Corporate Finance, DeFi, Blockchain, Web3 News
Corporate Finance, DeFi, Blockchain News

Financial services firms confused about risk management

Last year, I heard a senior consultant from one of the large firms explain their approach to risk management. It focused on ‘risk and reward’ and why it is important to understand risk so you can balance it against the potential for reward. Her presentation was entirely about the positions her financial services clients might take in the financial marketplace, and how to determine which ones were desirable and within the firm’s ‘risk appetite’ and which were not.

Norman Marks
Norman Marks
Today, I was sent a link to the Law and Public Policy blog at Wharton and a piece Re-thinking Risk Management: Why the Mindset Matters More Than the Model. The authors try to extend the thinking about risk management in financial services organizations and make a few good points, including:

- Experts at Wharton and elsewhere argue that too much blame is being placed on the risk management model and other tools of the trade, in banking and beyond. The models are not necessarily broken, but instead are only as good as the decisions that get made based on them, they say. As a result, the current crisis may represent an opportunity for companies to re-visit and re-think historical approaches to risk management. When it comes to planning for the future, the new thinking goes, it is not just the model that matters, it is the mindset.
- Risk taking remains what managing is all about, and not just in financial services but in every industry. Indeed, from an economic perspective, all firms fundamentally are in the business of taking risks based on their core capabilities.
- Whatever industry you consider, it is always the same pattern. Things are getting faster, and therefore we need to make decisions faster, but based on information that we often don’t have.
- The definition of “business intelligence” is expanding from a focus on operating performance to increasingly include monitoring risks, both inside and outside the organization.
- “Strategy is making choices under conditions of uncertainty. And you cannot make the right strategic choices without understanding your industry and how much risk you need to take on.”
- Risk management promises to become an even more central part of managing any business. In Danone’s case, for instance, risk considerations are now embedded at multiple stages during the course of business — at the strategic planning stage, the budgeting stage, etc. — and should be discussed more often during quarterly reviews and whenever there are major changes or new projects.

The authors are on the right track, in my opinion, but still have a long way to go. They have recognized two major issues with ‘traditional’ risk management at financial institutions: (a) an over-reliance on models without adding a layer of common sense, and (b) risk management is about far more than just the potential for loss on financial instruments and positions. It’s about all the uncertainties in the path of the organization, both internal and external, and their potential effect on the ability of the organization to achieve its objectives.

Think of a driver traveling along the freeway. While navigating heavy traffic, he is on his iPad: reading the news, monitoring the market, and trading puts and calls. He is the ‘traditional’ risk manager, managing risk to his portfolio but blind to the risks around and inside his vehicle.

Where the Wharton piece fails, in my opinion, is implying that it is adequate to manage the non-financial risks once or twice a year. Consider this quote from an executive at Danone: “Top managers are convinced of the necessity to use enterprise risk management. We now have an effective working session with part of the executive committee twice a year. And we continue to rely on yearly updates of the risk maps of all major business units worldwide.”

Executives and boards of financial institutions should, in my opinion, understand that risk management is about making more intelligent decisions every day – not only with respect to the trades the driver should make on his iPad, but to avoid braking cars and navigate icy conditions on the freeway of business.

Norman Marks, CPA, is vice president, governance, risk, and compliance for SAP's BusinessObjects division, and has been a chief audit executive of major global corporations for more than 15 years. He is the contributing editor to Internal Auditor’s “Governance Perspectives” column.

Lundi 22 Avril 2013