Liquidity and Wholesale Payments

The global financial crisis has yet again focused minds on the need for banks to provide their corporate customers with liquidity and risk management solutions. Additionally, while regulatory measures such as the Single Euro Payments Area (SEPA) and anti-money laundering (AML) legislation require the continuing transformation and investment in wholesale payments, the financial crisis means that heightened cost management is now a critical necessity. The industry has begun to question whether managing these conflicting requirements implies the need for a new approach to wholesale payments technology.

Datamonitor sponsored by ACI Worldwide and IBM, has just published a report that looks at business and technology responses in wholesale payments to the post-financial crisis landscape, and assesses whether a service-oriented architecture (SOA) approach could help to meet these challenges.

Their main findings are;

• Despite the global financial crisis, increasing compliance and customer requirements will continue to drive the need to change wholesale payments.
• Delivering both efficiency and innovation will require the convergence of so-called “siloed” payments operations and processes.
• The underlying IT platforms will need to support process standardization and simplification while achieving efficiency at the same time.
• The SOA approach can enable this change by facilitating extensibility and providing operational leverage while controlling costs.
  

To download the full Datamonitor report go to:
http://www.aciworldwide.com/downloads/PreparingWholesalePaymentsforthePost-FinancialCrisis.pdf

The Nigerian 419 scam

A fascinating insight into the 419 scammers as they ply their trade. This is a picture that one doesn’t normally see. Read it on the Washington Post's website

http://www.washingtonpost.com/wp-dyn/content/article/2009/08/06/AR2009080603764.html?wpisrc=newsletter&wpisrc=newsletter&wpisrc=newsletter

New South African fraud exposed

A major area of operations risk is in the areas of fraud. From Johannesburg comes the news that South Africa is currently in the midst of what some are describing as a fraud pandemic. At its epicentre is the Companies and Intellectual Property Registration Office (CIPRO). Over the past two years corrupt officials at CIPRO, acting with seeming impunity, have facilitated hundreds if not thousands of scams which have hit the South African Revenue Service (SARS), a number of prominent companies, and hundreds of smaller private businesses. Just two weeks it was reported how in 2008 duplicates of Sun Microsystems South Africa Pty Ltd and SBC International Management Services were fraudulently registered as companies on CIPRO. Bank accounts were set up in these counterfeit companies' names. R51million (USD 6.4 million) in tax refunds from SARS, due to the legitimate companies, were then diverted into the counterfeit's accounts.

An investigation has revealed that this CIPRO based scam was just the tip the iceberg. Counterfeit companies are being fraudulently registered through CIPRO, on an ongoing daily basis, to facilitate cheque and other forms of fraud. No proper due diligence is being done. Over the past two years the directors of several prominent companies have also been fraudulently deregistered, and new directors inserted. Again, the intention is to facilitate fraud of one kind or another.

For more details visit: http://www.politicsweb.co.za/politicsweb/view/politicsweb/en/page71619?oid=138904&sn=Detail

For a transcript of a discussion or to listen to a recoding on South Africa’s MONEYWEB radio please go to: http://www.moneyweb.co.za/mw/view/mw/en/page295799?oid=309657&sn=2009%20Detail&pid=287226

Panelists in the discussion includes David Alexander (who is a guest expert in our “RISK MANAGEMENT - CASE STUDIES FROM THE 2008 CRISIS” course in Johannesburg).

Automatic computer updates – How safe are they?

Automatic updates to our computers are taken for granted. But have you ever stopped to thing that there could be something really sinister lurking in the background? You just have to read this though provoking article to make you think again. Read it at http://blogs.techrepublic.com.com/security/?p=2056&tag=nl.e036

Any comments? Would be interesting to hear them.

Operational Risk

The Basel Committee has just published two new papers on operational risk which cover the results from the “2008 Loss Data Collection Exercise”. The 2008 Loss Data Collection Exercise (LDCE) is the first international LDCE to collect information on all four data elements that are used in the Advanced Measurement Approach (AMA) for operational risk in the Basel II Framework - internal loss data, external loss data, scenario analysis and business environment and internal control factors (BEICFs). The 2008 LDCE was conducted for the Basel Committee on Banking Supervision by the Operational Risk Subgroup of the Standards Implementation Group.

The results are covered in two papers. The first, “Results from the 2008 Loss Data Collection Exercise for operational risk”, focuses on internal loss data and scenario analysis as well as on operational risk capital. The second paper, “Observed range of practice in key elements of Advanced Measurement Approaches (AMA)”, covers external loss data and BEICFs as well as the observed range of practice in banks employing the AMA for operational risk.

The results provide a unique opportunity to assess operational risk data and practices across regions, thus furthering the goal of promoting consistency in implementation of the Basel II Accord. The findings also present an opportunity for banking institutions to compare their operational risk management frameworks with those of other institutions and to identify potential areas for improvement.

