the journal - PwC · PDF filebe crucial’ argues Ron Collard, Luan Fox and Christopher...

Tackling the key issues in banking and capital markets*December 2005

the journal

1

Strategic reputation management – managing reputation risk and value in financial services institutions

Editor’s comments

Fair value and financial instruments – developments and challenges

Management of IT value

Is measurement crucial if people are an organisation’s most critical asset?

Tax risk management

Private banking – competitive challenges ahead

4

2

Page

20

26

52

34

40

Contents

Editor’s comments

2

the journal • Tackling the key issues in banking and capital markets

by Chris Lucas

Welcome to the December 2005 editionof the PricewaterhouseCoopers bankingand capital markets journal. In a foreverevolving and testing environment,banking and capital marketsorganisations are facing increasingpressure from the regulatoryenvironments as well as investors and other stakeholders to succeed. This edition brings together a diverseseries of articles drawing on some of these challenges.

What is the single biggest threat tofinancial services institutions today? The most topical, and arguably the most sensitive is that of reputation riskmanagement. In our first article entitled‘Strategic reputation management’, Carlo di Florio, Fernando de la Mora andDietmar Serbée explore the growingimportance of reputation risk inorganisations and propose a five-stepapproach for institutions to analysereputation risks and manage theirreputation proactively.

With 130 participants from more than 30 countries, the 2005PricewaterhouseCoopers Private Banking/Wealth Management survey highlightedkey global market trends and analysisand looked at the differences betweenthe ways in which participants provideservices to high-net-worth individuals. In their article entitled ‘Private banking –competitive challenges ahead’, Bruce

Weatherill, Rolf Birrer and Justin Ongconsider some of the key issues andthemes affecting the private banking and wealth management market as well as highlighting the issues that private banks and wealth managersshould be considering when assessingtheir business.

Getting tax wrong can bruise acompany’s reputation and shareholdervalue. Continuing the theme of riskmanagement, Sarah Prior, John Mastersand Larry Quimby tackle the increasingly important issue of Tax RiskManagement and discuss why it isbecoming an increasing concern forfinancial services organisations. Thearticle looks at how having a tax strategyis fundamental to an organisation’s riskmanagement framework.

‘If people are an organisation’s mostcritical asset, then measurement has tobe crucial’ argues Ron Collard, Luan Foxand Christopher Box. In our fourtharticle, we aim to explore how increasingregulation and demands from investorsand stakeholders is encouraging financial services organisations toexplore the correlation between effectivepeople management and businessperformance and suggests howinstitutions can use people metrics andhuman capital data to create competitivebusiness advantage.

In ‘Management of IT Value’, MarkLutchen, James Chrispin and PeterBroshuis examine the differentapproaches to placing a value onInformation Technology services andexplore the key drivers for proving thevalue of IT and outline the challengesfacing the valuation of IT’s contribution tothe business as well as highlighting someof the different methods which have beenused in organisations today. The articleasks how financial services institutionsneed to consider the contribution andimpact of IT in a wider business contextand outlines a number of key approacheswhich they should consider to improvethe value of IT to the business.

Fair value can no longer be viewed as a purely technical concept driven solelyby accounting policy departments. In ourfinal article, ‘Fair value and financialinstruments – developments andchanges’, Mark Batten, Doug Summaand Mat Falconer consider the practicalconsequences and challenges of recentdevelopments in fair value accountingand how the focus on the robustness ofthe control environment has led to widerbusiness and control implications withinfinancial services organisations.

I hope you enjoy this edition of thejournal. Please continue to provide uswith feedback particularly topics andissues you would like to see addressedin future editions.

3


Chris LucasChairman, Global Banking & Capital Markets Executive Team

Tel: 44 20 7804 9652Email: [email protected]

4


by Carlo di Florio, Dietmar Serbée and Fernando de la Mora

Strategic reputation management –managing reputation risk and value in financial services institutions

5


Carlo di FlorioDirector, Financial Services, US


Fernando de la MoraDirector, Financial Services, US


Dietmar SerbéeDirector, Financial Services, US


Reputation has been treasured as anasset since time immemorial. Romanmaxims counselled that ‘a goodreputation is more valuable than money’,and Socrates defined reputation as ‘the richest jewel’. Today, reputation risk management is one of the greatestchallenges facing financial institutions.Research by PricewaterhouseCoopersand the Economist Intelligence Unit (EIU)found that leaders of global financialinstitutions perceive reputation risk to be the greatest potential threat to marketvalue1. There is reason for concern:another recent study found that certainoperational risk events with highreputational fallout, such as deceptivesales practices and compliance failures,can result in market capitalisation lossesfar exceeding actual financial losses – upto 12 times the actual loss, as much as a5.5% loss in total return to shareholders2.

Yet institutions’ efforts to effectivelymanage reputation risk are oftenhampered by definitional andmanagement challenges. For one thing,reputation is shaped in the eyes ofindividual stakeholder groups – includingcustomers, investors, employees,suppliers, alliance partners, regulators,enforcement authorities, communities,

and rating agencies – each with its ownset of expectations. Additionally, a clear,widely accepted definition of reputationrisk has yet to emerge, and this lack of a common language within and acrossinstitutions makes it challenging to buildconsensus around the issue at stake and

the actions needed. Furthermore, recentfinancial scandals, governance issuesand compliance failures in the financialindustry suggest that reputation damagecan arise as a devastating secondaryeffect of underlying risk events in anynumber of areas. While accounting,

1Greatestthreat

2Majorthreat

3Minorthreat

4Not athreat

N/a

0 100

Reputational risk

Market risk

Credit risk

Regulatory risk

Business/strategic risk

Operational risk

IT/technology risk

Business continuity risk

Treasury/liquidity planning

Governance risk

Sovereign/political risk

34% 41% 20% 2% 3%

25% 51% 19% 2% 3%

18% 40% 33% 7% 2%

16% 54% 25% 4%1%

14% 57% 24% 2% 3%

13% 40% 37% 7% 3%

13% 37% 43% 3%4%

10% 40% 5%43% 2%

7% 40% 4%46% 3%

7% 23% 16%51% 3%

25% 31% 5%37% 2%

Source: PricewaterhouseCoopers/Economist Intelligence Unit survey, June-July 2004

Please note that totals do not always add up to 100 because of rounding, or because respondents could choose more then one answer.

Figure 1: Which of the following types of risk represent the greatest potentialthreat to your organisation’s overall market value? Please rate each riskbetween 1 and 4, where 1 = Among the greatest threats and 4 = Not a threat.

1 PricewaterhouseCoopers/Economist Intelligence Unit study, ‘Uncertainty Tamed? The Evolution of Risk Management in the Financial Services Industry’ Survey Results 2004.2 Dunnett, Robert S., Levy, Cindy B., Simoes, Anthony P., The Hidden Costs of Operational Risk, McKinsey Study on Finance, Winter 2005.

ethics, sustainability, Basel II and value-at-risk principles are all relevant andimportant inputs to strategic reputationmanagement, each is only onedimension to consider and it is theaggregation and interrelationshipanalysis, the portfolio view, and theapplication of enterprise riskmanagement principles that ensureseffective reputation risk and valuemanagement. Finally, reputation changes dynamically and requires careful management over time. A solid,longstanding well-respected reputation,while no guarantee of survival, may helpa deserving company weather a storm,but a company that has no suchreputational equity can sink quickly when faced with a large, adversereputation event. In short, reputation risk events impact value decisively, and shareholders and markets are particularly unforgiving where theyperceive the event was preventable and the company irresponsible.

Despite these challenges, there is agrowing appreciation among financialinstitutions that an effective reputationrisk management approach mustleverage strong governance, riskmanagement and compliance practices,and can help safeguard the franchiseand turn reputation into a source ofsustainable value creation.

Regulators also recognise that there maybe no more elusive, difficult to manage,and feared risk for financial institutionsthan reputation risk. Not surprisingly,scrutiny and expectations haveheightened, and some regulators areopenly emphasising the importance ofmanaging common sources of reputationrisk, including weak governance andculture, lack of enterprise perspective,conflicts of interest, complex structuredfinancial transactions, money laundering,and sales practices3. While the Basel IIcapital framework does not envision anexplicit capital requirement for reputationrisk, it is likely that a sound frameworkfor managing reputation risk cancontribute positively to regulators’considerations under Pillar 2. Regulatorsdo not look at reputation risk in isolation,but consider it within the broader contextof an institution’s governance, risk andcompliance structures and culture: isthere an environment for sound decision-making that includes effective structuralgovernance and a system of checks andbalances to identify, monitor and controlthe risks to which the organisation issubject? Do the organisation incentivesreinforce that no deal, no sale, no loan,no customer and no profit opportunityare worth compromising the institution’sintegrity and reputation?4

This article proposes five key steps to such a reputation risk management approach:

1. Define reputation risk and segmentkey stakeholder groups, and maptheir expectations. A clear articulationof how the institution definesreputation within the context of itsstakeholder relationships is a crucialstarting point for forming a commonlanguage and consensus around howreputation risk can be managed. In our view reputation has a value that can be measured – andreputation risk is the risk of decreasein an institution’s reputation value.Reputation risk arises when aninstitution’s business conduct doesnot meet the expectations ofstakeholders. It is therefore often, but not exclusively, a secondary effect of underlying, primary riskevents that can occur anywhere in the organisation.

2. Identify and measure the risks withthe greatest impact on reputationvalue, and identify the underlyingdrivers. The objective of this step is to isolate the key events enterprise-wide, which could affect the ability todeliver against reputation objectivesand align the management strategyaround reputation risk drivers.

Strategic reputation management continued…

6


3 Department of the Treasury, Office of the Comptroller of the Currency, Docket No. 04-12, Office of Thift Supervision, No. 2004-27, Federal Reserve System Docket No. OP-1189, Federal Deposit Insurance Corporation, Securities and Exchange Commission Release No. 34-49695, File No. S7-22-04, Interagency Statement on Sound Practices Concerning Complex Structure Finance Activities, May 2004.

4 Remarks by Julie L. Williams, Acting Comptroller of the Currency Before the Conference on Bank Structure and Competition, Federal Reserve Bank of Chicago, Illinois, May 6, 2005 (http://www.occ.treas.gov/ftp/release/2005-1a.pdf).

Reputation risks can then beaggregated into an enterprise view of risk and managed as a portfolio.We believe that measuring reputationvalue is key to understanding theunderlying reputation drivers andmanaging reputation risk. Reputationvalue-at-risk measures can then bedeveloped by estimating volatility of underlying factors that impactreputation.

3. Develop proactive and reactivereputation risk response strategies.This step aims to develop a processthat can be taken to control reputationexposures before they materialise, and to manage reputation fallout afterthe damage is done. This effort shouldseek to leverage, to the greatestextent possible, existing riskmanagement information andinfrastructures. Consider the impact of reputation risk when setting riskappetite strategically.

4. Clearly define roles andresponsibilities for reputation riskmanagement, leveraging existinggovernance and organisationstructures where possible.The objective is to ensure

independence, authority and standing through board and executive management oversight.Through policy setting, reputation risk management principles should be embedded into key businessprocesses, including strategicplanning (e.g. new products, services, M&A), performancemanagement, training, reporting and systems architecture.

5. Take a risk-based approach to reputation risk monitoring.Finally, it is crucial to ensure that the greatest reputation risks are: a) monitored by the business units

through risk self-assessments, for example, Risk and Control Self-Assessment (RCSA);

b) subject to targeted ongoingmonitoring by key control functionsleveraging technology;

c) subject to tailored reputation riskescalation protocols that ensurevisible, high-impact, and uniquetransactions or issues are identified,assessed and mitigated; and

d) priorities in Internal Audit plans,ensuring independent assurance of programme design effectivenessand operating effectiveness.

Some context: reputation offinancial services companiesrelative to market

Reputation indices of financial institutionslag behind those of other industries whenviewed by a number of reputation metricsput forth by different sources analysingglobal data (see Figure 2).

• Fortune’s Most Admired CompaniesList shows US financial services in seventh position after industriessuch as real estate, power, electronicsand equipment, and computers andcommunications5. When analysingfinancial services subsectors, securitiesfirms and mortgage banking obtainlower reputation scores than otherareas such as commercial banks,insurance companies and consumerfinance firms.

• Business Week’s study on The 100 Best Global Brands by Value6

shows brand valuation of financialinstitutions (a major component ofreputation) averaging just 15% of market capitalisation.

7


5 Fortune’s Most Admired Companies ranking is based on Hay Group’s survey among executives, directors, and analysts to rate companies in their own industry on eight criteria, ranking innovation, use of assets, employee talent,management, investment value, social responsibility, financial soundness and products and services.

6 Business Week’s study on The 100 Best Global Brands is prepared in partnership with Interbrand. In the ranking, a dollar value for each brand using publicly available data, projected profits and variables such as market leadership,stability and global reach. Intangible earnings calculations exclude patents and management strength to assess what portions of those earnings are attributable to the brand.


8


0 10 20 30 40 50 60 70 80

Pharmaceuticals

Internet

Diversified

Financial Services

Tobacco

Personal Care

Computer

Consumer Electronics

Entertainment

Beverages

Telecoms

Sporting

Automotive

Luxury

Restaurants

0 5 10 15 20 25 30 35 40

% Positive

% Negative

Q2 2005

Q1 2005

Q4 2004

Q3 2004

Q2 2004

Q1 2004

% %

15%

Reputation* of the US financial services sector is low relative to other industries.

Securities and mortgage banking are the businesses with the lowest reputation* scores.

Brand value** of financial services firms, a major component of their reputation value, also lags relative to other sectors.

