Risk management weaknesses at finance firms persist - EIU survey

Many of the flaws in risk management at banks and insurers that precipitated the global financial crisis remain unaddressed even as new dangers have emerged, according to research from the Economist Intelligence Unit.

The report, sponsored by SAS and based on a survey of 346 financial sector risk managers, reveals that most have made significant progress since the crisis to strengthen their risk capabilities.

Discussions about risk have become a key part of the boardroom agenda, chief risk officers now have a prominent seat at the top table and there is renewed zeal for instilling a greater awareness of principles in the front office, the so-called first line of defence.

However, inadequacies in expertise, data quality and processes remain a worry. The enthusiasm for a large-scale overhaul of risk management has created personnel shortages as firms and regulators scramble to acquire suitable expertise.

Around 40% of respondents says they do not conduct regular updates or have a clear risk strategy in place. Meanwhile, less than one-half of respondents are confident that they understand the interaction of risks across business lines, and poor communication between departments is seen as a key barrier to effective risk management.

In addition, the focus on regulatory compliance could distract attention from emerging risks, says the report. Respondents to the survey highlight uncertainty over future regulation as the main barrier to effective risk management. There is a danger that the focus on compliance could be crowding out day-to-day risk management.

Risk managers recognize that data quality and availability need to improve but collecting, storing and aggregating data is an area of weakness for many firms, with only 39% of respondents believing that they are effective at these activities.

Abhik Sen, report editor, says: "When it comes to managing risk, banks and insurers are clearly keen to raise their game. But the research shows that improvements have not yet gone far enough to reassure everyone about their capacity to protect themselves and others from a catastrophe like the financial crisis."

The global recession appears to have sparked a spending splurge, with the top 100 financial institutions set to spend over $100 billion a year implementing risk governance frameworks by 2012 - more than double the 2006 figure - according to recent research from business advisory firm Deloitte.

Royal Bank of Scotland's cheque system falls because of EDS mainframe failure

The Royal Bank of Scotland's cheque clearing system fell over on the 15th December after a massive mainframe failure at HP Enterprise Services (formally EDS).

An IBM Z10 at HP Enterprise Services's site in Stockley Park, near London apparently failed because microcode fixes had not been applied. The vendor's disaster recovery plan saw processes switched to an IBM Z10 in Mitcheldean, Gloucestershire, but this machine also failed to work, according to a report in UK technical journal. “The Register”.

The problem affected several large customers, including RBS, which saw its cheque clearing system go down for at least 12 hours, causing a huge backlog, says the Register, citing "insiders".

EDS was acquired in a $13.9 billion deal last year by HP, which promptly revealed plans to axe over 24,000 jobs worldwide.

According to “The Register” the Stockley Park hardware team, who would have made the microcode fixes, have all been made redundant, with a similar problem facing the Mitcheldean site.

How to Fit a Password - Learn about the Most Popular Passwords on the Internet

A fascinating view of a total lack of security consciousness. You need to read this article in the Ecommerce Journal. Access it by clicking on the article title below.

How to fit a password, learn about the most popular passwords on the Internet Ecommerce Journal

Posted using ShareThis

Risk Management - Focus on Fraud

CITADEL ADVANTAGE is presenting a 2-day intensive training course on Fraud within the context of Operations Risk Management in Madrid, Spain on the 22 & 23 February 2010.

Fraud can be extremely difficult to detect and studies show that most fraud occurs from or through trusted insiders. How aware are you or employees of fraud? Do they have a clear understanding of the role they play in detecting fraud? Do they understand you organization’s fraud policies and procedures?

“Risk Management - Focus on Fraud” is a 2-day intensive course on fraud and how it presents huge challenges for banks, requiring them to radically modify behavior and increase their vigilance in many of the traditional risks associated with banking activities.

Can your bank or organization cope with fraud? In fact could you even identify a fraud in your working environment? Are you maximizing your staffs’ potential to reduce fraud and error in your systems?

