Slides by Neil Brown 13 June 06


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Building an appropriate and workable risk management infrastructure / framework Neil Brown Managing Director Global Head of Risk Management
  • Slides by Neil Brown 13 June 06

    1. 1. Neil Brown Managing Director NoteWell Associates Ltd. [email_address] Asset Managers have been subjected to significant changes in the way that they are required to manage risk within their business. Some of these relate to Basel 2, but there is a responsibility to implement and evidence an enterprise wide risk framework that supports ICAAP. This can be complicated by the evolving approach to regulation of complex groups resulting in changing regulatory relationships for asset managers. This talk will address the issues involved in achieving this wider risk framework.
    2. 2. Mitigating Risk by Evidencing Risk Control “ … ..we will scrutinise proposals for new UCITS III funds and conversions of existing funds and will engage in a thematic review of the risk management of firms that are proposing to operate or are operating UCITS III funds.” Hector Sants, 19 th September 2005
    3. 3. <ul><li>… .financial services regulators around the world are rightly concerned that t he business and affairs of financial services firms are responsibly and effectively organised and controlled at senior management level and that firms’ senior management take responsibility for this </li></ul><ul><li>a firm is required to establish, implement and maintain adequate risk management policies and procedures which identify and set the tolerable level of risk relating to its activities and effectively manage those risks. </li></ul><ul><li>A firm also has to have a separate risk control function, where this is proportionate depending on the nature, scale and complexity of its business. This function will be responsible for assessing the risks that the firm faces and for advising the firm's governing body and senior managers on these risks. </li></ul>Mitigating Risk by Evidencing Risk Control Christine Sinclair 15 th May 2006
    4. 4. Generic Risk Process <ul><li>Define Risks the firm is prepared to take (Risk Appetite) </li></ul><ul><li>Identify risks the firm owns (to capital, reputation, earnings, brand….) </li></ul><ul><li>Categorise and identify the drivers of these risks (investment performance, market, credit, operational, event….) </li></ul><ul><li>Agree measurement techniques (attribution, VaR, stress testing, scenarios, other…) </li></ul><ul><li>Agree limitations of these techniques (Correlations, Fat Tails, model validity under stress…) </li></ul><ul><li>Design / Build / Implement systems and processes to capture this information </li></ul><ul><li>Set and operate appropriate controls (limits, delegated authorities, escalation processes </li></ul><ul><li>Apportion responsibility for managing these risks </li></ul><ul><ul><li>Business management to own them </li></ul></ul><ul><ul><li>Risk management to provide oversight </li></ul></ul>
    5. 5. Objective of the ICAAP <ul><li>How much and what composition of internal capital the firm considers it should hold as compared with the c apital resource requirement (CRR) ‘pillar 1’ calculation , and </li></ul><ul><li>the adequacy of the firm’s risk management processes </li></ul>… with respect to capital adequacy….
    6. 6. Risk Framework <ul><li>What are the risks? </li></ul><ul><li>Strategy </li></ul><ul><li>Earnings </li></ul><ul><li>Reputation (Brand?) </li></ul><ul><li>Investment Performance </li></ul><ul><li>Failure to deliver mandated product </li></ul><ul><ul><li>Includes TCF, Advertising… </li></ul></ul><ul><li>Operational Risks </li></ul><ul><li>Legal & Compliance Risks </li></ul>
    7. 7. What Risks Should Be Considered for ICAAP?