Top 5 Industry Average Fortune Reputation Index

Brand Value as % of Market Capitalisation

Historical trends of reputation show a gap between US financial services companies and top players. Delahaye Index***

5.5 6.0 6.5 7.0 7.5

Real Estate and Home

Media and Entertainment

Electronics and Equipment

Stores and Distributors

Natural Resources

Financial Services

Transportation

Computers and Communications

Consumer Products

Power

5.5 6.0 6.5 7.0 7.5

Global

US

Mortgage Services

Securities

Average

Life and Health Insurance

Superregional Banks

Megabanks

Consumer Credit

P&C Insurance

6.94

7.06

16%

14%

35%

21%

26%

20%

31%

18%

32%

25%

30%

30%

6.85

7.00

6.976.95

6.96

6.956.92

6.946.91

6.86

6.82

Figure 2: Financial Services Reputation Analysis

* Note: Reputation measured using Fortune Magazine’s 2005 Most Admired Companies (America and Global). Scores were derived from the average of the top five companies within each industry sector.** Note: Brand value reported in Business Week’s Study ‘The 100 Best Global Brands by Value’ prepared by Interbrand. Brand value as a percentage of market capitalisation was measured based on averages of the reported names by sector.*** Delahaye is an index that analyses positive and negative press coverage affecting company reputations.

Source: PricewaterhouseCooopers

• The Delahaye Index7, which includes21 US financial institutions among its top 100, is based on measures of tone, impact and impression of companies’ media coverage, and shows stable levels of positive news, but increasing negative news impacting the reputation of financial services institutions.

The potential factors that may explainwhy the reputation levels of financialinstitutions lag behind those of otherindustries include the following:

1. Being highly regulated, industries such as the financial services industryreceive high visibility and arevulnerable to regulatory actions thatmay adversely impact their reputationmore than in other industries (e.g. corporate governance crises).

2. Large consolidation efforts over the last three decades, resulting in a melding of different cultures,appears to have caused dilution of brand value, led to managementdistraction/complexity, introducedinconsistent ethical behaviour andcreated customer service disruption.

3. High competition and products andservices commoditisation appears to have led customers to not perceivesignificant differences betweenfinancial service providers.

4. Given the financing nature of productsand services they provide, financialinstitutions are not only exposed totheir own reputation, but also to thereputation of their clients (e.g. Enronand WorldCom).

5. In line with the less active focus on reputation value and brandmanagement relative to otherindustries and more of an emphasison the downside of reputation risk infinancial services, reputation risk hasnot been incorporated into regulatoryrisk management practices in financialservices organisations (e.g. Basel IIand Solvency II).

It is our view that the reputation lag ofthe financial services industry presentssignificant opportunities for themanagement of financial institutions tohave their reputation value recognised. A later section of this article evidencesthat the size of reputation value and itsimpact on shareholder value has

sufficient economic worth to justifyallocating an increased investment of resources dedicated to improvingways of managing reputation value and reputation risk.

Linking reputation andshareholder value

Shareholder value added (SVA) is defined as earnings net of cost ofcapital. SVA is created when capitalspread, the difference between return on economic capital and cost of capital is positive. Value is magnified whenpositive spread is generated throughorganic growth or acquisitions. So, is there a linkage between reputation and SVA?

Figure 3 demonstrates that reputationand price-to-book ratios of financialinstitutions correlate positively. Investorstend to pay a higher premium for shareswith highly regarded reputations8.Investors discount that highly reputablefirms will have a greater ability to meetfuture earnings generation expectations.The relationship between price-to-bookand reputation shows that incrementalchanges in reputation have a proportionalincreasing effect in price-to-book ratios.

9


7 Delahaye gathers news from America's most prominent national news sources. The 2005 Delahaye Index includes analyses of different print and broadcast news items to measure the reputations of the top 100 U.S. companies. Eachcompany’s score is based on how many positive and negative reputation-driving attributes are found within each story. These attributes are classified into five dimensions: stakeholder relations, financial management, products andservices, organisational integrity and organisational strength.

8 Reputation index as measured by Fortune 500 Most Admired Companies study.

That is, big changes in reputation have a very large impact in marketcapitalisation, which are non-proportionalto small changes.

Thus, reputations have an importantfinancial impact in shareholder valuecreation/destruction:

1. High reputations increase investorperception on the company’s ability tomeet future earnings expectations; and

2. High reputations reduce cost ofraising capital (both equity and debt).

Our view is that companies that meet thefollowing three requirements are likely to obtain superior shareholder returns:

1. Companies that are able to evaluatethe degree of linkage between theirreputations and market capitalisation;

2. Companies that understand andmeasure the key drivers of theirreputation and how those factors mayimpact market capitalisation; and

3. Companies that take managementactions to influence reputation drivers both on a proactive basis (pre-emptive actions) as well as on a post-event basis (eventresponse/crisis management).

In fact, several industry studies havedemonstrated that reputation can driveshareholder returns. For instance,Antunovich9 et al found that ‘mostadmired’ shares outperform by 45%shares of ‘least admired’ companies inaverage cumulative five-year returns.


10


9 Antunovich, Laster, Mitnick, ‘Are highly quality firms also high quality investments?’ Current Issues in Economics and Finance, January 2000.

Reputation has a financial impact in key shareholder value drivers.

Investors tend to pay higher premiums for companies with better reputation*.

* Note: Reputation measured using Fortune Magazine’s 2005 America’s Most Admired Companies.

Balance Sheet

TangibleAssets

ShareholdersEquity

MarketPremium

IntangibleAssets

and Goodwill

Financial Impact of Reputation

Market Capitalisation

Price-to-Book

Reputation Index

0

0.5

1.0

1.5

2.0

2.5

3.0

3.5

4.0

3 4 5 6 7 8 9

Figure 3: Linking Reputation to Shareholder Value


1. Reputation may impact the value of externallypurchased intangibles and goodwill booked in the balance sheet.

2. Reputation may impactP/B ratios either thoughthe perception ofdiscounted futureshareholder value added orcost of capital (both costof equity and cost of debt).

Management framework – Five step approach

1. Define reputation risk and stakeholderexpectations.

2. Measure reputation value and identifykey risk drivers.

3. Develop proactive and reactive risk response strategies.

4. Permeate responsibilities forreputation risk managementthroughout the organisation.

5. Take a risk-based approach to monitoring.

Given that reputation can be directlylinked to shareholder value creation,what can financial institutions do to manage their reputations more effectively?

In our view, a starting point for effectivereputation management is the recognitionthat institutions cannot rely solely ontheir existing credit, market, operationaland business risk frameworks to managereputation risk. The reasons are twofold.First, the highly sophisticated riskmanagement practices that institutionshave developed over time generallyfocus on the direct impact of loss riskevents on the financial statements, andrarely account for indirect, longer term

reputational repercussions. This is partlya reflection of the difficulties in measuringsuch impacts. Second, these frameworkstend to take a siloed view of specific riskcategories and do not take a portfolioview of the reputation impact of riskevents. They therefore fail to account forthe cumulative reputation impact of riskevents – and the potentially compoundingeffects on reputation that could arise froma succession of highly visible risk events.

The upshot is that institutions need toimplement an approach to reputation riskmanagement that is incremental to thecredit, market, operational and businessrisk management frameworks they have

already in place. The explicit objective of such an approach is to proactivelyidentify and assess risk events with a high impact on reputation before they occur. This then enables theimplementation of specific responses to prevent the occurrence of suchevents, and the pre-emptive definition of targeted strategies to manage thereputation impact of such risk eventsshould they occur.

In our view there are five critical steps to an effective reputation value and riskmanagement approach.

11


Enablingculture

process andtechnology

Emergingstandardsand new

requirements

St a k e h o l d e r e x p e c t a t i o n s

E t h i c a l c u l t u r e

Governance

Enterprise Risk Management

Compliance

Extended Enterprise and Value Chain


Defining and managing stakeholder expectations

Step 1: Define reputation andstakeholder expectations

A clear articulation of how the institutiondefines reputation risk within the contextof its stakeholder relationships is a crucialstarting point for forming a commonlanguage and consensus around howreputation risk can be managed. Despitethe wide range of definitions provided by industry practitioners in the area of reputation risk, all would agree thatreputation is a valuable asset. The absenceof definitional agreement comes in partfrom the difficulties of identifying andmeasuring the value of reputation. If one can measure the value of reputation,reputation risk could be defined as simplythe potential loss or volatility experiencedin the value of reputation. Our view is thatreputation value can be measured and,as a result, so can reputation risk:

• Reputation value can be measured as the sum of the firm’s intangibleassets as shown in Figure 3. Intangibleassets can be generated throughacquisitions in which may be reflectedin a company’s balance sheet. Inaddition, intangible assets can begenerated internally over the course of business in which case they are notpart of the balance sheet, but ratherthey are reflected in the company’smarket premium (difference betweenmarket capitalisation and book equity).

1. Externally purchased intangiblesand goodwill booked in the balancesheet typically as a result ofmergers and acquisitions (M&A).The value of purchased goodwillcan be reduced, in which casewrite-offs impact the company’searnings. Some companiesmeasure and allocate economiccapital for potential goodwill write-offs.

2. Internally generated intangiblessuch as brand, customer base and loyalty, intellectual propertyand management talent are notnormally recorded in the balancesheet, but rather reflected in themarket premium paid by investors(difference between marketcapitalisation and book equity).This market premium is a reflectionof shareholder’s expectations offuture returns. An institution’s abilityto deliver such future returnsdepends in turn on the institution’sability to meet the expectations of a broader set of stakeholders –including customers, regulators,employees, suppliers, and thecommunities in which it operates.Figure 4 provides examples of core areas in which stakeholdergroups formulate expectations of institutions.

• Reputation risk is the risk of changein the institution’s reputation value.This value may change as the result of credit, market, operational orbusiness risk events that impact the expectations of the institution’sstakeholders, affecting future earningsflows, and the market premiuminvestor built into the price of theinstitution’s equity. The risk toreputation is therefore a secondary,yet potentially substantial, effect ofunderlying primary events in thesecategories.

Two broad conclusions can be arrived at from the above definitions:

• Reputation damage has a financialimpact and can be directly linked to shareholder value creation; and

• Managing reputation risk requiresmore than relying on existing riskmanagement practices.

We believe that reputation risk is asecondary effect of underlying, primaryrisk events that can occur anywhere in the organisation. It arises when such risk events create the perception that the institution’s conduct differs fromstakeholders’ expectations. To managereputation risk effectively it is thereforeimportant for institutions to segmentstakeholder groups and map their


12


expectations with some level of detail.Stakeholder and expectation maps differfrom one institution to the next, but wethink that there are a number of commonthemes (see Figure 5). Consistent andproven ability to meet such expectationsdrive the perceptions stakeholders hold ofa given organisation, in other words itsreputation.

Step 2: Assess risks to reputation value and identify the underlying drivers

The objective of this step is to isolate the key events that could affect aninstitution’s ability to meet itsstakeholders’ expectations. This steprelies both on backward-looking andforward-looking analyses.

Measurement of the historical impact of risk events on reputation value is akey enabler in understanding risk driversand provides the core component of thebackward-looking portion of the analysis.It should use internal and external dataon share price performance, risk eventsand news flow, to identify events thathave had high impact on stakeholderexpectations, market premiums andshareholder value added. The analysisshould consider both how long specificevents affected market premiums oncethey became public knowledge, and inthe case of a negative reputational event,how effective response actions were

13


Figure 4: Stakeholder group expectations

Stakeholder group Examples of expectations

Customers • Trust/respect/admiration• Service/fair treatment• Product quality/value• Convenience/accessibility

Employees • Corporate culture• Workplace environment/safety• Fair treatment• Opportunity

Suppliers and Alliance Partners • Volume of business• Management/operations• Financial stability

Investors • Investment/financial performance• Corporate governance• Regulatory compliance

Community/Society • Community involvement• Contribution to tax base• Respect for environment• Fair treatment of people

Figure 5: Define reputation and stakeholder expectations

Build internal consensus around the definitions of reputation

value and reputation risk

• A common language is critical for effective measurement andmanagement of reputation valueand reputation risk

• Reputation has a value that can be measured

• Reputation risk is the risk ofdecrease in reputation value

• Reputation is shaped in the eyes of individual stakeholdergroups, each with its own set of expectations

• Reputation risk arises when theinstitution fails to manage andmeet stakeholder expectations

Segment the institution’s stakeholder groups

and map their expectations



accelerating the recovery of lost value.Our research in this field suggests that,using this approach, an institution shouldbe able to identify a series of risk eventswith six to eight key drivers that have thegreatest impact on the institution’s abilityto meet stakeholder expectations. Whilesuch drivers should be expected to bespecific to each institution, commondrivers will likely include the quality of

corporate governance, managementtalent, innovation, customer satisfaction,the effectiveness of event response and crisis management.

The forward-looking portion of theanalysis considers the information on risk drivers from the backward-lookinganalysis of historical data, and seeks to identify potential future reputational

issues. This analysis is performed againstthe background of the organisation’scorporate objectives, its corporate socialresponsibility agenda and externalfactors. It should seek to leverageexisting information from audit findings,risk and control self-assessments, and scenario planning processes to the greatest extent possible.


14


Figure 6: Assess risks to reputation value and identify underlying drivers

Backward-looking analysis

• Prioritisation of key risks to reputation value

• Portfolio view of reputation risks

• Underlying risk drivers

• Historical information on effectiveness of responses

• Identification of events that could affect reputation valuegoing forward

• Assessment of the likelihood andimpact of such potential eventson reputation value

• Analysis of underlying reputation drivers

Forward-looking analysis

Outputs

• Identification of past events with high impact on stakeholder expectations and market premiums

• Assessment of severity andduration of impact on marketpremiums and reputation value

• Assessment of the effectivenessof the response

Credit, market,operational or business risk events

Financialmarket data

News flow

CorporateObjectives

CorporateSocialResponsiblity(CSR) Agenda

Audit/RCSAFindings


Different institutions may use differentapproaches to assessing reputation riskand its underlying drivers; however, inour view there are some key attributes of effective reputation risk identificationand measurement processes that are constant:

• They should have both a backward-looking and forward-lookingcomponent, as outlined above.

