Tag Archives: Information Technology (IT)

Transforming Risk

1.0 Introduction

Recently we have had discussions with different clients on improving the risk function. While each approached the issue from their unique perspective, the underlying need relates to strategically transforming aspects of their risk function.

What were the challenges these clients were facing?

  1. “My CRO seems to be spending too much time chasing data rather than doing analysis and proving insights.”
  2. “Our counterparty proposed a modification to our plain-vanilla options. We are unsure how to value it.”
  3. “I have 4 analysts who are spending 1.5 to 2 hours each to generate my end-of-day P&L report. How do we improve the efficiency of the process?”
  4. “How do we improve the confidence in our energy/ commodity trading and risk management (E/CTRM) system generated risk measures?”

2.0 Implications

What are the implications of these questions? If we think in just tactical terms, we may not be able to fully comprehend the overall implications of these questions.

In the first instance, what the executive leaderships is asking is beyond the ability to generate quality numbers or reports. The executive leadership is striving for insights and understand whether the risks being taken are aligned with the overall business strategy. Is the defined risk appetite aligned with organization’s level of risk tolerance? Can the CRO support planned or unplanned Merger & Acquisition (M&A) activity? Or will it be a case of risk lagging the business objectives?

In the second instance, the CRO has identified specific gaps in her capability – gaps related to exotic option valuation. But at a holistic levels, the question also exposes gaps in risk policy (can we do such deals? What aspects of the risk policy will we have to modify if we do such transactions?), risk modeling (do we have the right models to value and report?), E/CTRM / risk systems capability (can the risk system handle such deals? What customizations will we need to do to such systems?), and human capital (can we manage these instruments?).

The third instanced related to efficiency of risk operations bringing into questions of business processes, E/CTRM systems usage and gaps, and human resources.

In the final instance, the reliability of overall risk infrastructure – risk programs, E/CTRM systems, business processes, transaction and market data, and human resources – is in question.

3.0 Holistic Risk Model

How do we address these challenges? An ideal approach would be to look at the risk function in a holistic function. (Spoiler Alert! I am a consultant and as you might have guessed, I am introducing a model. Hazards of being a consultant. 🙂) Our Holistic Risk Model (HRM) (see figure 1 below) can provide one lens to view and address these challenges. HRM is a 5-layered model that aims to combine both the strategic and operational elements of a risk function. The 5 layers are:

  • Business Strategy & risk strategy layer
  • Policies and Regulations layer
  • Enterprise Risk Management / Risk Programs layer
  • Risk Organization, Business Process, Human Capital Layer
  • Risk Systems and Technology & Risk Models and Risk Measures layer

The issues raised by the above-mentioned 4 questions could be addressed using the HRM as shown below:

Holistic Risk ModelFigure 1: Holistic Risk Model (HRM)

Thus, these questions span across multiple layers and solutions to address these challenges need to span these layers as well. However, the first layer – business and risk strategy – will generally determine what solutions will be appropriate for an organization.

Let’s explore that in a little detail – an organization needs to know and understand what drives its competitive advantage – Is it trading? Is it logistics? Is it physically assets? Is it structural advantages accrued being a dominant player in one aspect of a value chain?

This will drive a company’s risk appetite and its risk strategy, which in-turn will have bearing on its risk culture, risk organization and investments in business processes and risk systems.

Let’s take the first client – If one is not aware of its business strategy and the importance of growth via M&A, then the solutions designed for addressing its need for insight may miss the point. The key will be designing processes which facilitates quick integration of new businesses; generation of management reports and ensuring data quality throughout the value chain. Governance structures to improve transparency and facilitates communications will be needed. Also, having a risk policy which factors addition of new businesses (and hence risks) will be crucial.

In the second case, while the immediate need is tactical – improving quantitative capability, the client will need to revise its risk policy to facilitate the trading of complex options. Quantitative capability – both human capital as well as systems – will have to be added or strengthened. Management capability in terms of managing newer risks may need to be upgraded.