    8. 8. Other issues? <ul><li>Group Structures – strengths and weaknesses…. </li></ul><ul><li>Outsourcing (and insourcing!) </li></ul><ul><li>Where applicable, details of any other business-unit-specific or business plan stress tests selected </li></ul><ul><li>Differentiation between ICAAP requirements and good business management…. </li></ul>
    9. 9. ICAAP <ul><li>Annual? </li></ul><ul><li>Risk types considered to justify “exclusion”? </li></ul><ul><li>Capital required to mitigate worst case occurrence </li></ul><ul><li>Not a process to manage the business…. </li></ul>
    10. 10. An Appropriate Risk Management Infrastructure <ul><li>Who owns this and why will it happen? </li></ul><ul><li>Senior Management </li></ul><ul><ul><li>CEO/SEO / Apportionment Officer </li></ul></ul><ul><ul><li>SIAPs </li></ul></ul><ul><li>If you don’t understand it, you shouldn’t be responsible! </li></ul><ul><li>Others </li></ul><ul><ul><li>Line Management </li></ul></ul><ul><ul><li>All staff </li></ul></ul>
    11. 11. What Is Involved? <ul><li>TABLE OF CONTENTS </li></ul><ul><li>Overview </li></ul><ul><li>Governance </li></ul><ul><ul><li>Roles and responsibilities </li></ul></ul><ul><ul><li>Definition of risks and risk appetite </li></ul></ul><ul><li>Risk Management Framework </li></ul><ul><ul><li>Risk and Control Assessment processes </li></ul></ul><ul><ul><li>Incident Management processes </li></ul></ul><ul><li>Reporting and Monitoring </li></ul>Company Risk Framework
    12. 12. Example: Roles and Responsibilities <ul><li>Senior Management are responsible for implementing </li></ul><ul><ul><li>An effective and appropriate operating structure that has transparent and formal responsibilities including: </li></ul></ul><ul><ul><ul><li>implementing risk management frameworks within their part of business. </li></ul></ul></ul><ul><ul><ul><li>developing and implementing processes and procedures for measuring and managing risk in all of the material products, activities, processes and systems of their part of the business. </li></ul></ul></ul><ul><ul><ul><li>understanding and evaluating the risk profile and ensuring appropriate risk mitigation within their part of the business. </li></ul></ul></ul><ul><ul><ul><li>producing reporting to demonstrate the effectiveness of the risk mitigation they have applied </li></ul></ul></ul>
    13. 13. What Does This Mean? <ul><li>Much of this will exist, some is documented…. </li></ul><ul><li>Document from the top down, pull all existing frameworks together…… </li></ul><ul><li>Quality not Quantity (substance not form) </li></ul><ul><li>Ensure that Management Information produced by all areas can support the risk framework (evidences management control) </li></ul>
    14. 14. Reporting Structure Risk Management Monthly / Quarterly reporting Business Activity Daily/ Weekly/Monthly /Quarterly Reporting Business area Heads / Senior Management Monthly / Quarterly Reporting Chief Executive Officer Line Management Monthly / Quarterly Reporting Board of Directors Management / Board / Risk Committee
    15. 15. Example - New Product Process Risks? <ul><li>Strategy </li></ul><ul><li>Earnings </li></ul><ul><li>Reputation </li></ul><ul><li>Investment Performance </li></ul><ul><li>Failure to deliver mandated product </li></ul><ul><ul><ul><li>Includes mis-selling,TCF, advertising… </li></ul></ul></ul><ul><li>Operational Risks </li></ul><ul><li>Legal & Compliance Risks </li></ul>
    16. 16. Example - New Product Process <ul><li>Initial idea - (Marketing?) </li></ul><ul><ul><li>product, marketplace, competition, asset target, costs, profitability.... </li></ul></ul><ul><li>Management support </li></ul><ul><li>Front Office design (Portfolio Management?) </li></ul><ul><li>Middle/Back Office ability to support proposal </li></ul><ul><li>Legal/Compliance/Risk review </li></ul><ul><ul><li>Is the proposal legal and are we allowed to build/distribute? </li></ul></ul><ul><ul><li>Do all areas of the business understand what is required of them? </li></ul></ul>