• They should combine qualitative andquantitative measures, such as theresults from risk and control self-assessment and scenario analysis

Strategicplanning

15


Figure 7: Develop proactive and reactive response strategies

Existing risk management information, infrastructures and processes

Reputation Risk Response Strategies

Key reputationrisks identifiedenterprise-wide

Portfolio view ofreputation risk

Underlying riskdrivers

Historicaleffectiveness ofresponses


Proactive Managing Risks

• Aim to limit the downside/accelerate the recovery from a reputation event once it hasoccurred and impactedstakeholders

• Include crisis management andpublic relations

• Effective execution can enhancereputation (e.g. Tylenol, Perrier)

Reactive Managing Events

• Aim to manage the likelihood of occurrence and/or thereputation impact of eventsbefore they occur

• Most directly connected toexisting risk identification and assessment processes

Occurrence of

Rep

utation Risk E

vent

processes10, For instance, the risk and control self-assessment processmay identify weaknesses in the ITinfrastructure as a key risk toachieving retail customer serviceobjectives, and assess this risk basedon the primary, direct financial impactof a customer information securitybreach. The reputation managementprocess leverages this analysis and

assesses the secondary, reputationimpact of such an occurrence,prioritises events with greatestpotential impact, and defines actionitems to proactively and reactivelymanage their impact.

• They should specifically focus onmeasuring reputation value and itslinkage to market premium.

• They should break down reputationvalue in manageable components/elements so practical actions can be undertaken.

• They should assess impact length/horizon of events (how long effectslast and response actions to recoverlost value).


16


Figure 8: Permeate responsibilities for reputation risk management throughout the organisation

Internal Audit

Reputation risk management responsibilities clearly defined, broadly distributed and embedded into existing roles

Helps establish the risk appetiteand priorities for reputationvalue and risk management

Provides independentreview of effectiveness

Cascade key accountabilitiesfor reputation risk managementinto day-to-day responsibilities}{

Sets the tone for reputation riskmanagement and is responsible forcreating an effective framework

Facilitate the identification,measurement and monitoringof reputation risk


Exe

cutiv

e-le

vel ‘

fram

ewor

k ow

ner’

Board of Directors

Senior Management

Risk Management Business Units

Other ControlFunctions

Support Functions

Capable of rallying senior management attention and gaining consensus –depending by institution role could be assumed by CRO, COO, CEO, CCO, GC

10 A number of leading institutions are implementing risk and control self-assessment and scenario analysis processes to support their implementation of an advanced measurement approach (AMA) for operational risk under Basel II.Though an effective reputation management framework is not predicated upon the prior implementation of an AMA, it should seek to leverage existing risk information and infrastructures, to the greatest extent possible so as toavoid duplications of efforts and waste of resources.

• They should use both internal andexternal data (learn from othercompanies’ reputation events andassess effectiveness of their actionsand crisis management steps).

The outputs from identification andmeasurement efforts can then beaggregated into an enterprise-wide,portfolio view of the greatest risks toreputation, and their prioritisation formanagement action. They should alsoprovide some of the raw material thatinstitutions need to begin exploring thecomplex interactions and compoundingeffects that various risk events can haveon their reputation.

Step 3: Develop proactive and reactive reputation risk responsestrategies in strategy setting

An effective reputation managementprocess must define risk responses thatare both proactive and reactive in nature.Proactive steps aim to manage thelikelihood of occurrence and/or thereputation impact of events before theyoccur; they are most directly connectedto existing risk identification andassessment processes. Reactive stepsaim to limit the downside, and acceleratethe recovery from, a reputation event,

once it has occurred, impactedstakeholders and become publicknowledge. They tend to include crisis management and public relationscomponents, yet are most effective when executed flawlessly, based on a crisis-response plan determined in advance. Reactive reputationmanagement steps can not only limitdamage to reputation, but enhance it significantly, as several exampleswould suggest – the Tylenol withdrawal in 1984 or Perrier’s response to thediscovery of chemicals in 13 bottles of its products in 1990.

The effort to develop appropriate proactive and reactive responsestrategies should seek to leverage, to the greatest extent possible, existing risk management informationand infrastructures. It must link back to strategic planning activities and be enterprise-wide in nature. There are numerous examples illustrating how events occurring in one business unit may tarnish the reputation of the organisation as a whole. The enterprise riskmanagement framework proposed by COSO11 defines a set of principles that institutions may find useful in guiding their efforts.

Step 4: Clearly define roles andresponsibilities for reputation riskmanagement, leveraging existinggovernance and organisationstructures where possible

• Manage reputation risk through an organisational structure thatextends existing governance practices and clearly defines roles and responsibilities.

• Ensure independence, authority and standing through board andexecutive management oversight.

• Embed, through policy setting,reputation risk management principles into key businessprocesses, including strategicplanning (e.g. new products, services, M&A), performancemanagement, training, reporting and systems architecture.

Governance of reputation riskmanagement activities is critical to ensure appropriate checks andbalances and the deployment of effective people, process and technology resources.

17


11 Enterprise Risk Management – Integrated Framework and Application Guidance authored by PricewaterhouseCoopers under sponsorship of the Committee of Sponsoring Organizations (COSO), Sept 2004 (see www.pwc.com).

Key steps here include:

• Incorporating reputation riskmanagement into existing roles and responsibilities of the board,senior management, business unitmanagement and control functions.For example, a board should helpestablish the risk appetite andpriorities for reputation value and riskmanagement; senior managementshould set the tone for reputation risk management and own theresponsibility for implementing aneffective framework; business unitmanagement should cascade keyaccountabilities for reputation riskmanagement into day-to-dayresponsibilities; and control functionsshould facilitate design, measurementand monitoring of reputation risk;

• Ensuring that reputation risk is a keycomponent of strategic businessdecisions, including board/management team, successionplanning, new product/servicedevelopment, mergers andacquisitions, stakeholder analysis;

• Ensuring reputation risk managementmetrics are an explicit part ofperformance management processesand drive evaluation, capital allocation,compensation, promotion andsuccess; and

• Leveraging Sarbanes-Oxley and other regulatory compliance efforts to enhance effectiveness andstreamline processes and technology.

Finally, the reputation risk managementframework must have an executive-level‘owner’ of the framework, who is able torally senior management attention andconsensus. The ‘owner’ of reputation risk may vary by institution, but shouldbe somebody with a solid understanding of the institutions risk appetite andprofile, and the authority to affectbusiness decisions and direct resourcesenterprise-wide. This could, for example,be the Chief Operating Officer, Chief RiskOfficer, General Counsel, or ChiefExecutive Officer. Whoever the individualvested with the responsibility for theframework, there should be no doubtthat the ‘ownership’ of the risks, whichcould have reputational impact, squarelylies with those parts of the organisationthat incur the risk, and must be managedat that level.

Step 5: Take a risk-basedapproach to reputation risk monitoring

The reputation management frameworkmust be supported by formal reputationreporting flows to senior managementand those able to take appropriateaction. Consider the use of dashboards,

based on key reputation risk indicatorsspecific to an individual organisation and ensure that the greatest reputationalrisks are:

1) Monitored by the business unitsthrough risk control self-assessments(e.g. RCSA);

2) Subject to targeted ongoingmonitoring by key control functionsleveraging technology;

3) Subject to tailored reputation riskescalation protocols that ensurevisible, high-impact and uniquetransactions or issues that areidentified, assessed and mitigated;and

4) Subject to Internal Audit,independently validating the design effectiveness and operatingeffectiveness of reputation riskmanagement functions, policies and procedures.

The existence of formal measures andreports are key in developing seniormanagement awareness and consensus,and prerequisites in ensuring that theframework enables effective decision-making and follow-through.


18


Conclusion andrecommendations

While the implementation of such aframework may take time and resources,there are a number of steps institutionscan take immediately to begin managingtheir reputation proactively. Financialservices institutions should build on theirrisk management capability to adopt a portfolio view of the reputation impactof events.

Our five-step methodology suggests thatfirst, reputation risk should be definedrelative to the organisation stakeholderexpectations and reputation value.Second, the key events that could effectthe ability to deliver against reputationobjectives should be isolated, and KPIsand management strategy should bealigned around reputation risk drivers. Third, a reputation riskmanagement framework should bedeveloped to facilitate the identification,assessment and reporting of risks.Fourth, clear roles and responsibilities in relation to reputation risk managementshould be defined within key businessprocesses. Finally, a risk-basedapproach to reputation risk monitoringshould be adopted. Organisations canthereby improve their ability not only toidentify, proactively address or otherwiseeffectively respond to issues that could

cause potential damage to theirreputation, but also to strengthen theareas of greatest importance to theirstakeholders, thereby building trust and the value of their reputation.

Co-authorsShyam VenkatPartnerFinancial Services, USTel: 1 646 471 8296Email: [email protected]

Miles EversonPartnerFinancial Services, USTel: 1 646 471 8620Email: [email protected]

Catherine JourdanManager, Financial Services, USTel: 1 646 471 7389Email: [email protected]

19


20



by Bruce Weatherill, Justin Ong and Rolf Birrer

21


Bruce WeatherillGlobal Private Banking/Wealth Management Leader


Rolf BirrerPartner, Private Banking/Wealth Management, Switzerland

Tel: 41 58 792 24 32Email: [email protected]

Justin OngPartner, Wealth ManagementPractice, Singapore

Tel: 65 6236 3708Email: [email protected]

With over $30 trillion of High Net WorthIndividual (HNWI) global wealth, manydifferent product offerings and animmeasurable number of serviceproviders, the private banking industry is clearly an interesting and diverse area of the wealth management arena.

Introduction

The 2005 PricewaterhouseCoopersGlobal Private Banking/WealthManagement Survey1 reveals an industrywith optimistic expectations of growth.Yet not everyone can be a winner, and in a sector marked by rising competition,mounting pressure on margins andincreasing vulnerability to acquisition,private banks must have a clear focusand well-defined strategy for success.

Since its inception in 1993, the in-depthbiennial survey has been charting thedrivers and direction that are likely to shape the private banking sector in the years to come. The 2005 study is based on the findings from detailedquestionnaires completed by 130organisations from more than 30countries. It covers Europe, Asia, North America and, for the first time,includes input from the Middle East,

Scandinavia, South America and anumber of offshore centres. From nicheplayers to private banking giants, theparticipants represent a broad spectrumof entity sizes in what remains a largelyfragmented sector.

The findings show that respondents are confident about their industry’sprospects as they emerge from theinvestment doldrums of the earlier part of the decade. Participants anticipatethat assets under management in theirdomestic markets will grow by an

average of 7.5% and revenues by 8% over the next three years. This is inmarked contrast to the survey of 2003, in which European participants, whichmake up the majority of those surveyed,predicted that assets would increase by just 3% during the year.

Respondents are even more buoyantabout their own particular fortunes,forecasting that their revenues and assetswill grow by an average of 13% over the next three years. Asian participantsanticipate that their assets undermanagement will increase by 21%,reflecting the increasing wealth andsophistication of clients in the rapidlyexpanding economies of China and India.

There are undoubtedly grounds foroptimism at a time when the rich are notonly getting richer, but also rising innumber. This includes the most valuableHNWIs (assets of more than $50 million),who now account for an average of 19%of respondents’ funds under management(see Figure 1), compared with 11% twoyears ago. Clearly, however, not everyparticipant can hope to outperform themarket as a whole and competitivedifferentiation will be critical in achievingthese ambitious growth targets.

1 For a full copy of the Private Banking/Wealth Management Survey 2005 visit www.pwc.com/wealth

Competition for custom

Participants expect an average of 18% of their revenue growth over the nextthree years to come from clients new towealth management, with a further 46%being derived from more business fromexisting clients or new customers wonfrom competitors (see Figure 2). As thebattle for a greater share of customers’wallets intensifies, 64% of respondentsexpect to hold more than 40% of theassets of their clients by 2008, compared

with 45% today. This offers the potentialbenefit of increased income with only a minimal rise in cost.

However, the findings of thePricewaterhouseCoopers survey raiseconcerns about whether participants are paying sufficient attention to holdingon to existing clients, leaving them open to poaching by competitors. Brandingremains a surprisingly limited priority, withsome 30% of participants spending lessthan $100,000 per year on brand

protection. It is equally telling that 46% of respondents have no client retentionprocess. Experience suggests that well-developed client segmentation can helpcompanies to better understand the needsof their customers. Yet, our survey foundthat segmentation is still generallyrudimentary, predominantly focusing ongeography and new/current client assetsrather than profit considerations. This begsthe question as to how private banks canoffer the ‘tailored’ service they are soeager to promise. Without knowing theircustomers they cannot know what theyreally want … or need.

The talent and capabilities of wealthmanagers are clearly critical in developingand sustaining profitable relationships.However, only 21% of respondentsbelieve that the quality of their staff isvery strong. Most respondents (70%)recognise that training is likely to proveever-more important as the demands oncustomer relationship managers (CRMs)increase. Yet, 45% of those surveyedhave training budgets of less than $5,000 per person per annum, which is very low, given the importance ofCRMs to the business and the hugechallenges that they face in meetingclients’ needs and expectations.

The scope of CRM training and resultingknowledge base may also be too limited,especially if CRMs are to reach thecompetitive pinnacle of becoming trusted

Private banking – competitive challenges aheadcontinued…

22


47%

69%

49%

23%

19%

30%

32%

19%

Percentage ofrespondentsexpecting increasein three years

Percentage ofassets undermanagement

Client bands

UltraHigh

Net Worth> $50 Million

Ve ry HNW$5m – $50m

High Net Worth $500,000 – $5m

Affluent$100,000 – $500,000

Figure 1: What percentage of your organisation’s total assets undermanagement fall within the following bands and how do you expect this to change over the next three years?


advisors. While more than 80% of trainingprogrammes cover companies’ ownproducts, less than half focus on taxation.This is surprising, as tax planning hasalways been at the heart of wealthmanagement and is a key driver in thedevelopment of both onshore andoffshore products. Recent years have alsoseen significant developments in bothdomestic and international tax legislationthat will have important implications forcapital gains, tax deferral and inheritancestructures. Yet, while 83% of respondentsrecognise that tax planning is important,only 27% rate their CRMs as competent

in the area of international tax and barely 50% competent in the area of domestictax. One common and rational responseto this problem is to outsource tospecialists. Errors with tax planning canbe very costly to clients and ultimately the ‘costs’ are passed back to the private banks. Monetary costs are onlyone aspect; damage to the brand andreputation is often more significant. If private banks do decide to outsource,one thing they must ensure is that their outsource provider is reputable; again, failure to do so may have severe consequences.

Pressing strategic choices

Our survey indicates that participants arelooking to enhance returns and respondto clients’ increasingly complex demandsby extending the range and sophisticationof their products. In particular, alternativeinvestments such as private equity and hedge funds have now moved into the mainstream. However, the studyquestions whether wealth managers canoffer their clients the most appropriateproducts for their requirements whenmost still manufacture them themselves or via their parent. It would appear thatthe ‘open architecture’ that could helpenhance CRMs place as trusted advisorsis more myth than reality, for now at least.

Today’s ever-more discerning customersare unlikely to settle for second best.Wealth management businesses willtherefore need to articulate andconcentrate on their strengths andconsider outsourcing their remainingproducts and operations to more ablepartners. For many, this will meanchoosing between being primarily a producer or a distributor. Someorganisations are already looking to specialist providers to manage theiralternative investments. As Figure 3highlights, others now recognise that they will need to make clear strategicchoices about where they wish tocompete if they are to differentiatethemselves in the marketplace.

23


27%

19%

18% 17%

10%

5%

4%

Market appreciation

More business from existing clients

New clients won from competitors

New clients to private banking/wealth management

Mergers and acquisitions

Joint ventures/strategic alliances

Greater use of intermediaries(e.g. independent financial intermediaries, accountants, lawyers)

Figure 2: What percentage of your revenue growth is expected to result fromyour own efforts and what percentage will come from market appreciation?


Pressure on profitability

The growing competition in the privatebanking sector is reflected in theincreasing pressure on margins.Customers expect higher quality at lowercost. As a result, 32% of respondentsexpect margins to fall, despite theanticipated rise in revenues, compared to 18% who believe they will rise and46% who see them standing still.

Many organisations are looking to cut costs by increasing the number of clients served by each CRM.

However, investment in people,especially your CRMs, and IT will be needed to ensure that the greaterdemands do not undermine the quality of service. Many businesses are alsolooking to enhance profitability throughimproved performance management andreward, although as we have reported,segmentation by profit remains limited. It is also surprising that only 53% ofrespondents collect data on the returnsfrom individual clients and only 54% use profitability by product data in theirdecision-making. We would also ask thequestion around the adequacy of

analysis of total cost of servicing clients.As we have highlighted, the metrics usedfor profitability measurement are relativelynarrow, and it would appear that fullyunderstanding the overall cost of serviceand thus knowing the true profitability ofclients is some way off. There aresolutions to this common problem, andthose companies that have effectivelyimplemented improved measurementprocedures have seen the rewards.

The pressure on margins is likely to be compounded by the increasing costof compliance and risk management.More than 80% of respondents haveestablished risk management frameworksin the past five years, though gapsremain, particularly in the area ofoutsourcing. Ironically it is the gaps in third-party frameworks andunderstanding of third-parties’ riskmanagement processes that providesone of the biggest areas for reputationalrisk. Although participants increasinglyrecognise the link between risk andreputation, it would appear thatcompliance remains the primary driver for the development of risk management.Only 22% of respondents view riskmanagement as a source of competitiveadvantage. Just 9% have sought tomaximise the business benefits of theirinvestment by developing integrated riskand value management systems that linkperformance and capital efficiency.

Private banking – competitive challenges aheadcontinued…

24


Eur

ope

Dis

trib

utor

Eur

ope

Pro

duc

er

Am

eric

asP

rod

ucer

Asi

a P

acifi

cD

istr

ibut

or

Asi

a P

acifi

cP

rod

ucer

Am

eric

asD

istr

ibut

or

Don’t know/Not applicable

Is a primary focus

Is a secondary focus

Forms a peripheral part

Does not form any part

38%

54%31%

46%

8%

8%23%

23%

19%

19%

24%24%

24%

13%

38%

1% 7%2%3%

27%

65%

17%

14%1%

14%

24%

33%

Figure 3: What is the current strategic direction of your organisation in termsof being a producer or distributor?


Impetus for consolidation

Continued compliance demands, not least of all, Know Your Customer andAnti-Money Laundering and thecontinuing fragmentation of the privatebanking sector, could increase theimpetus for industry-wide consolidationand the rationalisation of offshore centresin particular. However, takeover pricesstill appear to be unrealistically high,which could inhibit further deal activity.

Indeed, we believe there could be a split in the market, with a significantnumber of international banks looking to increase their presence in the sectorthrough acquisition, while smallerinstitutions seek to sustain growththrough less costly means, such as joint ventures or poaching key personnel.Some mid-tier businesses may evendecide to exit the market altogether,especially as our analysis shows thatlarger players are beginning to reap the benefits of scale, both in terms of profitability and asset growth.

What it takes to succeed

The 2005 survey highlighted both the huge growth potential and theenormous challenges facing the privatebanking/wealth management sector. The winners will be businesses that canunderstand and meet their customers’ever-more exacting expectations and

ultimately be seen as trusted advisors.As Figure 4 highlights, a number ofplayers are beginning to pull away fromthe pack by opening up a decisive leadin a number of the critical differentiatorsidentified in the survey, including clarity of strategy, quality of staff and ‘best in breed’ product/service capabilities.

To catch up and compete with theleading pack, organisations will need to focus on what they do best, ratherthan trying to be all things to all people.

Open architecture will enable them to offerfirst-class products that precisely matchindividual customer needs. Investment in CRMs can improve service and adviceand help to enhance relationships. Effectiveuse of technology can lower costs andimprove management information. Asaffluence increases, the potential rewardsare considerable. However, failure couldleave customers, client teams and evenwhole businesses open to acquisition by predatory competitors.

25


Bra

nd im

age

and

mar

ket

conf

iden

ce

Use

of

tech

nolo

gy

Bes

t of

bree

d

Qua

lity

ofst

aff

Cle

ar s

trat

egic

dire

ctio

n

Pro

fitab

ility

Cus

tom

erca

se

Clie

ntba

se

Ove

rall

Don’t know

Very strong

Quite strong

Neither/nor

Quite weak

Very weak

8% 8% 12% 8% 8% 10%18%

9% 13%

16%5%

17% 21%28%

12%9%

16% 5%

41%

21%

30%

50%44%

33%

42%40% 54%

23%

44%

34%

20% 17%

33%

26%28%

24%

4%7%11%6%

16%8%4% 6%

1%1% 2%

1%

3%

2%1%

Figure 4: How strong do you consider your organisation to be in relation to the following matters? Participants were also asked to rank their mostsuccessful competitors as well


26


Tax risk management

by Sarah Prior, John Masters and Larry Quimby

27


Larry QuimbyPartner, Industry ServicesGroup, US


John MastersPartner, Asia Financial Services Tax Leader


Earlier this year BP Russia faced a back tax claim of $1bn. While this was subsequently reduced to $247m, it is a clear example of the increasingimportance for companies to identify,monitor and manage their tax risks. In this first of two articles looking at tax risk management, we will considerwhy this has become such a hot topicand why having a tax strategy is animportant part of any risk managementframework. We will also considerapproaches to risk management andlook at the key challenges within thebanking and capital markets sector.

To the directors or senior managers of many businesses, tax has often beenseen as something of a mysterious art; a complex technical specialism notreadily measured or monitored by thescorecards or dashboards that might be used to manage the rest of theorganisation; often immune from internalaudit overview, it can be seen as atechnical function left to do its own thing.

This situation is changing however, and many in-house tax departmentsacross the banking sector are beginningto engage senior management on theissue of tax risk and are introducing a

control mindset, previously lacking within tax functions. Here we take a look at why this is.

Why is tax risk managementhigher up the agenda?

A number of pressures are resulting in tax risk becoming a concern fororganisations for possibly the first time.

Regulatory environment

When exploring at the factors making tax risk management more of a focus, the first place to look is at the changingregulatory environment. Regulators arenot specifically looking at tax risk, butthey are interested in robust controlswith the objective of enhancedtransparency and accuracy in financialreporting. With the advent of SarbanesOxley 404 (SOX 404) there has been an uncompromising approach taken in demanding a certain level of control.Many tax departments have had to move from a standing start, some ofthem lacking the right skills for this kindof work. Consequently, there has beenan urgent need to focus on risk andgetting policies, procedures anddocumentation in place.

Tax authorities

The second group casting a bright light on this area are the tax authoritiesaround the world. They are increasinglytaking the fight to taxpayers in relation to tax planning, which they may challengeas avoidance, including transfer pricingand the quality of core financial data.

In the international arena, various taxauthorities have been encouraging movesto push tax onto the boardroom agenda.Examples of this move, which representsa quite unprecedented change ofapproach, include Australia, where the Australian tax office has published a list of ten questions that a CEO shouldask about tax planning proposals; andthe UK, where the head of the InlandRevenue has made direct contact with the CEOs of some major banks to discuss their tax planning activities.

Sarah PriorDirector, Tax, Banking & CapitalMarkets, UK


For US companies reporting underSOX earlier this year, 9% of alldisclosed material weaknesses up to the end of May 2005 were in relation to tax.Source: PricewaterhouseCoopers

We are also seeing increasinginternational co-operation. Last year saw the establishment of the JointInternational Tax Shelter InformationCentre, a co-operation aimed atinformation sharing between the US,Canada, Australia and the UK. Theirstated aim being to curb the use ofabusive tax structures. In the same yearthe OECD (Organisation for EconomicCo-operation and Development) met in New Zealand to consider how taxauthorities could share information to detect and prevent tax avoidance.

Individually, many jurisdictions have alsoadopted one of a number of other waysto tackle tax avoidance: general anti-avoidance rules in Australia, Canada,Germany, Hong Kong and Ireland; abuseof law doctrine in France, the Netherlandsand Switzerland; and tax avoidancedisclosure in Canada, the US and the UK(also recently mooted in France). All ofthese enable the tax authorities to reactrapidly when they see behaviour theydeem to be unacceptable. In someinstances, we have seen these authoritiesadopting quite aggressive legislative andregulatory change, often paired with anincreasingly uncompromising approach to investigation and negotiation.

This changing approach createsincreased tax risk for organisations. It can affect businesses that engage in

Tax risk management continued...

28


Ten questions put by the Australian Tax Commissioner to company boards to be asked in relation to transactions affecting the company’s tax position.

1. What level of confidence do you have in the correctness of your advice?

2. How likely is it that the tax office will take a different view of the application of the law and assess the company accordingly?

3. If the Australian Tax Office takes a different view and the matter proceeds to litigation, what is the risk of the Federal Court or the High Court decidingthe matter in favour of the tax office?

4. What is the potential downside if the company is unsuccessful in litigationwith the tax office?

5. If there is a dispute, what is the likelihood of the tax office being prepared to settle the dispute and, if so, on what terms?

6. How likely is it that the tax office will identify the tax issues that arise from the proposed course of action? Allied with that, to what extent will embarking on the proposed course of action increase the tax risk profile of the companyand increase the possibility of audit scrutiny?

7. In light of the potential risk, would it be desirable to approach the tax officefor guidance in the form of a private binding ruling?

8. Where a position has been taken on a tax issue, would it be desirable, in the interests of appropriately managing any risk, to be upfront with the tax office in identifying the issues before or when lodging the tax return andendeavouring to constructively handle any disagreements which may ensue?

9. Is the advice based on the actual transaction or on an expectation of how the transaction will be implemented?

10. Are you satisfied that the factual basis for your opinion to the board has been properly checked?

Source: PricewaterhouseCoopers

very aggressive tax planning, particularlywhere a management decision is takenwithout being properly monitored. It canalso impact organisations that are notable to monitor and manage their taxaffairs, key issues and exposures on aglobal basis. Many tax managers arecomfortable with the ‘domestic’ positionsand issues, but have less confidenceoutside the ‘home country’.

The changing approach has also affectedthe climate in which tax planningtransactions are considered – for the tax director, yesterday’s acceptablebehaviour has become today’sunacceptable behaviour. The result may be higher costs associated withjustifying transactions and managing tax investigations and the risk ofnegative press coverage.

The Board

Last, but not least, when looking at thoseissues affecting the tax risk landscape,are senior management and shareholders.One reason for this is that there is anincreasingly moral perspective beingtaken in relation to tax avoidance, very often deliberately encouraged by the tax authorities.

