Risk management Derivatives Regulation Investing Quantum Cutting Edge SearchAll

risk.net
sections

Events Awards White papers Analytics Hub Futures & Options Hub Subscribe Follow us My account

Search risk.net

RISK MANAGEMENT

Sponsored by ?

Achieving a holistic view of risk

in times of crisis
POPULAR NOW

Asia moves: HSBC

appoints Apac CIO, Crédit
Agricole names regional
transaction banking head,
and more

Quant Finance Master’s

Guide 2020

Bonds fall from favour as

shock absorbers for
equity losses

10 Nov 2020

FOLLOW i

Basel III Risk management

What happens when risks become too global in scope and increasingly
uncertain for a business to manage? Jeroen van Doorsselaere, senior director
– finance, risk and regulatory reporting value propositions at Wolters Kluwer,
explores the key steps to understanding the interrelationships between
individual risks, and the importance of achieving a holistic view of risk that
benefits banks’ bottom lines

2020 has yielded a world in tumult. As summer has

turned to autumn, historic wildfires continue to burn
across California and the US Pacific Northwest, while
hurricanes have churned in greater numbers in the
Atlantic – both undeniable signs of climate change.
Political protests and social unrest have likewise
raged from Hong Kong and Minsk in Belarus to
Santiago in Chile and Kenosha, Wisconsin. And the
global Covid-19 pandemic continues to flare after
bringing devastation to nearly every corner of the Jeroen van Doorsselaere, Wolters
Kluwer
world and most of its economy to a stop.

The year’s extraordinary events have likewise upended the way risk management
approaches are implemented among financial institutions. The Covid-19 pandemic
has not only changed the nature of the risks investment banks must steel
themselves for, but also the operating environment for the enterprise itself.

Indeed, the scope of these risks is different. Whereas the challenge was once a
matter of modelling, data volume and processing capacity, today’s issues – public
health crises, social unrest, climate change, infrastructural threats such as cyber
crime, and many others – draw on completely external realms of knowledge. They
are more widely distributed and larger in scope. Designing a risk framework to
measure and manage them, therefore, takes on a whole new complexion.

For financial institutions, it is a question of finding, evaluating, disseminating and

ultimately incorporating data into front-office decision-making that could never have
been imagined before – as well as breaking down the boundaries around these
knowledge sources, creating risk awareness and transparent views across different
business units. Institutions increasingly need platforms that can deliver an integrated
view of their holistic risk profile. Ultimately, they must enable chief risk officers
(CROs) and senior management to reach better, more informed decisions on risk
and how to assess and manage current risks in this new era.

It is critical for organisations to have a clear, measurable definition of their risk

appetite, and to understand the interrelations between individual risk types and how
they can improve their risk management processes in an operationally cost-efficient
way. This begins with integrating audit, risk and compliance – each its own line of
defence – into contributing to a more holistic process, availing new wins for the
business in a period of volatility and uncertainty, while maintaining a protective long-
term strategy.

This article assesses the key steps that lead to better assessment for risk tolerance
levels, and the data platform attributes required to make this leap.

The importance of a holistic approach

Most present-day enterprise-wide risk management frameworks are
compartmentalised, driven by point solutions for the latest dictates from the Basel
Committee on Banking Supervision or the International Organization of Securities
Commissions, or newer market-specific regimes such as the Fundamental Review
of the Trading Book. As a result, they can be increasingly overwhelming to manage,
incorporating market scenarios and reporting outputs based on fine-tuning inputs
and stressors – such as a new yield curve, interest rate reduction or corporate
action – while aiming to understand the specific potential for knock-on effects or
market contagion.

The consequences of this approach are manifold. While regulatory reporting has
attracted significantly greater investment, it is usually deployed to simply catch up to
the next requirement and often siloed within a particular desk or business unit. Even
when these regulations are focused at an enterprise or balance sheet level, they
typically require a particular perspective on cashflow modelling that is unique,
meaning additional effort is needed to repurpose them for internal risk tolerances. All
the while, this shift in capital has often come at the expense of true enterprise risk
technology transformation. Being compliant has always been the first priority, which
is understandable, considering the costs of non-compliance raise a reputational risk
and significantly impact performance.