    17. 17. Product – Marketing Responsibilities <ul><li>Clearly defined product characteristics </li></ul><ul><ul><li>objectives, </li></ul></ul><ul><ul><li>sources of alpha / absolute return </li></ul></ul><ul><ul><li>risk controls & characteristics </li></ul></ul><ul><ul><li>fees and commissions </li></ul></ul><ul><li>Clearly defined target marketplace </li></ul><ul><li>Clearly defined target sales and timescales </li></ul><ul><li>Clearly defined product review process </li></ul><ul><li>Compliant marketing materials </li></ul><ul><ul><li>Brochures / Applications </li></ul></ul><ul><ul><li>IFA materials </li></ul></ul><ul><ul><li>Advertising </li></ul></ul><ul><li>TCF considerations </li></ul><ul><ul><li>Place in market </li></ul></ul><ul><ul><li>Place in portfolio </li></ul></ul><ul><ul><li>Family/friends….. </li></ul></ul>Internal External
    18. 18. Product Investment Management Responsibilities <ul><li>Through what clearly defined investment process and risk controls & characteristics will they capture the alpha / absolute return to deliver the clearly defined fund objectives .......... </li></ul><ul><li>Credibility of how they will deliver consistent product/performance…. </li></ul><ul><li>Ability to explain/demonstrate sources of absolute and relative performance (Attribution) </li></ul><ul><li>Ability to explain demonstrate current portfolio positioning/”bets” (risk analysis) </li></ul>
    19. 19. Middle/Back Office Responsibilities <ul><li>What new systems or people are required? </li></ul><ul><li>On what platform / how will you </li></ul><ul><ul><ul><li>price </li></ul></ul></ul><ul><ul><ul><li>account </li></ul></ul></ul><ul><ul><ul><li>risk measure </li></ul></ul></ul><ul><ul><ul><li>report </li></ul></ul></ul><ul><li>What processes change as a result of this? </li></ul><ul><li>What manual processes are introduced? </li></ul><ul><li>What processes are special/different for this product? </li></ul><ul><li>Ensure continuity and disaster recovery </li></ul>
    20. 20. Risk Management Process <ul><li>Investment Risk </li></ul><ul><li>Review proposed product characteristics versus proposed objectives / market / clients for “goodness of fit” </li></ul><ul><li>Ongoing review of the performance, attribution and risk analysis of product using appropriately designed statistics and techniques – still “true to label”? </li></ul><ul><li>Operational Risk </li></ul><ul><li>Ensure </li></ul><ul><ul><li>specific accountability, policies & controls, reporting at launch & ongoing </li></ul></ul><ul><ul><li>segregation of duties at launch & ongoing </li></ul></ul><ul><ul><li>Key Risks, Key Controls, Control Enhancements identified and addressed… </li></ul></ul><ul><ul><li>Integrate into ongoing OpRisk reporting – enhance where necessary </li></ul></ul>
    21. 21. Additional/Enhanced Processes.…? <ul><li>Instrument / portfolio pricing </li></ul><ul><li>Instrument / portfolio risk analysis </li></ul><ul><li>Risk Management oversight </li></ul><ul><li>Management oversight </li></ul><ul><li>Board reporting </li></ul>
    22. 22. Who Owns What? <ul><li>Product design </li></ul><ul><li>Investment delivery </li></ul><ul><li>Product support </li></ul><ul><li>Product launch </li></ul><ul><li>Oversight </li></ul><ul><li>Ongoing product life </li></ul><ul><li>Marketing / Distribution (/ Investment Management) </li></ul><ul><li>Investment Management </li></ul><ul><li>Middle/Back Office </li></ul><ul><li>CEO </li></ul><ul><li>Senior Management/CEO </li></ul><ul><ul><li>Legal/Compliance/Risk Management </li></ul></ul><ul><li>All of above </li></ul>but ultimately, CEO………..
    23. 23. Conclusions <ul><li>Senior Management resolve is key </li></ul><ul><li>Don’t build the Bugatti Veryon * </li></ul><ul><ul><ul><li>Model  Bugatti Veyron 16.4 Engine type  7993cc, 16 cylinders in a W Power/Torque  1001bhp @ 6000rpm / 922 lb ft @ 2200rpm Performance  0-62mph: 2.5sec / Top speed: 253mph Price  £810,345 Verdict  Blows away all the other supercars </li></ul></ul></ul><ul><li>Set senior responsibilities and deliverables to drive framework down through the business </li></ul><ul><li>Ensure reporting is appropriate and evidenced </li></ul><ul><li>Having created this framework, be ready for internal/external review… </li></ul>* Source: Times Online