This emphasis on the morality of taxavoidance makes companies increasinglysensitive to the activities in which theyengage, particularly when considered in the context of their corporate socialresponsibility policies. As an example,many ethics policies state that thecompany follows the ‘spirit’ as well as the ‘letter’ of the law. How manycompanies have looked at how such a policy squares with some creative taxplanning, which meets the strict letter of the law but, in the view of the taxauthorities, certainly not the spirit?

This sits alongside an increasingrecognition of the profound damage that can flow from negative publicity. No-one wants their dirty tax linenwashed in public, so there is a greaterneed from management to know what isgoing on in relation to taxes within theirbusinesses and to have confidence thatthe risks are controlled. An indicationthat some companies may have a way

to go can be found in a survey of theFTSE 350, published in early 2005 byHenderson Global Investors. One of themost striking conclusions of the surveywas the proportion of companies with no tax policy through which to managetax risk to the desired level.

29


‘We have seen things we eitherwould never have picked up orwould have picked up years down the road. We have seen a series of kinds of transactions… that merit follow-up by individualtaxing authorities’Mark Everson, Head of the US Internal Revenue Serviceinterviewed on the results of the Joint International Tax Shelter Information Centre in the Financial Times

‘…it is vital that we haveinternational cooperation to tackle(tax avoidance) as we do forterrorism, organised crime, money laundering and fraud’.John Healy, Economic Secretary to the UK Treasury

‘Seventeen of the 44 companiesthat consider their overall approachto be ‘medium’ have not conducteda board review of strategic taxmatters within the last year and 19of these companies do not have adocumented tax policy. A ‘medium’willingness to take on tax risk thatis not underpinned by adequateboard involvement may suggestflaws in corporate governance.’Henderson Global Investors: Tax, Risk and CorporateGovernance February 2005www.henderson.com/global_includes/pdf/

corporate_governance/tax_paper.pdf

But I am SOX 404 compliant

At this point, it would not be unreasonablefor an organisation to ask: ‘the tax climateis changing and increasing my risk, but I am SOX 404 compliant, so am Imanaging my tax risk?’ This is a goodquestion, even for companies who arenot SEC registrants, as increasingly, SOX 404 is becoming a general controlsbenchmark. Before we consider theanswer we should look at what SOX sets out to do.

The goal of SOX 404 is to provide‘reasonable assurance’ as to thereliability of financial reporting and thepreparation of the financial statements. It is well understood that this covers the corporate income tax in the profitand loss account, and balance sheet and controls on tax payments. As we go beyond that, however, the picturebecomes less clear. Most organisationsrecognise that VAT falls within the scopeof SOX 404, but employment-related andother operational taxes are very oftenthought to be outside the scope of someorganisations’ SOX controls (if material to the financial statements, they need tobe in scope). For banking organisationsthese areas represents a significantswathe of tax risk. Let’s just considerthese risks for a moment.

First, taking employment taxes and social security

The banking and capital markets sectoremploys many highly paid people,particularly within investment banking.There are large bonus pools andsometimes, inventive reward planning.Many of these employees work asexpatriates where there are additional tax issues. There may be dual contractarrangements or other tailor-madeemployment arrangements.

The tax issues arising in this area are complex and often not adequatelyco-ordinated between HR and the tax function. The arrangements aresometimes poorly implemented (dualcontracts are a prime example) or aredisliked by the tax authorities (UKNational Insurance bonus planning).Where there has been a systematic failureof control or proper implementation, tax or social security tax losses can result in significant tax, interest andpenalty costs, all ‘above the line’.

Secondly, turning to otheroperational tax risks

These are the tax risks arising from day-to-day transactions, many of which in the banking sector are embedded withthe settlements or operations processthat supports transaction settlement and custody services. Examples include

operation of withholding taxes and stampduties, management of customer double-tax treaty reclaims, tax reporting andmaintenance of tax documentation.

Experience shows that it is in this areathat banking tax departments are mostlikely to see errors and have to makelarge settlements with tax authorities. These areas will not necessarily havereceived attention as SOX 404 focuseson financial reporting.

How many banks, for example, have hadtrouble maintaining adequate records,reconciling accounts and achievingaccurate reporting under the US qualifiedintermediary rules? A warning perhapsfor the operation of the EuropeanSavings Tax Directive? How many bankshave had problems with the operation of Hong Kong or UK stamp duty? There are many more examples thanthese. These tax risks have the capacityto be very large, due to the volumesinvolved, and are often sitting in no-man’s-land between tax and settlementsdepartments in terms of responsibility.

Returning, therefore, to the question of whether SOX 404 compliance issufficient to control tax risk, it isimportant to realise that controlling risk was never the focus of SOX 404,since the legislation focused on financialreporting controls.


30


Basel II

Having mentioned the potential gaps in coverage of SOX 404, it is worthconsidering Basel and operational risk.Basel II defines operational risk as therisk of loss resulting from inadequate or failed internal processes, people and systems, or from external events. This definition includes legal risk, butexcludes strategic and reputational risk.

In terms of what this means for tax, some of the operational tax risksdescribed above seem to fall squarelywithin this definition. To some extent this is explicitly recognised by the Basel Committee on BankingSupervision which mentions tax in the context of internal fraud risk. It is also a consideration in relation to the risk arising from ‘clients, products and business practices’ and ‘execution,delivery and process management’. As yet, however, the involvement of tax functions in banks’ Basel II projectsvaries greatly. Tax risk should not beforgotten in the process of identifying,monitoring, and mitigating andcontrolling operational risk.

Why do I need a tax strategy?

The second question arising from thiswhole debate might be: ‘why do we need a tax strategy?’ In response, it ischallenging to think how an organisationcould otherwise achieve cohesive tax risk management consistent with theobjectives of the board and shareholders.Such a strategy is a means throughwhich there can be a dialogue on tax riskbetween the board and the tax function.

The key deliverable of a tax strategy is consistency with the organisation’soverall business strategy and clarity in a number of areas:

• Goals in relation to the organisation’scosts. Sometimes this can be seen as a target-effective tax rate or abenchmark of tax costs against a peer group.

• The organisation’s risk appetite.What it will and won’t do (e.g. nosocial security tax planning or onlyentering into planning transactionswhere there is a ‘more likely than not’opinion). Besides the risks arisingfrom aggressive tax planning, there is also the risk of not planning andpaying too much tax, and this may be reflected in a strategy.

• Responsibility for taxes within the organisation. For banks this is a significant issue. As the abovecomments on risks falling outside SOX 404 make clear, there are many tax risks (e.g. the operational tax risks that are threaded right throughthe organisation’s activities that arenot within the clear control of the taxfunction or any other one function). Are these risks the responsibility of the tax department or is itsettlements or HR or finance?

31


‘Our research shows thatcompanies are implementing theirprinciples on responsible tax by:

• Including explicit requirements in their tax policies to complywith overall business principles and commitments on socialresponsibility;

• Ensuring explicit boarddiscussion and approval of tax policies; and

• Providing written guidance to staff on how to deal withdilemmas and challenges’.

Extract from Henderson GlobalInvestors: Responsible TaxOctober 2005www.henderson.com/global_includes/pdf/

corporate_governance/ResponsibleTax.pdf

Only when there is clarity ofresponsibility can there be certaintythat all risks are being controlled.

• Use of ‘tax capacity’. Many bankshave structured finance teams andother front-office staff engaging in tax structuring. Who should allocate‘tax capacity’ to them? Does the taxdepartment sign off their deals? What is the policy with regard toprovisioning for risks? Answeringthese questions helps ensure thatthere is control of a group’s overall tax position.

• Communication with, and by, theboard on tax matters. What do theboard need to know with regard to tax and when? Does the board wantwider communication of certain taxmatters? We are starting, for example,to see companies analysing andpublishing details of the total taxesthat they are paying.

There are many other aspects that cango into a tax strategy. Whatever thesemay be, the key goal is clarity ofunderstanding within the organisation of its objectives with respect to tax,together with the responsibilities and the mechanism for achieving those objectives.


32



Total Tax Contribution FrameworkWhat is your company’s overalltax contribution?*

A PricewaterhouseCoopers discussion paper

The future

Returning to the original question of whytax risk management is becoming moreimportant, the world is clearly changing,requiring more professional riskmanagement within organisations. The tax authorities are turning up theheat in the tax avoidance sphere and in many jurisdictions are adopting a more confrontational style to that whichtaxpayers have been accustomed to. All of which is putting increasing pressureon boards and senior management tounderstand what is going on in relationto tax within their organisation, and to have a view on whether or not it isacceptable. They also need to ensurethere is a framework for adequatecontrol. Tax can no longer remain themysterious subject understood by aselect few, and a clearly defined taxstrategy is one step towards ensuringadequate dialogue and understanding.

For more information on approaches to tax risk management go to:www.goodriskadvice.com

33


34


by Christopher Box, Ron Collard and Luan Fox


35


Christopher BoxSenior Manager, Human ResourcesServices Financial Services, UK


Luan FoxPartner, Global Human ResourcesServices Financial Services, US


Ron CollardPartner, Human Resources ServicesFinancial Services, UK


People in Banking and Capital Markets organisations are seen as thecritical differentiator, the organisation’smost important asset, typicallyaccounting for over 50% of the annualfixed cost to the business. It is perhapssurprising, therefore, that there is often relatively little understanding ordata highlighting the impact of people on business performance.

This article explores the expanding focuson people measurement and the use of data to assist in providing a greaterinsight into people practices within anorganisation. Some of the challenges in providing people data are explored and some of different options areanalysed in order to provide a frameworkfor organisations that are considering amore extensive use of their people data.

We are entering a new era that demands organisations facilitate greatertransparency of people costs and people-related data, particularly in thefinancial services sector. This is in part a response to reporting and otherregulations, but increasingly it is investorappetite for more transparency and morerobust indicators of business performancethat fuels the need to understand how anorganisation’s people effect its success.

Gaining that understanding and tappinginto the appropriate metrics also presentsan opportunity to increase competitivebusiness advantage and to address thebusiness performance issues attributed to the lack of talent and human resources(HR) process effectiveness.

What’s the minimum you have to do?

At present, legislation in this area isemerging from different regulators and indifferent ways around the world. FromEmployment Equity Acts, such as theAffirmative Action Requirements (andassociated reporting requirements) inSouth Africa, to the recently introducedOperating and Financial Review (OFR)affecting all quoted companies in the UK,the burden on employers to both act andbe able to report on people data isincreasing. While legislation is not yet byany stretch either applicable orconsistent on a global basis, the new UKstandard has arisen in response to thegrowing levels of pressure to reportpeople data both in the UK and abroad,and the likelihood is that otherjurisdictions will follow suit with similarstandards. Given that even this UKstandard is not wholly prescriptive, thereis considerable latitude in terms of what

people metrics organisations can report – so, from a global perspective,organisations have the opportunity todefine their own metrics and use this as a basis for lobbying as and when new regulations are proposed.

It’s not just pressure from increasingregulation that is driving the need forpeople reporting. Investors and otherstakeholders are increasingly demanding detail from organisations on their people policies. There is a need to analyse and document the link between business performance and effective people management. Ifinvestors understand that improvementsin business performance are sustainablewhen there is a corresponding andappropriate level of investment in thepeople, then that judgement is beingmade based on investor interpretation of the data presented.

Preparation for a people report

It is important for organisations to adoptan institutional mindset and define aspecific approach to preparing theirpeople metrics and the resulting reports.To be successful, the effort cannot be aone-off activity, nor can it be rigid as the

process should be continually monitoredand changed to ensure the required datais captured accurately and effectively.Organisations need to plan, not only theprocess and what it will entail, but alsohow the data will be shared and howthey will react to the results (positive ornegative) both internally and externally.There is always the risk that, as with theother elements of stakeholder reporting,analysts, shareholders and other readersmay not view the data as positively asthe organisation would have liked. Theorganisation needs to have thoughtabout potential reactions, implications for its reputation and, ultimately, its share price. For example, an organisationholding itself out as a diverse employer,or a pioneer of corporate socialresponsibility, needs to carefully analyseits actual diversity statistics and how they appear in a vacuum, withouthistorical or peer data, before givingothers the opportunity to comment on data that is (voluntarily) disclosed.

As reporting standards become moreestablished and the markets respond to those reports, there is likely to be aconvergence in the nature of the metricscontained within them. However, thestandards will always be the minimumreporting requirement, so organisationshave the opportunity to shape theirpeople metrics in the way that adds

greatest value to their own managementdata and external brand. Now is the timefor forward-thinking organisations to act.

How else can better peopledata help?

Aside from meeting the demands ofinvestors and other stakeholders, as well as regulatory requirements wherethey exist (e.g. the OFR in the UK),organisations can gain a great deal of value from understanding how theycompare against their benchmarkorganisations and how people policiesand practices impact the ‘bottom line’.That understanding is not likely to comefrom the relatively narrow set of metricsthat the reporting requirementsnecessitate; so, it will require additionalcommitment from management to bothcollate the desired metrics and to takeaction on the results. An effective set of people metrics will add quantitativestrength to the qualitative data that HRcurrently reports to management, givinga better understanding of the financialvalue of an individual contribution andthe contribution of the HR function.These metrics will serve as evidence ofwhere the organisation needs to improveits human capital performance and whereReturn On Investment (ROI) is beingmaximised. Meaningful people data canhelp the organisation achieve business

targets and human capital goals byinforming decisions and focusing limitedfinancial and other resources on the areas with the greatest potential for ROI.In addition, this data can strengthen the position of the HR function in theorganisation, by demonstrating whereand how it drives value.

We have developed the checklist in Figure 1 to help organisations review theirrequirements and more specifically meetthe UK OFR requirements. This alsoenables a wider debate about the use of people metrics in organisations, andmoves towards using meaningful humancapital data as a means of creatingcompetitive advantage.

This checklist raises some interestingchallenges and attempts to focus thebusiness on clarifying their objectivesand the practical implications of humancapital measurement.

