Home > Risk > Financial services firms confused about risk management

Financial services firms confused about risk management

Last year, I heard a senior consultant from one of the large firms explain their approach to risk management. It focused on ‘risk and reward’ and why it is important to understand risk so you can balance it against the potential for reward. Her presentation was entirely about the positions her financial services clients might take in the financial marketplace, and how to determine which ones were desirable and within the firm’s ‘risk appetite’ and which were not.

Today, I was sent a link to the Law and Public Policy blog at Wharton and a piece Re-thinking Risk Management: Why the Mindset Matters More Than the Model. The authors try to extend the thinking about risk management in financial services organizations and make a few good points, including:

  • Experts at Wharton and elsewhere argue that too much blame is being placed on the risk management model and other tools of the trade, in banking and beyond. The models are not necessarily broken, but instead are only as good as the decisions that get made based on them, they say. As a result, the current crisis may represent an opportunity for companies to re-visit and re-think historical approaches to risk management. When it comes to planning for the future, the new thinking goes, it is not just the model that matters, it is the mindset.
  • Risk taking remains what managing is all about, and not just in financial services but in every industry. Indeed, from an economic perspective, all firms fundamentally are in the business of taking risks based on their core capabilities.
  • Whatever industry you consider, it is always the same pattern. Things are getting faster, and therefore we need to make decisions faster, but based on information that we often don’t have.
  • The definition of “business intelligence” is expanding from a focus on operating performance to increasingly include monitoring risks, both inside and outside the organization.
  • “Strategy is making choices under conditions of uncertainty. And you cannot make the right strategic choices without understanding your industry and how much risk you need to take on.”
  • Risk management promises to become an even more central part of managing any business. In Danone’s case, for instance, risk considerations are now embedded at multiple stages during the course of business — at the strategic planning stage, the budgeting stage, etc. — and should be discussed more often during quarterly reviews and whenever there are major changes or new projects.

The authors are on the right track, in my opinion, but still have a long way to go. They have recognized two major issues with ‘traditional’ risk management at financial institutions: (a) an over-reliance on models without adding a layer of common sense, and (b) risk management is about far more than just the potential for loss on financial instruments and positions. It’s about all the uncertainties in the path of the organization, both internal and external, and their potential effect on the ability of the organization to achieve its objectives.

Think of a driver traveling along the freeway. While navigating heavy traffic, he is on his iPad: reading the news, monitoring the market, and trading puts and calls. He is the ‘traditional’ risk manager, managing risk to his portfolio but blind to the risks around and inside his vehicle.

Where the Wharton piece fails, in my opinion, is implying that it is adequate to manage the non-financial risks once or twice a year. Consider this quote from an executive at Danone: “Top managers are convinced of the necessity to use enterprise risk management. We now have an effective working session with part of the executive committee twice a year. And we continue to rely on yearly updates of the risk maps of all major business units worldwide.”

Executives and boards of financial institutions should, in my opinion, understand that risk management is about making more intelligent decisions every day – not only with respect to the trades the driver should make on his iPad, but to avoid braking cars and navigate icy conditions on the freeway of business.

  1. Peter Githinji
    March 28, 2013 at 7:40 AM

    I do agree risk management should focus beyond risks and return and concentrate on making intelligent decisions that are going to sustain as well as grow business. More of weather forecasting.

  2. Kathryn M Tominey
    March 28, 2013 at 1:47 PM

    If there is anything that can be said about the financial industry is that they have given risk management a really bad name. Risk managers were either dumb as rocks or actively complicit by designing their systems so as not to detect the illegal and/or risky behavior. Rather like the ratings firms who modified their models to provide the answers that G-S and JPM-C wanted to that grade F securities would have triple A ratings. The only thing the firms’ leadership and BoD cared about was the next quarters numbers and the long term well-being of shareholders & clients was not part of that equation.

    Intentionally cheating your own clients – LIBOR, Price fixing and market sharing for managing the bond $$s from cities and states inorder to cheat towns and cities and states out of the interest income they deserved, money laundering for drug cartels and terrorist organizations, helping rich people cheat on their taxes, selling securities you knew were losers to clients and betting against them – what a bunch of disreputable jerks!

    Based on my experience the management always knows what is going on and if it is generating short term profits – or the appearance of profits – they will ignore it and then be amazed if it becomes public.

    I honestly think that the best risk management for the country would be jail time in federal serious offender jails for the leadership (after all if you want to take credit for the profits from illegal activities you ought to take the responsibility for the crimes that generate it), and if firm A has their banking license revoked, some other bank will take over the money and the business and some of the workers.

    Also , BoDs of publically traded companies should never be able to avoid strict tort fiduciary liability & responsibility for the actions of the management that they oversee. Jamie dimon would thus be accountable as a CEO and a Chairman of the Board.

  3. Sean Lyons
    April 2, 2013 at 9:50 AM

    I remember reading this Knowledge@Wharton article when it was published in April 2009 and optimistically thinking at the time that a process of rethinking risk management was in fact set in motion. I even referenced it in a paper of mine at that time. We are now 4 years down the road and I’m not really sure how much progress has been made on this topic. It would certainly be interesting to learn of the author’s current views.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: