billion and $24.9 billion Greater than $25 billion 21 Which of the following best describes your title? (% respondents) Board member CEO/President/Managing director 16 CFO/Treasurer/Comptroller CIO/Technology director Other C-level executive 12 SVP/VP/Director 25 Head of business unit Head of department Manager 15 Other Source: Economist Intelligence Unit survey, February 2010 22 © The Economist Intelligence Unit Limited 2010 While every effort has been taken to verify the accuracy of this information, neither The Economist Intelligence Unit Ltd nor the sponsor of this report can accept any responsibility or liability for reliance by any person on this white paper or any of the information, opinions or conclusions set out in this white paper Cover image - © FOTOCROMO/Shutterstock LONDON 26 Red Lion Square London WC1R 4HQ United Kingdom Tel: (44.20) 7576 8000 Fax: (44.20) 7576 8500 E-mail: london@eiu.com NEW YORK 750 Third Avenue 5th Floor New York, NY 10017, US Tel: (1.212) 554 0600 Fax: (1.212) 586 0248 E-mail: newyork@eiu.com HONG KONG 60/F, Central Plaza 18 Harbour Road Wanchai Hong Kong Tel: (852) 2585 3888 Fax: (852) 2802 7638 E-mail: hongkong@eiu.com GENEVA Boulevard des Tranchées 16 1206 Geneva Switzerland Tel: (41) 22 566 2470 Fax: (41) 22 346 93 47 E-mail: geneva@eiu.com [...]... expertise 38 Risk function expertise 32 Data quality 30 Defining line responsibility for risk management 25 Risk reporting 21 Data availability 16 Real-time (or intra-day) risk 9 Others, please specify 2 Source: Economist Intelligence Unit survey, February 2010 12 © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Financial institutions... sophistication in the way we manage it and more conservatism in the buffers that we hold.” © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Key points n Institutions are increasingly combining traditional measures of risk management with more forwardlooking tools and techniques n Collecting and analysing data to effectively manage risk is... confidence in existing risk management tools 26 Inadequate real-time (intra-day) risk management 21 Lack of adequate investment 21 Use of spreadsheets in risk management 12 Others, please specify 5 There are no barriers 6 Source: Economist Intelligence Unit survey, February 2010 19 © The Economist Intelligence Unit Limited 2010 Appendix Survey results Rebuilding trust Next steps for risk management in financial. .. 21 © The Economist Intelligence Unit Limited 2010 Appendix Survey results Rebuilding trust Next steps for risk management in financial services What is your primary industry / sector? (% respondents) Investment banking / wholesale capital markets operations / investment management 35 Corporate / commercial banking 23 Retail banking 20 Insurance 19 Reinsurance 3 Which of the following categories best... on performance and investor returns “That is the $64,000 question,” says Mr Munro “It’s not hard at the moment to get risk around the table The challenge will be to keep risk at the table once conditions demonstrably improve.” © The Economist Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Key points n Enterprise risk management remains a work in progress... pressure to improve financial performance returns Efforts and investments made now will determine whether risk has a seat at the top table through the good times as well as the bad 16 © The Economist Intelligence Unit Limited 2010 Appendix Survey results Rebuilding trust Next steps for risk management in financial services Appendix: Survey results In January and February 2010, the Economist Intelligence Unit... Applying risk management to support broader strategic goals 10 44 34 12 1 Understanding the interaction of risk across business lines 8 39 38 14 1 Managing real-time (or intra-day) risk 8 29 38 21 5 Instilling a culture of risk more broadly in the company 13 37 34 14 2 Providing timely, relevant risk reports to the board 8 39 38 12 3 19 3 Collecting, standardising and storing risk data 8 31 40 Using... work in progress for most institutions in the banking and insurance industries n The vast majority of financial institutions surveyed for this report are improving risk processes at the operational level while a smaller proportion are doing the same at the strategic level n Major obstacles remain in integrating the management of credit and market risk Breaking down silos W ithin the risk function itself,.. .Rebuilding trust Next steps for risk management in financial services Key points n Shortage of risk professionals with the right expertise is forcing most companies to spend significantly more on recruitment and training n The scarcity of talent is most acute in the areas of compliance and governance n Companies are looking for risk experts with not just technical... advisory services 4 24 61 8 2 In which of the following areas do you think the most significant focus should be to address current shortcomings in risk management? Select up to three (% respondents) Risk management processes and systems 48 Business risk expertise 46 Board-level expertise 38 Risk function expertise 32 Data quality 30 Defining line responsibility for risk management 25 Risk reporting 21 .. .Rebuilding trust Next steps for risk management in financial services About this research R ebuilding trust: Next steps for risk management in financial services is an Economist Intelligence... Intelligence Unit Limited 2010 Rebuilding trust Next steps for risk management in financial services Key points n Enterprise risk management remains a work in progress for most institutions in. .. Limited 2010 Rebuilding trust Next steps for risk management in financial services from interviews with industry experts and commentators Key findings from this research include the following: Confidence

Ngày đăng: 06/12/2015, 23:09

TỪ KHÓA LIÊN QUAN