Data strategies for risk management

Effective Data Strategies for Risk Management

2© Hexaware Technologies. All rights reserved.

Top Nine Risks An FI Fears

Risk Types Definition

Market Risk Change in financial markets affects value of a portfolio/firm

Credit Risk Change in the credit worthiness of a borrower affects the value of a loan/portfolio

Counterparty Risk Counterparty may fail to honor a commitment to make payments

Liquidity Risk Inability to raise cash, or risk of not being able to execute a transaction at prevailing prices

Operational Risk Risks arising out of inadequate systems, management failure, human error, fraud, etc.

Legal/Regulatory Risk Impact due to changes in legal or compliance burdens

Business Risk Risks due to randomness or uncertainty of product demand, prices, etc.

Strategic Risk Risk of investments that has high uncertainty of financial success

Reputation Risk Risks arising out of rumors, scandals, or true corporate mismanagement that results in loss of reputation

Treatment in Banks Today

Treatment in Banks in the Future

Risks are treated in “SILOS” Integration of related risks through ERM


COSO’s Framework For Enterprise-wide Risk Management (ERM)

Components/Layers Brief Review of the components

Internal environment Organization’s philosophy for managing risk (risk appetite and tolerance, values, etc.)

Objective setting Identify specific goals that may be influenced by risk events

Event identification Recognize internal or external events that affect the goals

Risk assessment Consider the probability of an event and its impact on organizational goals

Risk response Determine the organization’s responses to risk events such as avoiding, accepting, reducing, or sharing

Control activities Activities to focus on operational aspects to ensure effective execution of the risk response

Information and communication

Inform stakeholders of relevant information

Monitoring Continuously evaluate the risk management processes


How Has ERM Progressed?

Surveys referred to:

Treasury and Risk ERM Survey 2008 and 2010, symbolically signify before and after the crisis

An independent survey by a leading consulting firm in 2010 to identify trends in ERM

For brevity purpose, we have chosen relevant questions and responses from the surveys


Survey Results - I

• Companies seem to have their objectives/risk appetite and tolerance clearly articulated more in 2010 than 2008

• Companies seem to have integrated risk management with their strategic planning process more in 2010 than 2008

2008 2010

Question: To what extent do you agree or disagree with the following statements regarding ERM?

Source: 2008 and 2010 Treasury and Risk ERM Survey

Take Away


Survey Results - II

• Companies seem to be moving away from defensive risk management practice to more pro-active risk management with more of them citing business value enhancement, decreased volatility in earnings, gaining competitive advantage amongst others as their prime driving forces

Question: How important are each of the following in driving improvements in your company’s risk management programs or initiatives?

2008 2010


Take Away


Survey Results - III

• Technology in 2010 has enabled more companies in their risk identification, analysis, quantification, reporting and monitoring than in 2008. But , if not designed, implemented and managed correctly, the technology used to measure risk will itself pose a major operational risk!!!

• Finally, ERM was said to have more room for improvement in 2008 and is definitely seen in positive light now despite a long recessionary period.

Question: To what extent is technology used to enable the following elements of the risk management process?

2008 2010

Take-away:



After the crisis, what does the Industry believe about ERM?

Improved Cash flows,Reduced hedging or insurance costsReduced Capital costsImproved Investments or avoided lossesImproved reputation

Data Acquisition CostsInfrastructure CostsHuman Resources CostsOverall ERM Implementation costs


Extracts from an independent survey from 2010

For a successful ERM Program, the following attributes were recognized to be critical:

• Board level commitment to ERM is critical for successful decision making and for driving value.

• A dedicative executive in a senior level position who drives and facilitates the ERM process

• An ERM culture that encourages full engagement and accountability at all levels of the organization

• Engagement of all stakeholders in risk management strategy development and policy setting

• Transparency of risk communication

• Integration of financial and operational risk information into decision making

• Use of sophisticated quantification methods to understand risk

• Identification of new and emerging risk from internal data as well as from information from external providers

• A move from risk avoidance and mitigation to leveraging risk and risk management options to extract value

Source: Global Enterprise Risk Management Survey, 2010, AON Analytics


What do experts say?

• “Objective of implementing an ERM is to have a unified platform that operates in a standard

framework for risk management that covers all leading financial risks such as market, credit, liquidity

and operational risk”

• “In the past, banks have done the business and then went about measuring risk; now, it is necessary

to measure risk and use the knowledge to do the business.”


Sources and users of Data in an FI

External ReportingInternal Reporting

Budgeting & Control

Customer & Product

Profitability Basel II/IIIInvestor Relations

Economic Capital

Business Calculators

FTPBudget & Forecast

Ops RiskCreditALM Market

Integrated Risk Engines

FED SEC OTS FDICT&FBOAR

DALCO CRMPCUsers

Sources

DATA

Guarantor

MarketCollatera

lContractREF

Customer

External Website

sGL

In-House

Product Rating

DATA

TO

IN

FO

RM

ATIO

N


Typical Pain Points – A Business User’s perspective

The data I get is not the latest Latency

Issue

I cannot substantiate

how a number is generated

Substantiation Issue

The data I have is not

self-sufficient

Access Issue

I have no idea who is consuming what data

Uncontrolled Proliferation

Issue

I get different

answers for the same question

Inconsistent Data


Primary Attributes of Quality Data

Accurate

Fit For UseDATA

Timely

Complete


Data Quality Process

Profile

Cleanse

IntegrateDeliver

Monitor & Report


Data management approach for effective Risk management

Ownership of data problems

Combination of top- down and

bottom-up approach

Data availability in various

source systems - risk, finance

Defining Target State

Establish data governance framework

Pillar II, Basel III, liquidity risk and

stress testing

Data classification

issues

Identifying periodicity,

latency issues and data flow

Data standards/ definition/Metadata

Impact of non-availability of

data

Identifying appropriate data sources/owners

of data

Design of data architecture

Policies, processes and

standards

Data quality assessment

Data Gaps, reconciliation

Roadmap for implementation

Organization Structure

Data Requirement

s

Sourcing of Data

Pre-cursor to Implementatio

n

Methodology

Data Governan

ce


Data Quality Solution

A combination of Business Processes/Methodology and Data Quality Tools

Multiple Customer

Information Stores

• Identify data sources • Identify data source

champions• Profile data sources• Identify Golden Source for

each information domain• Pick relevant attributes from

other available sources• Incorporate Data Quality

checks• Set up feedback systems for

review of rejected data

Multiple GL Systems

Collateral /Limit Management

Systems

Data Warehous

e

Risk & Reporting Engines

• Reconciliation Process

• Identify mismatches

• Feedback • Resolve

Transaction Systems

Multiple Product Information Stores

Multiple Issue Rating Systems

17© Hexaware Technologies. All rights reserved. www.hexaware.com

© 2009 Hexaware Technologies Limited. All rights reserved. For internal circulation only. Neither this publication nor any part of it may be reproduced, stored in a retrieval system or transmitted in any form or in any means, electronic, mechanical, photocopying, recording or otherwise, without prior permission of Hexaware Technologies Limited. Published by Corporate Marketing & Communications

Thank You

Data strategies for risk management

Business

Transcript of Data strategies for risk management