A Seat at the Table for Risk Managers: Risk Management's Future Looks Bright after Lessons Are Learned from the Economic Crisis
McLaughlin, Kevin, The RMA Journal
ECONOMIC CALAMITY HAS led banks and other organizations to take a hard look at risk when making business decisions. That bodes well for risk specialists, said participants in a recent panel discussion on the future of risk management. The panel spoke to bankers at the March meeting of the RMA New York Chapter.
"We are seeing interest in improving risk dialogue," said Hank Prybylski, head of Ernst & Young's Global Financial Services Risk Management practice. "A lot of firms are looking to build up their risk organizations and have the right balance between risk management and business-line activities."
The interest goes beyond banks, Prybylski added. "We're getting calls from hedge funds, asset managers, sovereign wealth funds, private equity funds, energy companies, and pension funds," he reported.
Does Risk Management Have a Seat at the Table?
Panelists discussed the role risk management should play in corporate governance.
"There are three groups in a business, and they should be mutually reinforcing," said Prybylski. "There are business people who take risks and need to identify risk as it emerges. There are governance groups that set strategy and set risk appetite. And there are control groups that monitor and report on activities and the balance between risk and reward. The question is, does risk have a strong seat at the table on key business decisions?"
Some firms had risk groups that were too independent of the business line and others that were too close to the business line, Prybylski added. "You need to find the right mix, but you've got a problem if your risk function doesn't have independence in evaluating major business decisions," he said.
Adam Gilbert, a managing director at JPMorgan Chase, said business-line and risk staff have mutual obligations. "The business people need to ensure that the risk people are key partners and have a seat at the table. That tone starts at the top. At the same time, the risk staff has an obligation to understand the business. They need to add value to risk/return decision making," he said.
Gilbert cited a JPMorgan Chase risk manager who marketed a line of business before becoming a risk manager. "He understands the business top to bottom, so he has tremendous value to the head of the business," Gilbert noted. "He can connect the changing risk characteristics of the portfolio directly to the decisions they're making."
Again citing JPMorgan Chase, Gilbert described how the firm approaches risk: "Senior-level involvement in risk governance is paramount. Risk issues are discussed at monthly business reviews. Senior management, including the chairman and CEO, engage directly the CEOs of the lines of business. They're held accountable not only for their financial performance but for their risk performance. It's viewed in an integrated fashion."
Speaking of enterprise risk management as a counterweight to using a "silos" approach to evaluating risk, Gilbert said, "Look back over the events of the past 18 months or two years and think about the connections people might not have been making. If they had been making those connections, we could have avoided some of the problems we're facing.
"For example, did we fully appreciate that the underwriting performance in mortgage banking would lead to the direct connection between credit and market risk in a way that posed solvency challenges for firms? Did we connect well enough how funding liquidity and asset liquidity were so intertwined and that firms' market values would be severely impacted by that relationship?
"To the extent that an organization has silos and doesn't have processes to bring those connections together through risk-related and finance-related information, and through governance processes that will force the connections to be made, you could be in trouble," he said.
"It's incumbent upon all of us to make the connections to the various risk attributes that come out of our portfolios and activities."
Transparency is a key to good risk management governance, noted Prybylski. "If a trade looks great from a regulatory capital perspective but makes no economic sense, or if it has tons of go-go P&L but we don't understand the risk profile because it's a new business, a good governance structure will get that on the table for decision makers to have a conversation about it," he said.
Brian Peters, a senior vice president in charge of risk management at the Federal Reserve Bank of New York, challenged banks for failing to adhere to the sound risk management practices described by Prybylski and Gilbert.
"As an industry, you failed on all of those points. You focused on the measurable at the expense of the important. You spent a lot of time measuring risks to one quarter's worth of earnings and missed the big picture of tail risks that were going to blow up the entire firm," Peters said. "Too many firms allowed their risk takers to operate in silos. I remember one firm that had a risk committee but nobody ever showed up to talk to each other. How are you having cross-firm communication when nobody is bothering to show up and nobody is enforcing it?
"Many firms failed to have proper incentives or constraints in place," Peters added. "Clearly, the compensation incentive as currently structured contributed to people optimizing on the wrong things for short-term gain. You have to create incentives for people to have a longer view of the firm, to optimize not just the return side of risk-adjusted return but also to minimize the risk and create value that way.
"In my experience, the firms that failed overemphasized the return. The firms that succeeded put equal weights on return and risk. You can manage risk in a risk-adjusted return framework by either improving return per dollar of risk or reducing risk per dollar of return. The good firms knew how to make those trade-offs; the bad firms didn't."
Gilbert said a risk manager needs courage to sometimes say no to deals. "That's very hard to do in the face of star performers, sexy returns, and high stock prices. You get a few quarters of knocking the ball out of the park, but you need to maintain a through-the-cycle view. If you don't have the guts to do that, you won't be around when the bad times come."
The Importance of Good Data
Panelists discussed the importance of gathering reliable data to make good decisions.
"You can have the best governance framework in the world, but if you don't have timely, accurate, and complete information that pulls together financial, accounting, and risk considerations, the decision makers won't make very good decisions," said Gilbert.
Peters defended models against critics who said they failed to predict the looming financial crisis. "People who say the models are broken are just wrong. If you can't measure it, you'll never manage it. Models help us make sense of a complex world, but they have limitations.
"Good risk managers employ a suite of tools," Peters added. "They know the limitations of those tools, what they can tell them and what they can't tell them. But at the end of the day, humans make the decisions, using the tools for guidance." Stress tests are one tool risk managers can use, but a failure to accept worst-case scenarios leading up to the crisis hindered their usefulness, Prybylski said.
"Several CROs have come to me and said, 'If two years ago I had put a 20% drop in the housing price index into my stress test, I would have been thrown out of the room, whether I thought it was plausible or implausible. There would have been no basis for a conversation.'" Prybylski said.
"Also, stress tests were applied on a risk silo basis. We had our market risk stress tests, we had our credit risk stress test, we had an operational risk stress test. They were added together, summarized, correlated, and that was the aggregate firm-wide stress test. In the end, it failed to identify all the risks across silos," he said.
Gilbert said the stress testing conducted by the federal government improves on the silo mentality. "What's virtuous about the current stress-testing program is that it's breaking people out of those silos and forcing an integrated firm-wide view that I don't think was happening at a lot of firms before.
"Regardless of what comes out the other end of the stress test for specific institutions, the lasting effect will be a framework for thinking about firm-wide stress tests," he said.
Prybylski suggested that stress testing needs to move toward a simulation-based approach. "Maybe a war games approach to get business leaders to really think through the interconnectedness of events--what happens to a firm, what happens to the economy, what happens to a region, what happens to the markets, to really understand this at a higher level, because it's almost impossible to think through all these connections without playing it out in a simulated environment."
Kevin McLaughlin is senior writer and contributing editor for The RMA Journal. Contact him by e-mail at firstname.lastname@example.org.…
Questia, a part of Gale, Cengage Learning. www.questia.com
Publication information: Article title: A Seat at the Table for Risk Managers: Risk Management's Future Looks Bright after Lessons Are Learned from the Economic Crisis. Contributors: McLaughlin, Kevin - Author. Magazine title: The RMA Journal. Volume: 91. Issue: 9 Publication date: June 2009. Page number: 24+. © 2007 The Risk Management Association. COPYRIGHT 2009 Gale Group.
This material is protected by copyright and, with the exception of fair use, may not be further copied, distributed or transmitted in any form or by any means.