Abstract
Risk management has again taken center stage in the world of finance. Greater regulation, increasingly inter-connected markets, and new sources of volatility leave the door open for an unprecedented level of risk, the sources of which are as varied as they are numerous. At the same time, financial services institutions must continue to innovate and grow. This necessitates an entirely new paradigm in risk management—spanning the entire enterprise in its vision, powered by new ideas in action, and underpinned by technological interventions in execution.
A New Risk Outlook for the New Normal
Early and provident fear is the mother of safety - Edmund Burke
The financial debacle, which the world endured beginning early 2008, has largely been attributed to the increasing de-regulation that the banking and financial services industry witnessed from the 1980s onwards. After the frequent financial crisis of the global markets, and the state of the American economy in the early decades of the last century, several stringent regulatory measures were imposed. This brought more control to the functioning of financial institutions by reducing their ability to take undue risks that could put the whole economy in peril. However, after half a century had passed with no major crises, the rules were relaxed only to cause the latest global economic meltdown. To a large extent, we are still suffering the consequences of the excesses of the previous decade. The North American economy continues to remain fragile and the European debt crisis shows no sign of abating anytime soon.
Not surprisingly, much more stringent regulations are back in place. Risk management has again taken center stage in the world of finance. The volatility and growing complexity in the financial services industry has made it necessary for regulatory bodies to impose compliance regulation on capital, liquidity, and operations. The impact on revenues is quite significant. This, in turn, has compelled senior management to get directly involved in setting up a robust risk management function that will deal with systemic reforms, cost controls, reputational risks, regulatory compliances, and credit risks. The key then, is to look at this challenge as a path to sustainable success, backed by an enterprise-wide risk strategy, which enables institutions to stay on top of compliance while enabling a growth-driven enterprise.
Staying Ahead of the Risk Curve
The lack of speed and agility to assess various risk exposures is a key reason behind why banks and financial institutions were unable to manage the volatility in market conditions. Factors like the inability to quickly assess and analyze the risk-reward ratio and calculate fund value on demand resulted in management taking uninformed decisions and even losing out on new opportunities
Today’s volatile market environment, however, demands agility and adaptability—the lack of which may result in missed revenue opportunities. For instance, calculating the mark-to-market value of financial instruments held by the firm, requires informed planning to ensure that a fair value is calculated during a distress sale or forced liquidation, or in cases where enough price inputs are not available, the estimations are based on a scientific assessment of the value. The lack of such planning could result in liquidity constraints and even increased counter-party risks during negative market upheavals. In a worst case scenario, this lack of foresight can even translate into regulatory violations and avoidable events.
A Reminder of What is at Stake
The cost of recent regulations, combined with continued low interest rates, could reduce retail bank revenues by 30 to 50 percent - BAI Executive Report
The technology needed to manage risk and regulation will chew-up 15 percent of IT investments. Financial services companies will struggle to find the optimal channel mix to deliver value to clients - Industry analysts
The total bank write-downs in the last financial meltdown due to the lack of comprehensive risk management could exceed a shocking $2 trillion - International Monetary Fund (IMF)
Taming the Multi-headed Risk Hydra
Risks are an inherent part of the business. Banks and financial institutions face several types of risks due to the uncertainties associated with market dynamics. For instance, the institution could be facing financial risks such as credit, capital or a liquidity crisis. Increased regulatory oversight poses risks of huge fines and penalties, as financial institutes take regular risk-based decisions that could lead to non-compliance if the organization has not enabled a risk intelligent culture throughout the firm.
There are also risks that could arise from fluctuations in the market. In addition to this, there are several risks that could be of a non-financial nature—money laundering, operational, or reputational. Risks could also arise due to reliance on legacy technology, a lack of a homogeneous application landscape or integrated platform, and/or compliance or network security breaches among others. Any impact in one area could have a cascading effect that soon engulfs the other areas. The objective of risk management is to analyze these risks and manage them effectively in order to ensure a profitable trade-off. In this section, we present a detailed look at the various areas that pose significant risks to banks and financial institutions.
Enterprise Risk at a Glance
Loan or Credit Risk
Lending is one of the central functions of a financial institution. It is a key revenue mechanism but also poses one of the biggest areas of risk. Effective measurement and management of credit risk is therefore an integral part of risk management. The objective is to minimize potential risks and maximize returns for the firm. The value of any collateral that has been pledged by the borrower needs to be evaluated on a regular basis to ascertain whether the loan risk versus collateral value is in the bank’s best interest. Additionally, credit quality also needs to be monitored and proactive actions taken in case of any signs of deterioration.
Unexpected Events and Capital Inadequacy
Risks can arise from both expected as well as unexpected events. Right from 1998, when Basel I was first framed for the supervision of international banking, to Basel II that brought more control to how banks and financial institutions aligned capital markets with risks, to the more recent Basel III that has suggested regulatory standards for ensuring capital adequacy and adequate liquidity, the industry has been moving towards a state where such risks are minimized. Expected risks can be considered and factored into product pricing. Financial institutions, however, need to have enough reserve capital to manage any unexpected events that may affect functioning. During upward trends in the market, institutions need to plan effectively, and reserve capital to manage any adverse events that may pose a threat to capital. Not doing so could result in regulatory violations. This necessitates a plan to manage crisis situations and a system to monitor and assess the plan at regular intervals.