However, firms are beginning to notice this problem. Before the pandemic there was
often a separation of compliance-related tasks and internal risk measures while
CROs identified the enterprise stress-testing capabilities as a major area for
improvement. The larger the bank, the more risks are managed in the silo of the risk
type. For example, a large UK bank recently indicated it took three weeks for the
effect of a change in market risk to be fully reflected in its calculations from the
bottom up, and a week for the top-down stress-testing results. That latency creates
a huge risk as the bank will be unable to react quickly when global risks affect all
functions simultaneously, and with different effects on profit-and-loss capital and
compliance measures.

For the purpose of enterprise risk data integration, as well as risk model
interoperability, it is crucial for today’s organisations to seek a strategic approach
and clear view of their risk tolerances within an enterprise risk management
framework that could help their business succeed in times of crisis (see figure 1).

Adopting, and thriving from, a crisis mentality

2020 has proven a number of realities that, in the past, seemed merely theoretical.
The universe of ‘known unknowns’ to be analysed has grown far wider as a result of
Covid-19, but it has also shown how exogenous global risks can manifest in hyper-
local ways. To this extent, they must be accounted for as banks take stock of where
to look for good investments, and where to steer clear.

Today, banks’ risk teams are building frameworks for analysis and activation.
Pockets of innovation already exist on their research teams and even in certain
product developments. These include balance sheet optimisation, regulatory
technology and artificial intelligence tools, and such products as weather derivatives,
rainbow options and loan forgiveness programmes. Similarly, there is a level of
granularity in new alternative data that has the potential to provide pinpoint insight
into some of these newer global risks. The question is how to leverage it.

Risk managers need to be able to apply this knowledge not only to spot
applications, but to spot them holistically. Once developed, these insights must be
plugged into existing risk frameworks – whether counterparty credit risk, credit
valuation adjustment risk, market and concentration risks, or others – and
recalculated. There is a lot to do.

To that end, banks today pursue data integration projects that require data to be
defined and used across departments. For example, calculation of the expected
credit loss in International Financial Reporting Standard 9 (IFRS 9) for financial
applications is different to the regulatory calculation for Basel III, where the definition
of an exposure varies across risk type.

Another example is cashflow definition. All functions need the same contractual
cashflows and will then alter them with different expectations, while using additional
analytics layers potentially leads to further reconciliations. Therefore, firms need
solutions that can link different vocabularies to each other and derive the correct
regulatory vocabulary from the business vernacular.

Design elements for a new landscape

Banks today are keen to express their capabilities in these new areas, but it’s not
just about new knowledge. It is also about preparedness and, in particular, how their
data infrastructure, governance frameworks and ability to deal with different
languages and code allow them to share and amplify this information across the
institution. The complexity lies in rote processing power, and also ownership: who is
responsible across these data artefacts?

The intersection between risk organisation, technology and data is what allows
certain banks to push the envelope and deploy risk capital more thoughtfully, while
remaining compliant. In 2020, we have seen windfalls in the regions of billions of
dollars for those who could get ahead, as well as losses in the hundreds of millions
for those left behind.

Achieving this new level of enquiry, understanding and scrutiny puts fresh demands
on technology foundation: the data management platforms whose design will
ultimately determine success or failure. Unlike regulations, there isn’t a point
solution for climate change or pandemic risk management. Firms must get creative
and, in the first instance, prioritise key objectives. These include:

Establishing procedures to capture data flows throughout risk model construction

and calculations
Being able to adjust and port balance sheet-level models and analytics
Creating an institutional language around this new data that can translate across
desks, and beyond to industry and regulatory bodies.

Snapshots in time
The first of these is a data integrity question. More exotic inputs into risk data
computation inevitably mean there will be more data volume, data frequency and
data iteration. As processes mature, risk managers must be able to provide accurate
insight – whether to their board, their CRO, traders or regulators – with respect to
the decision tree and data lineage behind every output. Timing, sourcing and
incorporation of data throughout model construction and calculations must all be
captured without intervention.