Which metrics to use?

Different organisations require different levels of detail in their metrics. Saratoga, the human capitalmeasurement benchmarking practice ofPricewaterhouseCoopers, recommendsthe use of three categories of humancapital metrics:

Is measurement crucial if people are an organisation’s most critical asset? continued…

36


• Generic human capital metrics,relevant to all commercial rganisationsin all sectors and all regions;

• Specific sector or subsector humancapital metrics directly related to a company within its sector or subsector, region and/or against direct competition; and

• Specific metrics related to issues orchallenges likely to affect the futuresuccess of a company.

Figure 2 illustrates a set of generic humancapital metrics that can be useful as abasic toolkit for people data measurement.This, and other metric data, is availablefrom Saratoga1.

It is important that the organisationfocuses on the metrics that will bemeasurable and meaningful to it; themetrics that will provide the greatestadded value and satisfy the reportingand business objectives. One organisation,for example, found 10-12 metricscombining measures that could berelated to employee satisfaction (e.g. total absence rate) and businessperformance improvement (e.g. profit per employee), which provided them with a manageable set of data that couldbe obtained across the business as awhole. Their next step has been toanalyse detail within individual business

37


Figure 1: Human Capital analysis checklist


This checklist is a guide for HR executives to help assess their existing position and to respond positively to the expectations of company boards and shareholders. The answers to these questions will highlight where major action may need to be taken.

1. What are the priority business challenges facing your company in the next two years?

2. What human capital actions are required to maximise the opportunities required to guarantee business success?

3. How will you make these actions happen?

4. What are your Key Performance Indicators and how are these related to the business challenges?

5. What data is required to measure human capital performance?

6. Are you fully informed and/or involved in your company’s people reporting plans?

7. What human capital information will be most useful to your shareholders and in what format?

8. What information gaps exist and how do you intend to fill them?

9. Are information systems advanced and flexible enough to respond to all recognised demands?

10. Are you satisfied that the information you produce is robust and can withstand scrutiny?

11. Are you conversant with key human capital subjects and major global trends that may be raised by shareholders?

12. Is there a direct link between what the HR function does and what the board want it to do?

1 www.pwc.com/saratoga

units, focusing on the particular areashighlighted by the broad review. Thisclient intends to perform the broadanalysis on an annual basis to identifyimprovements, trends and determinewhere to prioritise spend in future. The message has been to keep it simple, especially at the outset.

Consider the example of using moredetailed metrics in effecting businessplans in a banking organisation, whichrecently spent significant resources ondefining a five-year business plan andambitious financial growth targets. The success of its business plandepends to a large extent on developingbusiness in a number of new markets,which, in turn, requires specialist skillsnot widely available in the employmentmarket. Detailed people data coveringcurrent skills within the organisation,individual talent potential, and currentand forecast compensation is helping to lay the foundations for targeting an appropriate mix between thedevelopment of individuals internally to fill key roles, and the targeted use of external hiring.

Is measurement crucial if people are an organisation’s most critical asset? continued…

38


Figure 2: Example set of generic human capital metrics


Definition

Wealth Created per FTE (Profit After Tax – 10% Shareholders’ Equity) ÷ Total FTEs

Profit per FTE Profit Before Tax ÷ Total FTEs

Revenue per FTE Revenue ÷ Total FTEs

Cost per FTE Total Costs ÷ Total FTEs

Human Capital ROI Revenue – (Total Costs – (Compensation + Benefits)) ÷ (Compensation + Benefits)

Remuneration/Revenue (Compensation + Benefits) ÷ Total Revenue

Remuneration/Cost (Compensation + Benefits) ÷ Total Costs

Total Absence Rate All Absent Days ÷ FTE Workdays

Resignation Rate Resignations ÷ Headcount

Acceptance Rate Job Offers Accepted ÷ Job Offers Made

Cost per Hire External Recruiting Cost ÷ External Recruits

Training Hours per FTE Learning & Development Investment ÷ FTEs

Note: FTE = Full Time Equivalent, ROI = Return On Investment

Risk management

Greater transparency of people costs andHR data will help an organisation makeinformed business and strategy decisions,meet new reporting requirements and willbetter inform risk management.

Management’s job when scrutinisingcosts and seeking to enhance businessperformance is to do so while mitigatingrisk. The same people metrics applied to cost management and performanceimprovement can also be used toaddress business risks attributable to people, the HR function and HRpolicies and processes. After all, costmanagement, performance and riskmanagement are all inextricably linked.

Figure 3 illustrates the people/HR riskperspective and some of the questionsthat might be addressed by appropriatemetrics.

So where are people metricsgoing next?

Increasing regulation, pressure fromstakeholders and a growing awarenessthat there needs to be some substancebehind the assertion that people are an organisation’s most valuable asset,means that we will see an increase in thequantity and quality of people metrics

used and reported by organisations. The financial services sector is leadingthe way in this area, and some of themost sophisticated analyses so far have been undertaken by bankingorganisations. There is a rapidly growing pool of benchmark data,

so organisations are more easily able to assess their performance againstrelevant comparators. In addition, the amount of data available for trendanalysis is increasing all the time,allowing an organisation to see theimpact of any changes implemented.

39


Figure 3


Takeaction

Takeaction

Takeaction

Peoplerisk

These are the risks inherent in themanagement of people as a businessresource, given that an organisation is a collection of individuals.

For example: How do you make sure you have the right employees in yourorganisation capable of doing their jobs?

Risk in HRpolicies

andprocesses

These are the risks found in the employee-facing activities that HR delivers for the business.

For example: How do you make sure your recruitment process is effective?

Risk inthe HRfunction

These are the risks surrounding the day-to-day management and overalleffectiveness of the HR function.

For example: Are you able to extract the information you need from your HR systems?

40



by Mark Lutchen, James Chrispin and Peter Broshuis

41


Mark LutchenSenior Partner, IT Effectiveness, US


Peter BroshuisSenior Manager, IT Effectiveness,The Netherlands


James ChrispinDirector, Financial Services, UK


Background

Strong information technology (IT)competencies and capabilities are a competitive imperative. Few will disagree with this statement, but whatdoes it mean in practice? Does IT offer a business a competitive advantage ordoes it merely enable an organisation to compete on a level playing field? In addition, does having the best, mostadvanced technology always createcompetitive advantage and greater value, or is the advantage and valuecreated more as a direct result of howeffectively IT is actually managed? With such differing views, what is thecorrect approach to placing a value on IT services?

The desire to place a value on IT isnothing new and there can be very few IT investments that have not beenthrough a process of business casedevelopment and analysis, designed toclearly demonstrate that the new system will deliver significant value to theorganisation. In the past, business caseswere often based on the ability to saveheadcount, but have subsequentlyprogressed through increasingly moresophisticated analysis. Examining theReturn On Investment (ROI) from platform

rationalisation, increased revenue fromimproved customer data and greaterefficiency from the seamless integrationof systems are examples of the factorsthat are used to determine the value anew system will deliver. The one thingthat business cases have traditionally had in common is that once the systemhas been implemented, no-one ever goesback to check that they delivered theplanned benefits. In many cases, thenecessary metrics would have beenpulled together solely for the purposes of building the business case and are not subject to ongoing monitoring by thebusiness, thus rendering before and aftercomparisons impossible. Closed-loop‘benefits realisation’, related to IT efforts,although sought after by many, hasremained an elusive objective rather than an operationalised process withinmost organisations.

Assessment of the initial costs andbenefits of IT investments is only half the equation. There is also the ongoingIT operational expenditure, which has to be balanced against the businessbenefits delivered and, to be trulymeaningful, this balancing process must occur continuously over a period of time rather than at a single point intime. Organisations are getting better at

identifying the costs of delivering ITservices, but continue to struggle withdebates between IT management andbusiness users around the balance ofservice level, costs and value. In thisarticle we have examined some of theissues and suggested a number oftechniques for resolving the tensionsarising from a lack of transparency with respect to IT cost and value.

Drivers for proving the valueof IT

There has been an increasing interest in the transparency of IT costs andassessing the value that IT contributes to the business. Key drivers behind thisare the increasing level of spend on IT,both in absolute terms and as aproportion of total operating expense,and the uncertainty over the benefits that the business receives for its money.Consequently, it is necessary to holdrational discussions on the choicesavailable to the business and IT, and torecognise that in a dynamic environmentthis is not a one-off exercise. The reasonfor this is that changing business valueor costs impact on the optimum level for a given service. Hence, there is acontinuing need for IT investment torefresh the existing technology and

to sustain the competitive advantages of the business, and maintain as ‘efficient’an IT spend and mix of spend (i.e. capitaland ongoing operations) as possible.

By improved understanding of the areas in which IT delivers greatest valueto the business, it should be possible to focus the management of IT, moreappropriately, so as to realise the twinbenefits of reducing the costs to deliverservices and maximising the return to the business from value-adding,differentiating investments.

Challenges in IT valuemanagement

There are a number of challenges facing the valuation of IT’s contributionto the business, and as the followingobservations illustrate, the traditionallack of transparency serves toexacerbate the situation.

• IT has traditionally been regarded as an undifferentiated lump ofexpenditure that is accounted for in a way that is acceptable forfinancial reporting and recharged to the business in what some regard as an arbitrary fashion.

• From a business unit perspective, thelevel of recharges has not necessarilyreflected what they see as the fair

costs or contribution to businessvalue, the only advantage being thatthe approach is simple. However, itfrequently leaves a feeling of inequityand a negative view of the IT function.

• A number of alternative approaches to the valuation of IT have beendeveloped over the years. None isperfect and in some cases theyexhibit a degree of complexity that is counterproductive and serves only to raise suspicions that something is being hidden among the smoke and mirrors.

• Typically, business managementattention is only drawn to IT whenthey want something or when there is an operational problem. IT is notoften recognised as the ongoing, nondiscretionary expenditure it hasbecome, sustaining the viability ofvirtually all aspects of the business.

• A significant proportion of IT spenddoes not contribute to thedevelopment of strong informationtechnology capabilities. Levels ofwaste have been assessed by variouscommentators at up to 25% of totalbudgets. This ‘waste’ can also beconsidered ‘inefficient’ IT spend,primarily due to a lack of ability tocontinually rebalance the ‘mix’ ofcapital and ongoing operations

expense. Therefore, one key objectiveto increasing the value of IT is theidentification of waste and takingsteps to reduce or eliminate it;however, the elimination of waste is aseldom practised art. Again, this canbe a counterproductive exercise fromthe point of view of demonstrating thevalue of IT as cost-reduction exercisestend to be ad hoc and the resultsgenerally show how expensive andwasteful (or inefficient) IT was beforethe cost-reduction exercise.

• The value of IT is assessed byperception, due to lack of agreedvalue metrics. This has beencompounded by the IT industry in general, through a history ofoverpromising the benefits andunderplaying the costs and risks in their delivery. Consequently, it is oflittle surprise that surveys such as therecent PricewaterhouseCoopers/Economist Intelligence Unit survey frequently underline the poor perception among businessexecutives of the way in which IT contributes to their business1.

Further underlining these challenges, IT and business management havetended to see their respective roles andcontribution to the business differently.For example, IT has tended to focus onproviding a reliable and efficient service,

Management of IT value continued…

42


1 ‘From aspiration to achievement: improving performance in the financial services industry’, a survey of financial services organisations published by PricewaterhouseCoopers in association with the Economist Intelligence Unit. To download a copy please visit www.pwc.com/financialservices

offering cost-reduction opportunities as the means of increasing corporateperformance. Front line businessmanagers by contrast have preferred to focus on top line growth and it isthese differing points of view that haveon occasion contributed to problems in communicating the cost and value of IT services. As a result IT is frequentlyseen as an overhead and a cost to thebusiness, hence the tendency for a CIOto report to the CFO.

In the absence of a framework forvaluing IT’s contribution to the business,which is supported by both business andIT management, the personal credibilityof the CIO among business executivestakes on a disproportionate significance,and discussions centre on cost – indeed, the typical first actions of a new CIO are to reduce costs to establishpersonal credibility.

Methods of IT valuemanagement

The valuation of IT remains a difficultconcept to pin down and a number of definitions of value have been used. IT forms part of a business and there is an argument that says it should be run like a business, meaning thatfundamental business disciplines, usedsuccessfully and effectively elsewhere in the company, can be applied within

IT (e.g. management cost accounting,performance measurement, investmentportfolio management). The alternativeview is to assume that IT does not createvalue in itself, but enables or facilitatesthe business to realise value and shouldbe managed accordingly. Neitherapproach, taken independently of theother, has been found to be perfect.

Extending business valueapproaches into IT

Business value methods in generaldepend upon the business being a profitcentre, i.e. with both income and costs.While the trend is for IT to be regardedas more than a cost centre, it is nottypically run as a profit centre withmarket prices set in competition withother suppliers and taking its owndecisions on investment opportunities.However, certain characteristics of profit-oriented businesses can be appliedsuccessfully within an IT organisation.

The benefits from extending the business value methods used elsewhere in the business are that they provide consistency across the organisation and encourage IT management to run the business on a more commercial basis. A furtherimportant benefit is the behaviouralimpact within IT – the majority of staffprefer to enhance profitability or

business value than to focus on costreduction, albeit that cost managementis critical to improving profitability.

Business value methods that have been applied to IT valuation include:

• Pseudo profit centre where income is derived from charges levied on the business;

• Real options concepts to recognisethe differing contributions of currentoperations and future growthopportunities;

• Shareholder value derived methods to recognise the balance betweenbusiness growth, costs and risks; and

• Return On Investment (ROI).

While these methods improve the basisfor discussions between business and IT,they are not perfect and have a numberof major conceptual flaws.

• Application of business value methodsto IT in isolation is somewhat artificialas IT is not a discrete business thatstands alone from the rest of theorganisation, but is integral to theday-to-day business processes andoperations.

43


• Not all IT activities feed throughdirectly to the bottom line, but do somore indirectly through enabling thebusiness to realise their objectives.

• The IT asset management life-cycledoes not necessarily fit with thebusiness life-cycle. This reduces the use of business value methods in managing IT other than as asnapshot, such as at the time of M&A business valuation.

• ROI computations can be complicatedand are subject to further criticism as IT does not have full control overbusiness outcomes, future anticipated

benefits are not necessarily robust,and inter-dependencies betweeninvestment phases and otherinvestments or existing infrastructure,and by assumptions made such as those on the life and quantity of returns.

IT-focused valuationapproaches

IT-focused valuation methods start withinIT and have not always been closelylinked to the wider business. Methodshave been devised to address particularchallenges and each consultancy hasdevised their own particular slant.

The majority of approaches have stemmedfrom either providing assistance to thedevelopment of an IT strategy and thegeneral direction of IT’s contribution to the business or to the management of a proposed project portfolio. Theseapproaches have continued to develop,but no common framework has yetevolved. A variety of possible approachesis discussed in more detail below.

CMA model

CMA Canada and AICPA published amanagement accounting guideline inDecember 2004, which focuses onmeasuring the payoffs of IT investments


44


Corporateprofitability

IT strategy

IT structure

IT systems

Increaseproductivity

Time savings

Increasedcapacityutilisation

Improved quality

Direct costsavings

Channeloptimisation

Customeracquisition

Customerloyalty

Valuecapture

Externalenvironment

Corporatestrategy, structure

and systems

Resources

Leadership

Processes

Feedback loop

Outputs Outcomes

Figure 1: IT contribution model: Antecedents and consequences of IT success

Source: CMA Management Accounting Guideline

and introduces an IT contribution modelto provide a framework for assessing the value of IT to the business, throughthe separation of the immediate outputsfrom an IT investment from the businessoutcomes that it supports – in otherwords the approach recognises that the business benefits of much of ITinvestment are indirect.

Consultants also have strong theoreticalunderpinnings, though their approacheshave typically been devised to supportexecutive management requirements.They have followed the business cycle, supporting the leveraging of IT to create business value during times of investment and cost reduction during economic downturns.

While much can be gleaned from theseapproaches, they do not provide acomplete IT contribution framework.

Balanced scorecard

An alternative approach to theassessment of IT’s contribution to the business has been the balancedscorecard. This is one of the mostestablished formal performancemeasurement frameworks used inbusiness. It has the benefit that itrecognises that the contribution of IT

to the business is multi dimensional andits performance should be consideredfrom differing perspectives. An overallbusiness scorecard can be exploded togreater levels of graunularity enabling a fuller picture of IT’s contribution to thebusiness to be captured. However, oneof the difficulties of using the balancedscorecard approach is that it is rarelydriven to a granular enough level toeffect the specific behavioural changesnecessary to achieve a measurableimprovement in IT value.

The main challenges in implementing the scorecard across the business are restricting the number of metricsconsidered and identification of the most relevant to the business. However,the development of the strategy mapconcept has helped to give a structuredapproach to resolving these. A strategymap is used to identify the critical successfactors underlying the implementation of the business strategy, and thebalanced scorecard can then be derived to support the operationalising of the strategy.

Challenges with existing methods

While these approaches to themanagement of IT value have increasedunderstanding of the contribution IT

makes to business, there are otherchallenges that need to be considered.These include:

• Business strategy and value drivers(e.g. cost leader, operationalexcellence, customer intimacy,innovation);

• Alignment of IT with business;

• The maturity of IT capability;

• The governance of IT and its place in the organisation structure;

• The asset life-cycle (maintenance and replacement);

• Level of relevance and granularity of the analyses conducted;

• The lumpiness of capital expenditure;

• Financial structuring considerationssuch as VAT and Research andDevelopment tax credits;

• Cross-border considerations;

• Shared service centres; and

• Arrangements with third parties, including joint ventures and outsourcers.

45


What can we do now?

We noted earlier that the understandingand quantification of the contribution of IT to the business needs to beconsidered in a business-wide contextand cannot be undertaken in isolation.However, there are a number of actionsthat can be undertaken in the short-termto improve the contribution of IT to thebusiness, while a more comprehensiveframework is developed.

An underlying premise is that thereshould be active management of IT as abusiness, operating for, and accountableto, the business as a whole. This has led

on to the identification of fourimperatives for IT management: align ITto the business, maintain service quality,and provide effective and efficientdelivery of services. This structure may be thought of as a wheel withmanagement focus being given todifferent areas according to prioritiesfacing the organisation at that time. IT investments can then be mapped ontothis structure and can be considered tobe either protecting the value deliveredby IT or creating new business value.

Next we expand on this concept andoutline a number of ideas to improve the value of IT to the business.

Differentiating andcommodity expenditure

IT expenditure balances price, risk,business need and added value. Thespend represents a mix of IT servicedelivery and investment, and maximisingthe IT value requires a range ofcomplementary management techniques,based on this understanding.

For some items of spend, the service is needed, but it reflects the cost ofdoing business rather than helping the organisation sustain its competitiveposition. Such items of expenditure as cost drivers and price, dominate the


46


Alignment of ITwith the business

Efficient ITdelivery

Servicequality

Effective ITdelivery

Differentiating spend

Commodity spend

IT spend

Bus

ines

s b

enef

it

Expand use

Renovate

High

High

Low

Low

New investmentmade

New investmentimplemented and

fully working

Figure 2: IT management imperatives Figure 3: IT investment life-cycle for a differentiating investment

Source: PricewaterhouseCoopers Source: PricewaterhouseCoopers

procurement decision-making process.Examples of this commodity spendinclude business support services, suchas payroll, regulatory requirements anditems of standardised technology.

For other items, the procurementdecision is more discretionary and thebenefits must outweigh the costs andrisks. At its most value adding, suchspend enables the business todifferentiate its services and therebyprovide competitive advantage.

A further consideration is the impact of time. A one-off investment, whichprovides for business differentiation,loses its distinctiveness over time ascompetitors make similar investmentsand standardised technology solutionsare developed. In short, a differentiatingspend becomes a commodity spendover time.

Examples of past differentiatinginvestments that have now becomecommodity spend, include much of the infrastructure, such as desktopterminals, networks and supportapplications (e.g. payroll), whiledifferentiating spend is now typified by the development of new, well-focused applications as part of business unit-driven initiatives.

From the perspective of IT valuemanagement, the key points are:

• Clarity of business benefits, costs andrisks, are key to assessing the valuedelivered by IT. However, this is notalways straightforward as:

– Business benefits can be difficult to quantify (for example, businessrevenues are estimates which are not necessarily reliable);

– IT differentiating services may depend on IT commodityservices; and

– There are varying practices with IT cost allocation and recharges.

• There are different business drivers forthe IT commodity and differentiatingspend reflecting the benefits thatbusiness realises from the spend;

• Business benefits derived frominvestment in new technology tendsto move from differentiating tocommodity over time;

• However, certain commodity spendcan, if managed effectively, over thelife-cycle of that spend, be refreshedon a well-planned, periodic basis toprovide greater differentiation.However, the IT management/

leadership disciplines to accomplishthis are not technical ones. They arebusiness disciplines;

• There is significant uncertainty with new IT spend: IT portfoliomanagement is an area requiringattention; and

• A different management approach is required depending on the positionof the IT spend in the commodity/differentiating continuum and thisapproach needs to be modified overtime as the business drivers changeas shown in Figure 3.

Although this shows that determining IT’scontribution to a business is a complextask, there are also sufficient pointers to provide the basis for sensiblediscussions between business units andthe IT function. These can provide abasis for proactive management actionto be initiated to assess how IT’s value to the business can be enhanced.

As a first step, to determine theappropriate management approach for a given element of IT spend, it is necessary to disaggregate the ITexpenditure and this can be achievedthrough the development of an analyticalmodel to asses the items of major spendand major contributions to the business.

47


Disaggregation of IT spend

One approach is to start with the coststructure of the IT spend. This providestransparency of IT costs, clarity of costdrivers and ties in with rechargemechanisms where required.

One noteworthy aspect of this coststructure is that it separates out the IT functional management overheadsand the costs of communication withclients and suppliers (see Figure 4). Such a structure enables both thebusiness and IT to drill down to theappropriate detailed level of costs. It also strips out the ‘arbitrary’ allocation of overheads and providesimproved understanding of how ITresources and their costs are puttogether to provide a service to clients.This can also be used to clarify the cost drivers for delivering the service and the overall approach therebyfacilitates improved predictability offuture spend and can act as the basis of a ‘fairer’ recharge mechanism.

This structure also helps to highlight the focus of IT spend. Not only does this indicate where productivityimprovements will have the highestpayback, but it also illustrates thebalance of IT spend betweenmaintenance and operation of existingtechnology, compared to investment


48


Typical IT

spend

ing allo

cation

25%50%

25%

Suppliermanagement-related

costs

Application independentinfrastructure costs

Applications focusedoperations infrastructure

Transactionlevel costs

General IT managementcosts (includes

governance and R&D)

Service deliveryand quality

(IT operations)

Infrastructure and shared services – datacentre, telecommunications, desktop, email

Client relationshipmanagement

(internal and external)

Applicationmaintenance

Applicationdevelopment

Figure 4: A sample IT cost hierarchy

IT operations andmanagement base costs

Businessunit-independentIT initiatives

Businessunit-driven

IT costs

Corporate-wideinitiatives

Emergingtechnologies

Figure 5: Example business view


Source: CMA Management Accounting Guideline

in new areas. Typically, investment innew areas amounts to only around 30%of total IT spend – the area that providesthe best opportunity for improvingbusiness value.

Implications for management of IT

Differing management approaches are required, depending on where the IT spend lies in the commoditydifferentiation continuum.

For commodity constituents of IT spend, the key factors to be consideredare the service levels required, the riskappetite and the costs associated withdelivering the service within theseparameters. There are cost implicationsassociated with changing the parametersand both technology advances andcompeting service suppliers exert adownward pressure on the cost oftechnology supply.

For differentiating constituents of ITspend, the key factors are more varied.In addition to the factors that need to bemanaged for commodity spend thedifferentiating aspect of the service alsoneeds to be supported. Typically, thesedifferentiators will fall under one of thefollowing headings and can be brokendown to further levels of detail:

• Operational excellence;

• Innovation; and

• Customer intimacy.

Selection of optimum service levels

In considering the balance between theservice levels and the associated costs,and the value that these deliver to thebusiness, an alternative model is todetermine the range of acceptableoptions and then for IT and the businessto agree the preferred choice.

This model begins by recognising thatthere is a level of baseline infrastructurecost just to ‘be in business’. There is a choice over the level of service to be provided, but the cost of deliveringhigher service levels rises. While the first increases in service levels can give a much improved value to the business,the law of diminishing returns sets in andeventually the incremental increase inbusiness value is less than the incrementalincrease in costs. This is mapped out in Figure 6.

The shaded area on the diagramrepresents the combination of servicecosts and business value, where the

49


Min Max

Service level

Service costs

Business value

Baseline infrastructure cost

£ ’000

Figure 6: Balancing business value with service costs


business value exceeds the costs. This diagram helps to show where themaximum and minimum service levelsshould be set.

This simple concept can be used to frame discussions on the choicesavailable to the business and IT, and to begin to recognise the impact of changing business value or costs onthe optimum service level to be provided. It is also possible to expand this conceptinto linear programming, so as to be able to consider the impact of otherconstraints, such as limited resources on the optimum service levels.

By focusing on the areas in which ITdelivers greatest value to the business, it should be possible to focus ITinvestments more appropriately so as to have the twin benefits of reducing thecosts to deliver services and maximisingthe return to the business from value-adding, differentiating investments.

There are various pieces of research inthis area, which show that this typicallyleads to an increase in the proportion of new investment to IT operatingexpenses, while reducing the overallspend. While the numbers are onlyindicative, the research suggests that ITinvestment increases from 25% towards50% of total IT spend, while overall

spend can fall by up to 20% – in otherwords, some of the savings from reducedIT operations are used to fund additionalinvestment and the lower overall level of ‘fixed’ IT operating costs gives moreflexibility to the management of IT. This remixing of capital and operationsexpense within IT is crucial to ensuringthat IT spend, overall, remains focusedon, and relevant to, always deliveringvalue to the business.

Conclusion

It is clear that there is no panacea or all-encompassing solution that satisfiesthe criteria for determining the value ofIT. There are quantitative techniques thatenable us to define the raw numbers.However, this is not the full story, asthere are other, often qualitative factors,such as the culture of the organisationand communication between IT andbusiness managers, which needs to be taken into account.

However, the law of diminishing returnsapplies and it is important to avoidgetting into a loop of paralysis throughanalysis, where too much data iscollected in regard to functions thatprovide commoditised undifferentiatedservices. Gathering and analysingdetailed information across all functionsmay not always be a worthwhile

exercise. Prioritisation is key to obtainingthe greatest return for the effort expended.Pareto’s Law does hold true with respectto IT spend, as it does concerning otherareas of the business.

As we have indicated in this article, tools and techniques exist to support the value management of IT. The art is in effectively using those tools withinthe context of a given organisation to getbehind the raw numbers: a ‘one-size-fits-all’ solution is unlikely to be successful.

You will never be able to achievetransparency, and hence build trustbetween IT and business units, if you do not collect and effectively analyse the underlying raw numbers in the firstplace! That is the first and mostimportant step towards the managementof IT value.


