Recently we have had discussions with different clients on improving the risk function. While each approached the issue from their unique perspective, the underlying need relates to strategically transforming aspects of their risk function.
What were the challenges these clients were facing?
- “My CRO seems to be spending too much time chasing data rather than doing analysis and proving insights.”
- “Our counterparty proposed a modification to our plain-vanilla options. We are unsure how to value it.”
- “I have 4 analysts who are spending 1.5 to 2 hours each to generate my end-of-day P&L report. How do we improve the efficiency of the process?”
- “How do we improve the confidence in our energy/ commodity trading and risk management (E/CTRM) system generated risk measures?”
What are the implications of these questions? If we think in just tactical terms, we may not be able to fully comprehend the overall implications of these questions.
In the first instance, what the executive leaderships is asking is beyond the ability to generate quality numbers or reports. The executive leadership is striving for insights and understand whether the risks being taken are aligned with the overall business strategy. Is the defined risk appetite aligned with organization’s level of risk tolerance? Can the CRO support planned or unplanned Merger & Acquisition (M&A) activity? Or will it be a case of risk lagging the business objectives?
In the second instance, the CRO has identified specific gaps in her capability – gaps related to exotic option valuation. But at a holistic levels, the question also exposes gaps in risk policy (can we do such deals? What aspects of the risk policy will we have to modify if we do such transactions?), risk modeling (do we have the right models to value and report?), E/CTRM / risk systems capability (can the risk system handle such deals? What customizations will we need to do to such systems?), and human capital (can we manage these instruments?).
The third instanced related to efficiency of risk operations bringing into questions of business processes, E/CTRM systems usage and gaps, and human resources.
In the final instance, the reliability of overall risk infrastructure – risk programs, E/CTRM systems, business processes, transaction and market data, and human resources – is in question.
3.0 Holistic Risk Model
How do we address these challenges? An ideal approach would be to look at the risk function in a holistic function. (Spoiler Alert! I am a consultant and as you might have guessed, I am introducing a model. Hazards of being a consultant. 🙂) Our Holistic Risk Model (HRM) (see figure 1 below) can provide one lens to view and address these challenges. HRM is a 5-layered model that aims to combine both the strategic and operational elements of a risk function. The 5 layers are:
- Business Strategy & risk strategy layer
- Policies and Regulations layer
- Enterprise Risk Management / Risk Programs layer
- Risk Organization, Business Process, Human Capital Layer
- Risk Systems and Technology & Risk Models and Risk Measures layer
The issues raised by the above-mentioned 4 questions could be addressed using the HRM as shown below:
Thus, these questions span across multiple layers and solutions to address these challenges need to span these layers as well. However, the first layer – business and risk strategy – will generally determine what solutions will be appropriate for an organization.
Let’s explore that in a little detail – an organization needs to know and understand what drives its competitive advantage – Is it trading? Is it logistics? Is it physically assets? Is it structural advantages accrued being a dominant player in one aspect of a value chain?
This will drive a company’s risk appetite and its risk strategy, which in-turn will have bearing on its risk culture, risk organization and investments in business processes and risk systems.
Let’s take the first client – If one is not aware of its business strategy and the importance of growth via M&A, then the solutions designed for addressing its need for insight may miss the point. The key will be designing processes which facilitates quick integration of new businesses; generation of management reports and ensuring data quality throughout the value chain. Governance structures to improve transparency and facilitates communications will be needed. Also, having a risk policy which factors addition of new businesses (and hence risks) will be crucial.
In the second case, while the immediate need is tactical – improving quantitative capability, the client will need to revise its risk policy to facilitate the trading of complex options. Quantitative capability – both human capital as well as systems – will have to be added or strengthened. Management capability in terms of managing newer risks may need to be upgraded.
In the third and fourth cases, the number of prioritized initiatives aligned with the bottom two layers of HRM could be in play – from immediate quick wins to improving data quality at source to designing of specific reports to development of a reporting data-mart to changing business processes to periodic training to designing key performance indicators (KPIs) to change behavior. However, the differences in company strategies will result in different solutions being relevant for the company. For example, one of the clients believes in “moving on aggressively” – analogous to moving to build the third floor even when the second floor is not fully complete. The other client has a process driven approach and therefore is at a loss to understand why the investments in E/CTRM systems have not paid off.
4.0 In conclusion
Moving beyond tactical considerations to a holistic risk model based approach can help you transform your risk function to a key pillar of business transformation.
About the author: Prashant Shah is a Principal at AXCELERUS, a specialized E/CTRM consulting practice with global client-base and solutions for the full spectrum commodity transacting value chain. Prashant focuses on risk management activities, risk reporting, front, middle and back-office processes and energy transacting/risk management (ETRM) systems.
Prashant can be reached at firstname.lastname@example.org.