A major by-product of the financial crisis was the number of frauds which have come to light – frauds that had been running for years.

Don't miss this opportunity to ensure that you and your staff are able to understand fraud and its ramifications.
WHAT THIS COURSE COVERS
What you and your staff will gain from this course

• Understanding the Human Dynamic – Greed and Fraud
• Understand and identify the key Fraud indicators and Red Flags
• Understanding Operational Risk – in the context of Fraud
• Positioning the organization to successfully manage the ever-present Fraud problem.
• Successful approaches to identifying and mitigating Fraud

WHO SHOULD ATTEND?
• Senior Bank Executives
• Risk Managers
• Operations Managers
• Internal and External Auditors
• Operations Officers
• Business Managers
• Compliance Officers
• I.T. applications providers serving financial institutions
• Consultants and professionals serving the financial services industry.

For more details including a fully descriptive course brochure e-mail us at courses@citadeladvantage.com today. Please indicate FRAUD-MADRID in the subject line.

Sins of the Risk Managers

Have risk managers really been doing their jobs properly? According to many they certainly have not. I came across this interesting item on the sum2llc Blog. It is certainly worth a read.

Click on the post title or the link below.
http://sum2llc.wordpress.com/2009/09/28/day-of-atonement-al-chet-for-risk-managers/

Risk Management in a Post-Financial Crisis World

By Stanley Epstein – Principal Associate at Citadel Advantage


One thing that the financial meltdown has show in crystal clear relief is that among the many contributing factors, there can be no doubt that Risk Management didn’t adequately manage risk. Why this was so is going to be the subject of much debate in the coming months and years. Were Risk Managers constrained by the executive suite who wouldn’t hear the warnings, or were Risk Managers not answering or not even able to answer the basic questions of their trade? Whatever the reason the profession of Risk Management has some deep soul-searching to do.

Now, all of a sudden, that the economies of many countries, not to mention the banking industry, is in tatters, we have dozens of articles and blogs all bemoaning the state of risk management and what we need to do to get everything right again; as if there is some elixir, or some magic wand that will put it all right.

All these blogs and articles are pounding away on the same old drum; all are documenting how badly everyone has done in managing risk and all are extolling bank boards, senior management, regulators and rating agencies to do better next time.

Where were all these authors and bloggers in the good times? Where were they in the heady days prior to the summer of 2007 when the banks and the rest of the financial industry was gaily acting if the only way forward was “up”; when the “old” economy had been declared dead as a dodo and the mantra of the “new economy” was “profits”, “bonuses” and “innovation”. Like the “old economy”, “risk” in all its forms had, by the invocation of all the new hedging and derivative strategies been declared dead too.

True there were some (all too few) who sounded dire warnings of where this was going to end – but who wants a Jonah in their midst when there is a never-ending beach party on the go?

As a professional risk management practitioner and trainer I really feel aggrieved with all the soul searching and hand wringing going on at the moment. Tell me please where all these new risk averse converts have come from? Where were they when they were really needed?

Now that the party is finally over it is time to do things properly. Risk management in the first decade of the 21st century failed miserably. The tone at the top was rotten, whether in the banks or the regulatory agencies or the risk raters themselves. And this rot permeated all the way down to the bottom of the pile.

What were the failures?

The failure to measure risk – risk models were misused, misspecified and most of all misunderstood.

The failure in training – bank boards and regulators were not adequately instructed in what “risk” really meant. Bank staff was only trained in the three P’s – Product, Performance and Profit. Issues like risk concentration, scenario planning, operational failures were only concepts that made one sound intelligent. Worst of all – risk management costs money and of course “unjustified costs” are the bane of every diligent (but not prudent) banker.

The failure to mitigate risk – without understanding risk it cannot truly be measured and without measurement it cannot be mitigated. These factors are interconnected. The one leads to the other.

Enough of this hand wringing! We all know where the blame lies. What is needed now is some courageous risk managers who will roll up their sleeves and get the job done – properly this time.