Enterprise Risk Management

Enterprise Risk Management in Financial Services organizations has increased in complexity significantly in the past decade. The governing body of principals for most entities is the Basel accords. In addition to implementing Basel compliant processes, banks and non-bank financial services firms have had to implement a number of regulatory process changes including Sarbanes-Oxley, The Patriot Act, and Dodd-Frank that touch the enterprise risk function.

One of the common stumbling blocks to implementing a high effective and streamlined Enterprise Risk Management process is the ability to seamlessly acquire enterprise data that is timely, accurate, complete, and sufficiently granular to enable a high level of analysis and monitoring. A review of your enterprise data and systems architectures may identify weaknesses in your ability to automate and continuously monitor enterprise risk across all four pillars.

Centralized enterprise risk management has a conceptual framework that encompasses Market Risk, Credit Risk, Liquidity Risk, and Operational Risk.

  1. A highly functioning Enterprise Market Risk function has the ability to measure and manage expected losses sustained from changes in the market value of assets and liabilities. Capital allocation for expected stress case and worse case scenarios stems from the competency of predicting variability in performance during market crisis. Many firms are highly proficient at measuring and managing this risk locally, but struggle to manage it globally.
  2. Practitioners of Credit Risk Management typically face similar global risk exposure issues. Leaders need to decide if counterparty exposure limits are managed globally or locally. Counterparty exposures should be aggregated and reported globally in either case. Many firms struggle with counterparty master data management issues among systems where the counterparty name entered may or may not be the true legal entity name. A comprehensive review and implementation of ISDA Masters can help. In light of the mortgage crisis and the inability of Moody’s and Standard & Poor’s models, larger firms should consider developing better in-house corporate credit risk predictive abilities.
  3. Liquidity Risk surfaces as two slightly different sub-sets of risk. The first is Market Liquidity Risk which is the inability to trade a certain asset or liability due to lack of counterparty interest, lack of depth in the market, or an increase in the cost of trading the asset or liability in the form of widening bid-offer spreads or higher holding/funding costs. The second subset is Funding Risk which is the inability or increased cost of funding liabilities. Most Liquidity Risk managers will measure the Liquidity Gap, which is the value of the firm’s liquid assets less its volatile liabilities. Measuring and managing this risk on an enterprise basis can require significant investment in data and systems architecture to bring together all of the data elements with sufficient timeliness, accuracy, completeness, and granularity to facilitate an effective decision making process.

Operational Risk differs from the others types of risk in that its assumption is not used to generate a profit. Operational risk is the cost of doing business in this space with imperfect systems, processes, and people. Quantifying and mitigating the amount of operational risk a firm assumes is the basis from a sound Operational Risk framework. Currently, Model Risk Governance is the focus of much energy in financial institutions racing to comply with OCC 2011-12. (Click link below for our presentation on Model Risk Governance Service Offerings).