50


51


52


Fair value and financial instruments– developments and challenges

by Doug Summa, Mark Batten and Matthew Falconer

53


Doug SummaPartner, Client Services, US


Matthew FalconerSenior Manager, Financial Services, UK


Mark BattenDirector, Financial Services, UK


The effects of recent developments inaccounting frameworks concerning theuse of fair value measures are being feltfar more broadly than just within theaccounting policy departments offinancial services organisations.

Standard setters in both Europe and the US have endorsed the use of fair value accounting for financialinstruments. As these frameworks for fair value are applied, focus is moving from the technical accountingissues to the broader business andcontrol implications.

This article explores the practicalconsequences of these changes, in particular the impact on controlframeworks.

Recent developments

The International Accounting StandardsBoards’ (IASB) has amended the fairvalue option under IAS 39 (June 2005) toreflect stakeholder concerns over the fairvaluing of liabilities, and the US standardsetter (Financial Accounting StandardsBoard or ‘FASB’) is in the midst of aproject on fair value accounting. Thisproject will deliver new guidance on fairvalue measurement, impact on concepts

such as Day One revenue recognition and provide further prescriptivedisclosure requirements regarding the source of valuation data.

As the focus increases and theframework continues to develop,regulators, industry groups and otherscontribute to the debate. Boards andmanagement, shareholders, regulators,analysts and beyond, are now far moreaware of the importance and impact of these financial accounting conceptsand are beginning to respond.

Group of Thirty (G30)

The work of the G30 during 2003, under the banner ‘Enhancing PublicConfidence in Financial Reporting’,contributed to the debate on the use of fair value measurement for financialinstruments. The work provides guidanceto market participants by way of bestpractice statements for the controls over valuation of financial instrumentsagainst which organisations canbenchmark standards and identify gaps.While at first glance an organisation may feel that it meets the standards set out, a more detailed review willtypically identify shortcomings and areas for improvement.

The work of the G30 has served to raise the profile of the issues at hand and has provided an opportunity tocommunicate to wider stakeholders the depth and quality of the controlenvironment typically found in financialservices institutions.

Regulators

A recent consultation paper from the Basel Committee on BankingSupervision sets out draft guidance for regulators concerning the prudentialsupervision of banks’ use of the fairvalue option. Although the detail may change, the message is clear;supervisors are focused on theimportance of fair value and will consider risk management and controlpractices related to the use of fair valueswhen assessing regulatory capital. The draft guidance references the G30 best practices.

Analysts

Complex accounting matters such as DayOne profit recognition are increasingly thefocus of those outside of finance teams.

Equity research analysts are taking ever-greater notice of such rules. Recent comment considers the impacton reported results and stock prices inthe sector, with focus on the potential for hidden upside in results as anoutcome of such rules and a call forgreater disclosure. With this increasedlevel of awareness, organisations need to be clear in their interpretations, andsenior management and boards must be well informed as to the impact of such concepts. Finance directors willwant to be prepared for questions from analysts, boards, audit committeesand shareholders.

Market developments

New sources of data to support financial instrument valuation havedeveloped. Consensus pricing servicesare offered by independent organisationswho collate instrument pricing data from financial institutions and feed the averaged data back to those thatcontributed. New sources of prices have also been established over recentyears in the form of new markets forproducts. A good example of thisphenomenon is the development of the iTraxx credit indices, which provideliquidity and price availability in thestructured credit markets.

The practical challenges

Against this background organisationsare asking themselves new questionswith regard to the application of fairvalue accounting:

• Is the interpretation of the accountingrules clear, communicated to therelevant users and correctly andconsistently applied across all parts of the business and products?

• How can we be comfortable that thevaluations used are appropriate andthat data underpinning thesevaluations is accurate and relevant?

• Can our compliance with theaccounting rules be effectivelyevidenced?

• How sensitive are reported results tofair value measures, particularly wherejudgement is involved?

These questions can be difficult toanswer; fair value practices havesometimes developed in business linesilos, influenced by market conventionand established practice rather thanexplicit reference to accounting rules.Controllers whose main focus is profitand loss analysis may not concentrate on the application of accountingconcepts to those businesses for which they are responsible.

Reporting to senior stakeholders canoften be disjointed or so detailed thatthey are unable to adequately monitorthe application of fair value on an organisation-wide basis.

In response to these challenges, leadingorganisations are now focused onensuring a robust control environmentaround the use of fair values.

Getting the control environment right

The G30 work highlights key features of an appropriate environment:

• Governance – A clear governancestructure should be in place withappropriate segregation of duties. Thisstructure ensures issues are escalatedand appropriate risk management isperformed. The governance structurealso ensures senior management totake responsibility for the oversightand control of fair value;

• Control – Sufficient controls need tobe established over risk limits, modelverification and control (see Figure 1),approval of financial instrumentstraded and complex transactionreviews. All of the controls should be documented; and

Fair value and financial instruments continued...

54


• Price verification – Institutions shouldengage in rigorous price verificationexercises at least monthly. This review should also consider valuationadjustments used.

While many components of a good fair value control environment areaccepted and understood, there areareas where practical implementationhas proved difficult.

Model control and validation

Documentation and maintenance of anup-to-date model inventory and ensuringall changes to models are adequatelyreviewed and applied consistentlyremains a challenge. Questions oftenarise over ownership of the modelinventory within the institution (who isbest placed to monitor the inventory and suggest updates), and the process of updating and reviewing changes tomodels. Responsibility for identifyingwhen a model needs updating is difficultsince typically, front-office staff are bestplaced to pick this up first.

Organisations that have succeeded inthis area have developed a commonstandard for all models. Controls areestablished to ensure changes to modelsare only made once properly approved.In addition, dedicated groups have beenestablished to review models in use.

55


Figure 1: The fair value model control environment


Over-the-counter derivatives often require the use of a financial model in order to helpdetermine a relevant fair value. Such models take static data (deal terms, counterpartyinformation) and market data (observable or unobservable) relating to a specific financialinstrument to generate a valuation for that instrument.

The control attributes that support this process include the following:

• Models are developed on a secure platform and are tested by independent partieswithin the institution to ensure they are calibrated to market and achieve their stated objectives;

• Product and model inventories are maintained to allow management to control the products traded and the models they are traded on;

• An independent party checks the inputs to the model to independent sources to validate the marks made. Where reserves or valuation adjustments are requiredthey are calculated in accordance with set policies, consistently; and

• The controls above and the output from them are documented and maintained. Key findings are documented and reported to senior management.

Observable market data

Static data

Independent price validationReserving policy

Documentation

Product inventoryModel inventory

System environmentModel implementation

and reviewCalibration

Unobservable market data

Mark-to-model valuation

Risk sensitivitiesModel

Consistency of application

Where organisations are run on abusiness line model, decisions can often be made in isolation of the otherbusiness lines. Management need amethodology for ensuring consistency of approach across business lines. Such inconsistency can come in the form of disagreements over theapplication of the rules or in fair value measurement itself.

Many institutions have dealt with thischallenge by establishing separatevaluation groups within finance tospecifically perform monitoringprocedures. Common policies andprocedures have been established by management and these groups have been charged with ensuringcompliance with these policies.

People

The requirements of the fair valueaccounting framework and the effort required to maintain a robustcontrol environment, coupled with ever-increasing product complexity has placed new demands on financial controllers.

For management to be confident that thevaluations are appropriate, organisationsmust invest in sufficient, competentresources, which are motivated to deliver the correct accounting result. To meet this standard institutions havehad to focus on:

• Quantity – institutions have hired more accountants and controllers to adequately cope with theincreasing complexity of corporategovernance needs. In addition furtherquantitative resource has been hiredto deliver development in models and model control;

• Specialisation – increased complexitymeans increased requirements interms of knowledge and experience of relevant resources; and

• Reporting lines – for organisations to achieve best results they mustcarefully consider where to locate key resource. The balance to beachieved is to ensure ownership and responsibility while alsomaintaining independence of thefunctions concerned.

The Day One challenge – a case study

A good example of the practical impactsof a fair value accounting framework can be seen in the application of the Day One profit recognition rules – one ofthe biggest financial reporting challengesfor investment banks in recent years.

In the past, almost all trading institutionswould determine their best estimate offair value on the day a transaction wasentered into and would recognise thedifference between this fair value and the consideration in the incomestatement as their Day One profit. This amount is effectively the trader’smargin; the difference between what they sold the contract for and what theydetermine the value of the contract is to them. As a result of relatively recentchanges in both International FinancialReporting Standards (IFRS) and USGAAP, if this profit cannot be evidencedby reference to market-based observabledata it cannot be recognised as profit in the accounts.

This has had a significant impact onfinancial services institutions. As well as potentially deferring profits that once


56


would have been recognised upfront, it has also caused a number of controland resource challenges, including:

• Enhancement of controls to captureand track Day One profits;

• Documentation of new policies and procedures;

• Addition to headcount to performanalysis of trades affected; and

• Investment in senior and experiencedresource.

There are a number of key issues thatdifferent areas within an institution needto ensure are addressed. These arehighlighted in Figure 2.

Application to all institutions

Some of these practical challenges aremost relevant to the larger investmentbanks. However, this does not meanother organisations do not have torespond to the challenges created by the fair value framework. The lessonslearned and practical challenges arising

are relevant to some extent to allinstitutions that opt or are required tocarry financial instruments at fair value.

For smaller institutions or thoseorganisations that only deal in a smallnumber of financial instruments, a furtherchallenge exists to create and develop a fair value environment thatencapsulates the appropriate controlsand processes for their level of activity.This challenge can be as difficult astrying to develop a large sophisticatedfair value control environment.

57


Organisation

Finance

Front office

Seniormanagement Shareholders

Risk/productcontrol

Figure 2: The practical impacts of the Day One challenge


Finance

• Responsibility for fair values incorporated into thefinancial statements

• Measurement and disclosure in compliance with GAAP

Risk/product control

• Rigorous analysis of Day One profits

• Data capture and reconciliations

• Reporting and consistency

Shareholders

• Senior management need to consider theimpact on earnings and therefore analystsand shareholders

Senior management

• Consider Day One control process

• Adequate resource/experience

• Reserving policies includingapproach to amortisation of Day One profits

Front office

• Responsible for marking book

• Impact on trader remuneration

• Product development

• Effort and cost of proving observability

Beyond accounting

In the current environment, accountingaccuracy and compliance is paramount.Guidance is developing fast anddisclosure requirements are growing.Growth in the breadth, complexity andusage of financial instruments meansthat the accounting and controlchallenges will not disappear, even if and when the accounting platformbecomes stable.

Senior management in all financialservices organisations must askthemselves whether they understand the sensitivity of reported results to fair value estimates and whether they are comfortable with the controlenvironment in this regard.

As the level of activity by standard setters,regulators and other commentatorsshows, fair value can no longer be viewedas a purely technical concept, best left to accounting technicians.


58



Contact details

Editor-in-chief Editor

Chris LucasChairman, Global Banking & Capital Markets Executive Team


Darren MeekPartner, Banking & Capital Markets, UK


Strategic reputation management: managing reputation risk and value in financial services institutions

Carlo di FlorioDirector, Financial Services, US


Fernando de la MoraDirector, Financial Services, US


Dietmar SerbéeDirector, Financial Services, US



Bruce WeatherillGlobal Private Banking/Wealth Management Leader


Rolf BirrerPartner, Private Banking/Wealth Management, Switzerland


Justin OngPartner, Wealth Management Practice,Singapore


John MastersPartner, Asia Financial Services Tax Leader


Tax risk management

Larry QuimbyPartner, Industry Services Group, US


Sarah PriorDirector, Tax, Banking & Capital Markets, UK



Christopher BoxSenior Manager, Human ResourcesServices Financial Services, UK


Luan FoxPartner, Global Human Resources ServicesFinancial Services, US


Ron CollardPartner, Human Resources ServicesFinancial Services, UK



Mark LutchenSenior Partner, IT Effectiveness, US


Peter BroshuisSenior Manager, IT Effectiveness, The Netherlands


James ChrispinDirector, Financial Services, UK



Contact details continued…


Fair value and financial instruments – developments and challenges

Doug SummaPartner, Client Services, US

Tel: 1 646 471 85 96Email: [email protected]

Matthew FalconerSenior Manager, Financial Services, UK


Mark BattenDirector, Financial Services, UK


The journal is supported by the Global Banking and Capital Markets Executive Team

Chris LucasChairman, Global Banking and Capital Markets Executive Team


Richard Collier


Rahoul Chowdry


Nigel Vooght


PricewaterhouseCoopers (www.pwc.com) provides industry-focused assurance, tax and advisory services for public and private clients. More than 120,000 people in 144 countries connect their thinking, experience and solutions to build public trust and enhance value for clients and their stakeholders.

‘PricewaterhouseCoopers’ refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity.

The banking and capital markets journal is produced to address key issues affecting the banking and capital markets industry. If you would like any of your colleaguesadded to the mailing list, or if you do not wish to receive further editions, please write, fax or e-mail: Carly Taylor, PricewaterhouseCoopers, Southwark Towers,32 London Bridge Street, London SE1 9SY. Fax number: (44) 20 7212 4152 E-mail: [email protected]

© 2005 PricewaterhouseCoopers LLP. All rights reserved. ‘PricewaterhouseCoopers’ refers to PricewaterhouseCoopers LLP (a limited liability partnership in the UnitedKingdom) or, as the context requires, other member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity.Designed by studio ec4 17725 (11/05)

www.pwc.com

the journal - PwC · PDF filebe crucial’ argues Ron Collard, Luan Fox and Christopher...

Documents

Transcript of the journal - PwC · PDF filebe crucial’ argues Ron Collard, Luan Fox and Christopher...