Home > Risk > Have banks improved their risk management programs?

Have banks improved their risk management programs?

Another McKinsey study, this time Assessing banks’ confidence after the crisis, looks at changes in bank confidence – including risk management – since the financial crisis.

The general tone of the report seems to be about “complacency” by the banks.

Focusing on risk management-related points:

When asked about any failures to manage risk leading up to the global economic crisis, nearly half say their institutions managed their risk adequately; notably, more than half of investment bankers say so (in part, perhaps, because many investment banks that managed risk poorly didn’t survive).

The concern must be that the institutions that did not fail during the crisis may not have conducted a re-assessment of their program in light of the lessons that can be learned from the failures:

  • Injecting common-sense and judgment into the use of models, not only in the review of the results but in the review of the assumptions (such as that house prices would continue to risk)
  • Broadening their risk management activities to include strategic and operational risks

Now, almost three years after the crisis began, nearly half of respondents say that while their institutions’ appetite for risk is the same as it was before, their understanding of risk has improved. Given that most respondents say investors consider robust risk management to be more important since the crisis than other issues—growth potential or return on equity, for example—it appears that institutions are making a concerted effort to address their real concerns.

Is it reasonable to believe organizations’ risk appetite and tolerance should be the same?

As banks move beyond the crisis, there seems to be little consensus about how to improve their risk-management capabilities. More respondents say their institutions are establishing a clear chain of risk accountability than doing anything else, but the survey does not reveal any sweeping efforts to embed responsibility into the institution.

As long as risk management is the job of a separate risk function, and not part of the operating manager’s job, it is doubtful that risk management will be optimized.

The results indicate that some institutions aren’t paying enough attention to emerging trends such as online banking and the growth of developing-market economies (23 percent of respondents say emerging markets have no major impact on their institutions).

This concluding comment in the report reinforces the idea that banks may not be paying enough attention to strategic risk, continuing to focus their risk management activity on their financial portfolio.

What is your view? I would love to hear from those with insights into risk management practices at banks.

  1. Don
    August 22, 2011 at 12:41 PM

    Thanks for the terrific information on financial risk. I am looking forward to hear more upcoming news.

  2. September 22, 2011 at 9:03 AM

    I work exclusively with financial institutions in the US in the risk managment arena. I see more banks starting to take risk management more seriously, but there are still a lot that take a checklist approach as mentioned in the article. The regulators are trying but it’s still a hit or miss proposition. Management still views risk managment in terms of silos. The more effective risk management programs that I see tend to involve more employees from all corners of the organization. Until this become more prevelent in the industry, we will continue to see less than desireable results.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: