RISK EMEA 2016 – Day 2
27th May 2016
Author: James Phillips, Regulatory Strategy Director, Lombard Risk
Although Risk EMEA conference Day One was very interesting, Day Two seemed to be equally thought-provoking. Again I was stream Chair, Banking Risk and Regulatory Developments, clearly covering important themes including the onset of IFRR9, on which I will expand in detail later.
Similar to the first day, the breadth of subjects covered was astonishing and a true testimony to the array of risks which today’s Chief Risk Officer has to contend with. Naturally a short conference can never provide any depth on the breadth.
So, on a theme opened by the CRO Plenary, we can reflect on their struggle to “keep the focus, given the breadth”. It was interesting to hear the role of the CRO as a “future teller”. Not sure why, but at this point I envisioned a fortune teller; fortune teller’s outcomes are not always about your future happiness, but about disasters that will befall you. Unlike the fortune teller who may tell you that you will experience some disaster, the CRO has to tell his bank that they may experience that disaster. To manage this, a certain firm had in place staffing for an “entire industry” looking at regulation. Firms have a major challenge with multiple jurisdictions and multiple regulators in each of those. We heard about three steps in the “industry”:
a) Capture changes that can impact the firm
b) Analyse those changes
c) Implement changes arising
Simple, then: Capture, Analyse, Implement. Of course, these are massive tasks, and are exacerbated because incoming regulation is a delta on the regulations which firms are already dealing with. The main risk in this approach is that the CRO has to be certain of the sweep’s breadth to know that capture is effective, without important regulation not making the in-tray.
Lombard Risk provides a host of Impact Analysis work; these are the components to help any bank consider the capture and analysis stages without leaving regulation behind, while providing these insights. We consider Who is impacted, What, Why, Where, When and How. The How of course may involve some or our solutions or services, for implementation, but that is why we are here as our regulatory automation clients will attest.
Regarding implementation, the CRO Plenary also picked on the obvious problem of data, and data quality in particular. However hard BCBS239 has already pressed these buttons, firms still have to contend with data issues. I heard some interesting case stories around expenditure on risk reporting systems to achieve BCBS239 compliance where “90% of many millions spent being on anything to do with data, and only about 10% on risk calculations themselves”. One can only imagine how much this CRO’s view on the organisation improved!
Another big topic was around the embedding of risk as a culture. “The Tone at the Top, the Mood in the Middle, and the Behaviour at the Bottom”; this was a CRO’s reference to the entrenchment of risk management as a culture at all levels. I would suggest the Senior Managers’ Regime being the means of focusing Tone; we heard, from delegates, that CROs have been better able to gain CEO attention under such regime, and in fact the better alignment of the CRO and CEO roles is potentially emerging as a clear impact of SMR.
My stream covered IFRS9 amongst other items. Firms need to be mindful of the decisioning importance risk management will have, as accounting for expected losses around credit risk is specifically addressed under IRFS9. This will have great impact on FINREP, definitions, as well as other reporting; currently Lombard Risk is addressing all of these challenges. Firms should be well into preparation for parallel.
Another great theme was how to keep the board informed about risk. Under SMR they have to be, but the board is unable to read thousands of pages of regulation or drill into too many numbers to verify them. Some insights to consider:
a) Enhance role NEDs have in ensuring the process whereby board dashboards are prepared is correct. If the process is good then the risk capture may be safe.
b) Query the Green items on a RAG status and not just the Red and Amber: outliers are outliers, but items that don’t break tolerances or which might be trending that way, may be better beneficiaries of senior time.
Finally which are the key risks faced by firms? Top of the reported list is Regulatory Compliance, followed by staff conduct and technology breakdown. Lombard Risk’s Regulatory Compliance solutions, enable clients in the financial services industry to significantly improve their approach to managing risk. Contact us for more information!