In the third and fourth cases, the number of prioritized initiatives aligned with the bottom two layers of HRM could be in play – from immediate quick wins to improving data quality at source to designing of specific reports to development of a reporting data-mart to changing business processes to periodic training to designing key performance indicators (KPIs) to change behavior. However, the differences in company strategies will result in different solutions being relevant for the company. For example, one of the clients believes in “moving on aggressively” – analogous to moving to build the third floor even when the second floor is not fully complete. The other client has a process driven approach and therefore is at a loss to understand why the investments in E/CTRM systems have not paid off.

4.0 In conclusion

Moving beyond tactical considerations to a holistic risk model based approach can help you transform your risk function to a key pillar of business transformation.

==========================================================================

Prashant_MugshotAbout the author: Prashant Shah is a Principal at AXCELERUS, a specialized E/CTRM consulting practice with global client-base and solutions for the full spectrum commodity transacting value chain.   Prashant focuses on risk management activities, risk reporting, front, middle and back-office processes and energy transacting/risk management (ETRM) systems.

Prashant can be reached at prashant.shah@axcelerus.com.

Advertisements

The Case for Independent Verification and Validation (IV&V)

The concept of Independent Verification and Validation (IV&V) is not new and is generally understood as part of any significant IT projects. Many firms employ it, especially in mission critical projects. In addition, the service is commonly used when things are going, let’s say, south. However, in the Energy/Commodity Trading and Risk Management (E/CTRM) industry, IV&V is few and far between when it comes to E/CTRM implementation, upgrades and system integrations.

Why is it so?

We believe the fundamental reason is that, when budgeting for E/CTRM projects, IV&V is not typically on the radar. Often viewed as an additional cost, and frankly, senior management may think it is not necessary. It can be perceived as consultants trying to “up sell” additional services, or thought that current project dynamics might be upset by bringing in other 3rd party consultants to perform the IV&V. Also, many times, the E/CTRM project budgets are lower than the thresholds to trigger mandatory IV&V as per an organization’s IT policy.

But does it have to be so? Can IV&V consultants be an integral part of the E/CTRM projects and actually help drive the delivery time & cost to remain within budget?

Empirical evidence seems to suggest so. Georgia Technology Authority’s Enterprise Program Management Office (EPMO) observed that in 2008, IV&V provided a tangible benefit of $29.6 million on an investment of $2.1 million.

We strongly believe that IV&V should be integral part of any E/CTRM project plan & governance activities, utilized to drive the following key objectives:

  • Independent measurement and validation of project objectives, progress, and risk
  • Compliance validation with agreed requirements and internal standards
  • Independent testing & verification of required customizations
  • Early detection and remediation of project variances, issues, and risks
  • Evaluation of adequacy and competencies of stakeholder and vendor involvement

Governance, in a typical E/CTRM project, utilizes Steering or Working Committee meetings to evaluate project progress, issues management and stakeholder management. In the event (often likely) of disagreements, it may be a case of vendor versus client manager view-points with considerable energy and resources spent aligning potentially conflicting perspectives. IV&V, being integrated with the project activities, opens up another channel to manage stakeholder dynamics through independence, open communication, and teamwork to successfully achieve project objectives. The IV&V process can thus provide a non-adversarial forum to facilitate faster resolution of issues, and help in managing project schedules.

IV&V also supports the evaluation and management of E/CTRM customizations. “Are they really needed?” is a question with which an independent and objective IV&V evaluation can help. All too often vendors or business stakeholders do not fully comprehend the limited ROI for time and costs for customizations that provide only limited benefits or competitive advantages. In fact, eliminating “unnecessary” customizations can potentially provide project savings far greater than the investment in IV&V services.

In conclusion, companies should consider the benefits an IV&V can bring to an E/CTRM project in minimizing the potential for higher costs and blown deadlines, as well as, the potential value added perspective in managing costly and unnecessary customizations.

Image
About the author. Prashant Shah is a Principal at AXCELERUS, a specialized ETRM/CTRM consulting practice with global client-base and solutions for the full spectrum energy transacting value chain. Prashant focuses on risk management activities, risk reporting, front, middle and back-office processes and energy transacting/risk management (ETRM) systems. Prashant can be reached at prashant.shah@axcelerus.com.