Market Risk
The market volatility we witnessed over the past few years will not be easily forgotten for a long time. The impact of a regional issue, i.e., the subprime debacle in the US, on the global financial sector and the rapid rate at which it engulfed and devastated economies that were in seemingly good health, indicates the risks these markets can pose to businesses. The credit or liquidity position of a bank or financial institution can be adversely affected by factors such as interest rate changes, inflation, currency rate fluctuations, or even stock market movements. A risk management system can provide a framework to continuously measure, monitor, and manage the various elements that can pose a risk to the bank in case of a change in any key factor that could have an adverse impact.
Liquidity Risk
Correctly estimating liquidity is critical to effective risk management. In times of trouble, customers can withdraw cash or liquidate equity and commodity positions. Contractual obligations could however impose restrictions on institutions from calling in credits or loans before the contracted period. This necessitates maintaining liquidity to cover unexpected withdrawals. Risk managers also need to take into account delays in receivables or potential bad debts. A mechanism that monitors the performance of assets and deterioration in credit quality is necessary to take required action to offset such possibilities.
Operational Risk
Manual processes could result in human errors creeping into the system. Fraud or failure of internal governance and control mechanisms are other factors that constitute operational risks. External events such as natural disasters or even terrorist attacks can pose grave risks. In the recent past, there has been an increase in such adverse events across the globe. This calls for systems that enable automation where possible, standardization of processes, implementation of various frameworks, and preparing contingency plans for all sorts of possibilities. Internal governance and safeguard mechanisms need to be put in place. Regulatory bodies have mandated various measures to counter such risks, and these requirements need to be adhered to.
Regulatory Risk
Non-adherence to compliance requirements could result in significant penalties. This necessitates better governance mechanisms and systemic upgrades to reduce the risks posed by unintentional violations
Technological Risk
Technological advancements have increased client expectations, and competitive pressures necessitate staying on top of all client-oriented technological trends. Technology also is integral to the basic functioning of the bank. As such, this sector has traditionally been the early adopter of technological innovations. However, this also brings with it various risks such as downtime, network perimeter breach, technological obsolescence, and an increase in complexities. This needs to be countered by robust enterprise security solutions and a global security operations center to monitor risk.
Reputational Risk
The erosion of trust in the institution can even lead to bankruptcy. This can happen irrespective of the fact that charges levied may even be proven as false. Reputational risk can, in turn, impact liquidity by encouraging deposit withdrawals, and loss of clients and new business, and thereby, considerably shrink shareholder value. Hence, the risk management policy should take into account potential sources of reputational risk to which the institutions are exposed.
Bridging the Gap between Strategy and Technology
Partnering with a third-party service provider with vast experience and expertise in providing risk management services to banks and financial institutions across segments can help accelerate organizational readiness to tackle risks. For those who already have a risk management infrastructure in place, an external view will enable the identification of potential gaps they may have missed.
Technology is a critical component of any risk management initiative. It reduces time-to-market considerably, increases operational efficiency, enables quick detection of high-risk accounts, identifies potential loss making scenarios, and enables executive management to hedge the risk. Technology also plays a crucial role in ensuring regulatory compliance and enabling regulatory reporting. It provides tools to evaluate liquidity risk regularly and thereby enables the bank or financial institution to make informed funding decisions that can mitigate risks or capture short-term opportunities.
Business intelligence tools can help quickly identify new opportunities while newer data assessment technologies can provide deep insights that can impact current and future profitability. For instance, risk management tools can help financial institutions make the best possible decisions for their clients using analytical tools across data sources. Integrating data sources can enable the institution to seamlessly analyze credit and liquidity risks, and even keep a check on potential market risks. Unified dashboards can enable senior management to understand overall risk exposure and take proactive measures to keep it under manageable limits. The possibilities are many, but adopting the technology measures that are relevant to the enterprise is what matters the most.
Placing Technology at the Heart of Risk Management
Implementation of risk controls is not only a compliance mandate. Effective risk management can also have significant impact on a bank or financial institution’s future profitability and long-term growth. Technology can play a critical role in helping financial institutions manage these risks effectively, and there are varied solutions that can be put in place by partnering with an accomplished third-party IT service provider. For example, implementing analytics tools to identify deterioration in credit quality, which triggers proactive measures to restructure or refinance risky loans before they turn into non-performing assets.
However, technology is not an isolated barrier against potential risks. It needs to be a part of the organization’s larger integrated risk management strategy. Areas such as reporting and forecasting should be improved. A strong governance framework should be adopted. Internal control processes should be implemented along with supporting technology systems to enable proactive risk management and mitigation, so financial institutions can confidently sail ahead to their next wave of growth without running into icebergs.
Related reads.
About Coforge.
We are a global digital services and solutions provider, who leverage emerging technologies and deep domain expertise to deliver real-world business impact for our clients. A focus on very select industries, a detailed understanding of the underlying processes of those industries, and partnerships with leading platforms provide us with a distinct perspective. We lead with our product engineering approach and leverage Cloud, Data, Integration, and Automation technologies to transform client businesses into intelligent, high-growth enterprises. Our proprietary platforms power critical business processes across our core verticals. We are located in 23 countries with 30 delivery centers across nine countries.