Pages

Saturday, 15 August 2009

Risk Management in a Post-Financial Crisis World

By Stanley Epstein – Principal Associate at Citadel Advantage


One thing that the financial meltdown has show in crystal clear relief is that among the many contributing factors, there can be no doubt that Risk Management didn’t adequately manage risk. Why this was so is going to be the subject of much debate in the coming months and years. Were Risk Managers constrained by the executive suite who wouldn’t hear the warnings, or were Risk Managers not answering or not even able to answer the basic questions of their trade? Whatever the reason the profession of Risk Management has some deep soul-searching to do.

Now, all of a sudden, that the economies of many countries, not to mention the banking industry, is in tatters, we have dozens of articles and blogs all bemoaning the state of risk management and what we need to do to get everything right again; as if there is some elixir, or some magic wand that will put it all right.

All these blogs and articles are pounding away on the same old drum; all are documenting how badly everyone has done in managing risk and all are extolling bank boards, senior management, regulators and rating agencies to do better next time.

Where were all these authors and bloggers in the good times? Where were they in the heady days prior to the summer of 2007 when the banks and the rest of the financial industry was gaily acting if the only way forward was “up”; when the “old” economy had been declared dead as a dodo and the mantra of the “new economy” was “profits”, “bonuses” and “innovation”. Like the “old economy”, “risk” in all its forms had, by the invocation of all the new hedging and derivative strategies been declared dead too.

True there were some (all too few) who sounded dire warnings of where this was going to end – but who wants a Jonah in their midst when there is a never-ending beach party on the go?

As a professional risk management practitioner and trainer I really feel aggrieved with all the soul searching and hand wringing going on at the moment. Tell me please where all these new risk averse converts have come from? Where were they when they were really needed?

Now that the party is finally over it is time to do things properly. Risk management in the first decade of the 21st century failed miserably. The tone at the top was rotten, whether in the banks or the regulatory agencies or the risk raters themselves. And this rot permeated all the way down to the bottom of the pile.

What were the failures?

The failure to measure risk – risk models were misused, misspecified and most of all misunderstood.

The failure in training – bank boards and regulators were not adequately instructed in what “risk” really meant. Bank staff was only trained in the three P’s – Product, Performance and Profit. Issues like risk concentration, scenario planning, operational failures were only concepts that made one sound intelligent. Worst of all – risk management costs money and of course “unjustified costs” are the bane of every diligent (but not prudent) banker.

The failure to mitigate risk – without understanding risk it cannot truly be measured and without measurement it cannot be mitigated. These factors are interconnected. The one leads to the other.

Enough of this hand wringing! We all know where the blame lies. What is needed now is some courageous risk managers who will roll up their sleeves and get the job done – properly this time.