This documentation sounds straightforward, but to ask CROs is quite the opposite.
The problem stems from pre-2020 issues with risk management infrastructure and
process integration across the enterprise. Without it, firms will be in the dark. How or
whether internal risk tolerances are affected by new risk variables, as well as the
end-reporting snapshot required by regulators, will remain too slow in developing to
be able to act on fresh information.

Conscious decision-making
Second, banks will be concerned with contextualising new risks within their own
balance sheet optimisation activities. They will deploy more advanced analytical
tools to project macro-level threats onto local isolated situations, and much of this
will be dispersed across individual desks. These analytics will then be compared
against the risk appetite set at an overall balance sheet level, so these must be
shareable and actionable.

But the next natural question is tougher: just what is that internal risk appetite?
Creating this linkage is a challenge when contractual cashflow modelling for the
balance sheet can vary by desk, or by the flavour of regulation governing that desk.
What’s more, the points of emphasis can shift within the enterprise over time.

Banks of all sizes are realigning their businesses today, with increased focus on
certain risks and markets. As they do, they are seeking to define priorities that allow
them to remain compliant but flexible, and maximising what they do best. For
instance, smaller and regional institutions may emphasise credit risk and leave
funding and market risk to their larger partners. But every firm wants this level of
dexterity, and technology that helps them make conscious, risk-informed decisions
about where they are taking their business.

What is required to solve these issues is a flexible base: automated reconciliation

that allows certain elements to be ported around different risk capabilities, providing
predictable intermediate steps in data processing and scenario analysis without
additional reconciliation cycles.

Building expertise through common language

Finally, firms must aim to develop greater understanding of these new risk vectors
via translation between business and regulatory vocabularies. A holistic enterprise-
wide risk-management process has been tricky to achieve in the past, and CROs
often point out that the level of first-hand crisis experience across their companies
has thinned over time. Ideas about new global risks such as pandemics or climate
change may bring actuarial science, computational techniques and uncertainties
that only specific clusters within the organisation – or the world, for that matter – can
understand. The further we project into the unknown, the more collective expertise is
required.

Therefore, risk management data platforms must be designed to facilitate this

collaboration among internal experts and external observers too. They are not just a
place to store or process risk data, but a tool to make new risks more relevant to a
greater audience.

All on the table

Not unlike the pandemic itself, there is and will continue to be a wide disparity of
outcomes on the basis of belief in data, allocation of resources and imagination.

The bigger test coming out of this period will be how prepared institutions are for the
next major event to rock the markets, or a particular corner of the markets to which
some may have overweight exposure. It will be imperative for firms to examine
these new exposures with precision, port their findings into an enterprise risk
framework that can then disseminate that information, evaluate it holistically,
achieving a transparent and overarching view of their risk profile and, ultimately,
make prudent choices about how it can guide their business.

If 2020 has taught us anything, it is that all eventualities are now on the table.
Enterprise-wide risk management frameworks must evolve to embrace them.

To learn more
Find
Find
Find out
out
out how
how
how Wolters
Wolters
Wolters Kluwer’s
Kluwer’s
Kluwer’s OneSumX
OneSumX
OneSumX FRR
FRR
FRR solution
solution
solution suite
suite
suite is
is
is helping
helping
helping
banks
banks
banks unify
unify
unify and
and
and optimise
optimise
optimise their
their
their risk
risk
risk management
management
management processes
processes
processes

Sponsor content

Sponsor content About

Find out how Wolters Kluwer’s OneSumX FRR solution suite is helping
banks unify and optimise their risk management processes

Approaching the end- Stress‐testing under What buy-side risk FRTB implementation –
game – What’s left for Covid‐19 professionals can learn Covid-19 and Libor
completing Libor from the Covid‐19 crisis pressure
transition?

About us Contact us Advertising Help Centre Terms and conditions Privacy policy

California Privacy Rights – Do not sell my information

© Infopro Digital Risk (IP) Limited (2020). All rights reserved. Published by Infopro Digital Services Limited, 133
Houndsditch, London, EC3A 7BX. Companies are registered in England and Wales with company registration
numbers 09232733 & 04699701.

Best Digital B2B Publishing Company