In 2008 risk management failed. Nicholas Pratt talks to a fund management risk specialist and to consultants to find out what vendors must do to win back faith...
During the last six months, the global financial services industry has suffered an unprecedented failure of every major class of risk.
Market risk systems failed to spot the stock market shocks of September and October. Credit risk systems could not prevent the credit market grinding to a halt. And counterparty risk systems were unable to spot that countless funds were exposed to toxic assets through complex derivative contracts – despite the attention given to modelling liquidity risk over the last few years.
And then there was the $50bn Madoff scandal, which managed to drag all the remaining risk categories – due diligence, fraud and operational risk – into the mire.
A survey produced by KPMG (Never again? Risk management in banking beyond the credit crisis), canvassed 400 financial institution executives and found, unsurprisingly, that 90% intend to review their risk processes.
Equally predictable was the finding that only 42% are committed to making fundamental changes.
There is little doubt that a lack of risk management contributed to the current crisis, says Nigel Harman, partner and head of financial risk management at KPMG. “However, executives seem less forthright on what sort of action this necessitates,” he says.
It ain’t necessarily so
Risk managers have relied increasingly on technology in recent years. So is it now time to overhaul these systems? Not necessarily, says Harman. “Most firms have systems that are pretty capable in one way or another.”
Some tweaking may be required, but the priority should be to make better use of existing technology and to concentrate on non-technology aspects such as data quality and consistency, he says.
Others are more critical. Mike Goldfinch, senior consultant at Citisoft, says that the main problem lies in the mathematical methodology that underpins the majority of market risk systems.
“The maths is over 20 years old and is largely based on Black-Scholes statistical methods that examine price changes over, say, the last three years and then build price change probability curves based on this information.
“Under stable market conditions, these models work quite well but they fail to deal with an unstable market. For example, your VaR [value at risk] numbers may be based on data that says there is an infinitesimal probability of a large price change occurring; meanwhile the market is disappearing beneath you. The models are flawed but nobody knows what to replace them with. I think the industry needs to go back to the drawing board.”
With uncertainty around regulation and mathematical models, there is not a lot vendors can do right now in terms of committing to large-scale changes.
Similarly, risk managers at fund management firms will be reticent to splash out, even though many are getting their own IT budget for the first time in recognition of the importance of risk management.
Peter Lockyer, managing director and global head of portfolio risk and performance at UK-based fund manager RCM, says: “We use all the major systems for equity risk management and, as predictors of tracking error, they all failed in 2008. But as a consumer, you have to accept that when cross-section volatility rises as rapidly as it did in September and October, any system that is based on a statistical analysis of the past will fail.”
The issue, says Lockyer, is whether developers of risk systems will treat the events of September and October 2008 as a bump in the road or as a fundamental change in the nature of risk.
“Are there new factors or correlations that have emerged and how quickly will these be factored into how the systems work? In the meantime, there will have to be a lot of judgment calls.”
As the industry continues to forensically examine the risk management failings of 2008, many have pointed to the over-reliance on complex quantitative calculations and on producing daily VaR calculation. It is a dependence that has been blamed on the new wave of highly quantitative-based risk managers who have replaced more traditional risk managers.
For example, Lehman Brothers dismissed a number of longstanding risk managers that used to regularly talk to traders in order to see if market sentiment matched the information coming out of risk calculation engines. As Lockyer says: “Risk management is not just about crunching numbers. You have to make sure that the risk management systems produce output that matches up with what the people running the product are doing and the market conditions where it could go wrong.”
Consequently Lockyer believes that this year will see a move from simply looking at VaR measures towards a more human interaction-based approach to risk management, particularly in the fixed income market.
“The guys in fixed income risk management spend too much time on the complex maths and not enough on the common sense issues – such as liquidity and stress testing. There should be less reliance on fancy maths and more on what could go wrong.
“Part of the problem is there is a lack of imagination among financial institution risk managers. To envisage the worst scenarios, to stress test, involves some imagination as well as knowledge of the securities, rather than just knowing their statistical characteristics.”
Lockyer would also like to see vendors devote more time to creating systems that produce information that is readily comprehensible to clients and management. “Making comments or showing numbers based on complex statistical information tends to make clients’ eyes glaze over. So there may be a premium for systems that are able to present risk information in an accessible way because senior management are sure to be taking a more involved role in risk management.”
For Citisoft’s Goldfinch, another area for vendors to focus on is providing better coverage of asset types. “There are holes all over the place.”
The need for standardisation
Goldfinch points to corporate loans as one asset type that few risk vendors include in their systems or are willing to support. “It would be great if vendors could come up with more standardised alternative solutions – for example, a rule sheet that identifies alternative assets that could be used as proxies for those not implicitly covered.”
Frédéric Ponzo, founding member of France-based consultancy Net2S, believes that one of the biggest problems facing fund managers is that risk has been looked at in silos. Market risk, credit risk, counterparty risk, operational risk and liquidity risk have all been managed (or mismanaged) with different systems, all supplied by different vendors.
Consequently, fund managers will be looking for the technology that will enable them to consolidate all of their risk management activity into one firm-wide platform, says Ponzo. “Risk managers need to be able to look at all of their types of risk in all of the instruments and for all of their counterparties. This will mean an overhaul of their current architecture but it does not mean existing systems cannot be reused.”
Despite the fact this enterprise-wide approach has been a mantra of risk vendors for at least the last five years (and despite what our risk survey says), Ponzo believes that there is no dominant vendor able to supply a system that fulfils this need and has a proven excellence in all classes of risk.
“For the first time in quite a while, there is a space for a vendor to come in with a new solution.”
Ponzo also believes that there is a gap in the market for the vendor that can successfully employ the latest computing hardware technologies as the basis for risk systems architecture in order to solve the problem of risk engines’ excessive power consumption.
“The risk engines tend to be very power-intensive and they use a lot of computer power to run the various calculations,” says Ponzo. “This is one of the constraints that risk managers find – they are not able to exploit new technology such as hardware acceleration for their risk systems. Some vendors are even still miles away from making grid architecture a mainstream feature of their risk systems.”
Risk vendors will be working feverishly to address all of these aforementioned needs of their customers over the next year but, warns Ponzo, while this should lead to better quality products, there will also be more disingenuous vendors looking to capitalise on the importance of risk.
“The only area where there is money to be made in 2009 is risk so this means that vendors will be putting a risk ‘element’ into all of their products.” This includes the order management and portfolio management systems (PMS) that include a risk management module as part of their packages.
“This is just a veneer,” says Ponzo. “A PMS is not a risk management system.”
©2009 Funds Europe