Risk Management
Evolutionary Strides for Operational Risk Management | CROs Share Lessons Learned | Uneven Risk Management Progress in Asia | The Changing Face of Security | Learning to Share: Big Obstacles for ERM
Evolutionary Strides for Operational Risk Management
July 14, 2008
Operational risk, historically viewed as a lower priority than credit and market risk, was a focal point of the Securities Industry & Financial Markets Association's recent risk management conference. Though experts agreed that operational risk failures played a key role in the subprime mortgage crisis and subsequent credit meltdown, there was less unanimity on steps securities firms can take to mitigate systemic risk and prevent a repeat performance.
"Everybody is looking for practical ways to show the importance of operational risk," said Philippa Girling, an attorney with Montclair, N.J.-based Garrity Graham Murphy Garofalo & Flinn who moderated an op risk panel at the New York conference.
Thomas Mattox, managing director and global head of operational risk at Goldman Sachs, said his firm has changed its approach to op risk. "We were focused on mechanics," he said. "There has clearly been a shift. ... We place increasing reliance on the scenario-analysis process, which engages executives in a discussion of what could go wrong." Still, he added, "this is a process that is very much evolving. Op risk as a discipline is not as mature as market risk or credit risk."
In its early days, operational risk "was confused with operations, and a lot of the focus was on process control," noted Guenther Moeller, director of op risk management at brokerage BMO Nesbitt Burns in Toronto. "I would rather have a high-level risk assessment with the top risk officials, not middle management. We are having a higher-level discussion, but I do not think we have embedded op risk into our decisionmaking structures."
One area ripe for change is the product-approval process, according to Edward Hida, New York-based partner in Deloitte & Touche's regulatory and capital markets practice. Hida, speaking on another panel, said that firms should "think more broadly about contingent scenarios as part of the approval process," along with periodic reviews. "Look at transactions to make sure they are performing as expected," he said. "The idea is to get out in front of risk management with the business units."
Panelist John McDermott, SVP and global head of compliance at Merrill Lynch & Co., said there is often "product creep--as conditions change, that product changes over time. There should be a discipline for reviews beyond a six- and nine-month time horizon. If a product is successful, one of the key lessons is that in many cases it [has] an underlying potential for weakness."
Once a firm has an op risk framework in place, Vincent Walsh, managing director of KPMG's risk advisory services practice in New York, points to fixed-income price verification, risk management governance, model validation and rogue trader assessment, as well as product approval processes, as important areas of focus. "Firms are still developing a comprehensive and firm-wide approach to new-product approval," said Walsh.
Walsh cited as a positive development for op risk the June 9 agreement between 17 leading broker-dealers and the Federal Reserve Bank of New York to mitigate systemic risk via improved infrastructure. The firms plan to establish a central clearinghouse for credit default swaps, reduce outstanding contracts via bilateral and multilateral netting, incorporate protocols for managing defaults into contracts and achieve greater trading and settlement automation. According to Walsh, the pact will result in reduced net settlement requirements and counterparty credit exposure, as well as improved regulatory transparency.
