Risk Management: Total Cost of Ownership
How to achieve significant, sustainable cost savings in the new world of integrated, enterprise-wide risk management.
By Lutz Schiermeyer
Risk types overlap noticeably, and since the different categories of risk now converge more readily than before, it is more and more difficult – and expensive – to continue the isolated treatment of single risk types in various risk silos. A good example of convergence is a credit default swap (CDS). A CDS is created and valued based on a company’s debt, but the price fluctuates during a single trading day so the market risk and credit risk intersect. This example illustrates the fact that financial institutions are no longer simply originating deals and holding assets.
Additionally, the linkage between counterparty default and liquidity risk has become more obvious. Today, those new risks are being packaged and traded in the financial markets, resulting in even greater complexity. For financial institutions, this complexity requires greater speed, more flexibility and keener governance – all facilitated by a robust and scalable technology environment.
As risks evolve – and in order to keep up with new instruments, assumptions, business strategies and models and changing regulatory requirements – a winning risk management strategy will require banks and financial organizations to: identify all areas of risk, recognize those areas of greatest threat, determine how they interact and utilize the most flexible technologies and processes to mitigate risk.
Breaking the Risk Silos
Risk management is usually viewed as four distinct areas: credit risk, market risk, operational risk and asset-liability. Today, however, there is an increasing realization within the financial services industry that the traditional, silo-based approach to managing risk adds little value to the organization when compared to the enormous cost of maintaining the silos. The silo-based approach increases the cost of system purchase and implementation, consulting, upgrading and ongoing maintenance, and the costs grow every year. Of course, the investment and purchase price for risk management solutions and services is only the beginning; the real money is still ahead in the life-cycle costs associated with running risk silos. This is called the total cost of ownership (TCO).
According to many industry analysts, the time has come for CEOs, CROs and CIOs to rethink the current pattern of spending and investing. Bart Narter, senior vice president of Celent, an international financial services strategy consultancy, said in November 2008 that, “The financial crisis means that banks around the world must get more from their software providers and are demanding full solutions from a single contact.”
Rather than pour all of the money into expensive life support and maintenance for an aging and cumbersome risk management architecture, why not set a little aside for a hedge on a brighter future? Provide an incubator fund that nurtures a new breed of transparent risk management, taking its cue from modern technology to significantly reduce costs, while being more flexible and closer to risk management customers – both internal and external – and setting new standards for innovation.
In the past, risk management projects required at least one to two years, were very costly because of the time commitment and posed challenges caused by business, internal political and human resource changes during that time period. Today, those challenges may cause change requests, which result in frustrations, further delays and costs before a project’s completion. For banks, insurers and financial services providers that may be deploying a number of separate risk systems to cover the siloed risk types, the TCO view favors enterprise risk management (ERM) systems over a mixture of risk systems. This ERM framework provides sustainable reductions in both capital and operating expenses.
The drivers for the next generation of risk offerings will include the ability to deliver an integrated and scalable risk management solution. That is, a solution that allows customers to deploy across specific workflow risk applications, including areas such as asset and liability management, fair value, market risk management, credit risk management and integrated risk-based capital assessments (such as economic capital calculations). An integrated, configurable solution is needed that supports current market requirements for risk management applications as well as providing a platform to handle future requirements. Plus, the solution’s functionality needs to include risk assessment, risk monitoring, modeling, stress testing, risk aggregation and allocation and reporting.
From a capital and operating expenditures point of view, the implementation, day-to-day operation and upgrades and maintenance of diverse risk systems require a great deal of expense. Dealing with the shortcomings of this complex landscape means overcoming:
- various end-of-day time behaviors,
- different data models in each system,
- no common data management,
- different relational databases, and
- risk figures calculated in each risk silo that rarely relate or match, causing error-prone manual data processing.
TCO View of Risk Management
A complete TCo analysis is not readily available because of the existing diversity of risk management systems in the various risk silos. A TCO analysis in risk management would help banks, insurers and financial services providers identify the true cost of their risk systems before they invest further. It would help them identify the shortcomings of their current system.
Also, a TCO analysis would help organizations evaluate what they actually pay to operate their risk management systems in terms of hard costs for hardware, software, services and service-level agreements, as well as costs such as personnel time, downtime, maintenance, upgrades and enhancements. Industry experts estimate that data management and data cleansing costs, which are mandatory prerequisites to all further tasks (including risk calculation, modeling and archiving, still consume 70 percent of the risk management TCO. That leaves only 30 percent of the total cost of ownership for setup, operation, support, maintenance and upgrades of the current risk systems.
This ratio of capital to operating expenses has grown tremendously as the amount of data needed to support both risk and performance calculations have grown. This ratio will continue to grow for banks with updates to directives like Basel II or Sarbanes-Oxley, and for insurers with directives such as Solvency II. The current estimated daily global growth of digital information is 15 petabytes. In areas such as Basel II, it is already a common practice for larger institutions to manage terabytesof data.
Risk departments are growing in size and importance in today’s business. A proper TCO analysis before deployment can help identify where costs can be streamlined. Additionally, since risk management is evolving from a pure, ex-post controlling discipline to a more ex-ante bank steering discipline, a TCO analysis will help build the case to move the organization toward a strategy that combines risk management with performance management for a more strategic discipline. This demands improved integrated technologies and solutions, such as ERM, to provide better process-efficiency in risk management.
Banks and financial services organizations will evolve and switch to an enterprise-wide view of all operations, rather than stay with the siloed approach to risk management that contributed to the current financial crisis. This means applying technology at a business level rather than in isolation. As such, banks and financial services organizations need to review processes and systems that can streamline administration and help achieve operational excellence. Having an enterprise-wide risk management system in place, coupled with proven and flexible data management, will make banks and financial services organizations less dependent on people, reducing the risk of human fallibility, as well as increasing transparency and audit ability.
As the scalability, flexibility and reliability of end-to-end ERM solutions continue to increase, the motivation for moving from the current mixture of various risk systems is becoming stronger. The decision often can be viewed as a trade-off, with the cost and risk of migration toward an ERM landscape on one side, and ongoing operational costs and lack of flexibility to operate their current, disparate risk management systems on the other side.
Industry experts estimate that data management and data cleansing costs, which are mandatory prerequisites to all further tasks (including risk calculation, modeling and archiving), consume 70 percent of the risk management TCO. That leaves only 30 percent of the total cost of ownership for setup, operation, support, maintenance and upgrades of the current risk systems.
In addition to a much lower TCO, one of the biggest advantages of moving to an ERM comes from increased application agility and flexibility across the various risk types: credit, market, operational liquidity and asset-liability management. A modern ERM risk platform enables banks, insurers and financial services providers to deliver new capabilities faster and at a significantly lower cost than risk silos operating on diverse, legacy risk management systems.
The savings can be tremendous and free valuable resources for greater innovation and a competitive advantage. Organizations should look for turning points in their environments, such as impending upgrades or initiatives like Basel II or Solvency II, as logical times to make a change. Also consider evolutionary strategies, which can lower risk by gradually decreasing the dependence on proprietary risk management systems by moving out a few aged risk systems at a time.
Lutz Schiermeyer (Lutz.firstname.lastname@example.org) is the EMEA banking risk business development manager for the SAS Global Risk Practice in Frankfurt, Germany.