Here are some of the main findings of the first paper:

• Overall, banks have made considerable progress in the collection and use of internal loss data since the previous international LDCE, conducted in 2002.
• The frequency of internal losses of €20,000 or more varies significantly across regions when the data are scaled by various exposure indicators.
• Despite the regional variation in loss frequency noted above, there is some consistency in the severity distribution of operational losses across regions.
• Most banks' scenario data extends the tail of the loss distribution beyond the point at which they have experienced internal losses. At many banks, the number of large scenarios greater than €10 million is approximately 20 times larger than the number of internal losses that are greater than this amount.
• Although the number of large scenarios significantly exceeds the number of large internal losses, the frequency of large losses implied by scenarios and internal data are broadly consistent among AMA banks.
• AMA banks have a higher frequency of internal losses greater than €100,000 than non-AMA banks, even when the data are scaled by exposure indicators. Some of this difference may be explained by the fact that AMA banks generally are larger, more complex banks with more mature processes for collecting loss data.
• Operational risk capital for non-AMA banks is higher than for AMA banks, regardless of the exposure indicator used for scaling. For the typical AMA bank, the ratio of operational risk capital to gross income (10.8%) is significantly below the alpha for the Basic Indicator Approach (BIA) (15%) and also below the range of betas for the Standardised Approach (TSA) (12% - 18%). Also, the amount of capital relative to the frequency of large losses is generally higher at non-AMA banks than at AMA banks.
  

The Observed range of practice (ROP) paper updates a 2006 report of the same name. In framing the discussion of observed practice in the measurement and management of operational risk, the update:

• Identifies both emerging effective practices as well as practices that are inconsistent with supervisory expectations;
• Highlights supervisory issues encountered in the supervisory reviews of operational risk, whether related to governance, data or modelling; and
• Provides a resource for both banks and national supervisors to use in their respective implementation processes, and ongoing development and monitoring of AMA frameworks.
  

The Basel II Framework envisions that, over time, the operational risk discipline will mature and converge towards a narrower band of effective risk management and risk measurement practices. Understanding the current range of observed operational risk management and measurement practices, both within and across geographic regions, contributes significantly to the efforts to establish consistent supervisory expectations. Through the analysis of existing practices, the Basel Committee is better able to promote the maturation of operational risk practices and support supervisors in developing more consistent regulatory expectations. The ROP paper therefore provides supervisors with an opportunity to engage individual banks in discussions of their operational risk management and measurement practices relative to their peers in domestic and international markets.

The ROP paper does not purport to define best practices. However, in the course of cataloguing and updating the range of observed practice, it is reasonable to expect the Basel Committee to begin identifying practices that might fall outside the range of what supervisors consider acceptable and to highlight effective and sound operational risk practices.
The observations in the ROP paper do not constitute new rules or revisions to the Basel II Framework. Neither does the content reduce or supersede the discretion of national supervisors to act in a manner that is consistent with their particular regulatory approaches. As a result, actions taken by Basel Committee members in response to the observations in this report may vary due to cross-jurisdictional differences in implementation legislation and supervisory approaches. Further, the status of banks accredited to use an AMA framework will not be affected by the observations and conclusions of this paper.

To download the papers directly from the BIS;
Observed Range of Practice in Key Elements of AMA - http://www.bis.org/publ/bcbs160b.pdf
Results from the 2008 Loss Data Collection Exercise for operational risk - http://www.bis.org/publ/bcbs160a.pdf

Do banks really understand innovation?

By Stanley Epstein – Principal Associate at Citadel Advantage

Today’s “Financial Services Club Blog” on banks and innovation ( see: http://thefinanser.co.uk/fsclub/2009/07/sibos-1-why-banks-dont-get-innovation.html ) really got me thinking. Are banks really interested in innovation or are these “innovators” just few and far between?

When we speak about innovation it is not only technology. Innovations can come about without any technological advance. There is a distinction between “product innovation” and “process innovation”. In the former, the factors of production are rearranged in new, hitherto non-existent forms – no technology needed. “Process innovation” does tend to use advances in technology or new technologies – mobile payments are a case in point.

The underlying cause of financial innovation is self interest which manifests itself through the maximization of profits. Banks seek out, through the innovative process, the most efficient, cost effective way to maximize their profits either on existing products or potential new ones. Financial innovation comes about on the basis of anticipated material gain.

My feeling is that most banks don’t care about innovation at all. If a bank comes up with a new idea or process, and other banks feel that it can tag along to the benefit of their own bottom line, they will do so. In time a whole bunch of banks will do the same simply not to be left out. This is a simple application of the “Bandwagon” effect. And what is more many of these banks will have jumped onto the bandwagon without thinking the whole issue through, be it a new product or a new process. They simply don’t want to miss out, so they will “do it” at any cost. I have seen this time and time again.

The current financial mess that we are in and its precursor, the “sub-prime” debacle, is a case in point. Everyone was doing it. Profits were great. And no one gave much thought to even trying to understand either the product or the risks? Well, no one cared, and look where we are now.

How safe is PayPal?

Just because a payment system is well used and widely known does not automatically make it safe. This thought provoking article in online “Ecommerce Journal” (http://www.ecommerce-journal.com/articles/17048_7_risks_you_take_when_you_start_using_paypal_payment_system ) highlights seven areas where users of the popular PayPal system could be at risk.

What do you think? Let’s have those comments.