Articles'Culture and the Board' Book review: 'Measuring and managing uncertainty' 'Numbers miss what counts' 'Culture, communication and the appetite for knowledge' 'Not an exact science' - Spurred by Andrew Haldane’s speech that criticised models as unfit for purpose,
John Thirlwell shares his opinion of current modelling techniques Managing reputation risk – our ‘purest treasure’ In the opening scene of Shakespeare’s Richard II, Thomas Mowbray declares: ‘The purest treasure mortal times afford / Is spotless reputation: that away / Men are but gilded loam or painted clay.’ As ever, the Bard was right. In a survey of CEOs by PricewaterhouseCooper a few years ago, reputation risk was seen as the key threat to success and in a more recent survey by Aon, reputation risk was the most frequently noted concern across all industries and amongst the most serious concerns, in terms of its impact, by financial services firms. ‘The fault lies not in the stars, but in ourselves . . .’ - managing people risk ‘Our people are our greatest asset’, the Chairman or CEO writes in the annual report and accounts. That is undoubtedly true, but the corollary is also true, that our people are potentially our greatest liability in a service industry. People failures, whether through incompetence, poor training or, importantly, poor behaviours, lie at the heart of so many of the risks to which financial services companies are exposed and suffer. Operational Risk – Cinderella or Prince Charming? Back in the 13th century, Thomas Aquinas, the philosopher and later saint, famously declared that ‘the world has never been so full of risk’. He was thinking of plagues, wars and famine, which decimated populations and caused mediaeval banks to collapse - far more than through the capricious behaviour of borrowers, such as kings and Popes. The risks he was talking about were operational risks. Governing risk: ‘Untune that string and hark what discord follows’ In January 2011, the Financial Crisis Inquiry Commission in the United States published its report on the causes of the financial crisis. It naturally picks out the contributions of poor mortgage lending standards, over-the-counter derivatives and the rating agencies. But its key conclusions about why the crisis was avoidable are that there were ‘dramatic failures of corporate governance and risk management at many systemically important financial institutions’ and that there was a ‘systemic breakdown of accountability and ethics’. Response to Basel Committee SIGOR consultation My connection with operational risk goes back to my work as a Director of the British Bankers’ Association and initial surveys of operational risk management in member banks starting in 1995. I founded and chaired the BBA’s Global Operational Risk Database (GOLD) and, although I left the BBA in 2003 to pursue a portfolio career as a risk management adviser and non-executive director in financial services, I have maintained strong links with thinking in relation to operational risk management. Many headed hydra: Operational risk is everywhere in your business so learn to manage it. First we should understand what we mean by operational risk. Operational risks are incurred as soon as a business opens its doors – risks such as fire, flood, terrorism or theft. It is a broad church, which began as a discipline some years ago in the ‘safety critical’ industries, such as energy, space, nuclear, defence and aviation, where mistakes can have catastrophic consequences in terms of human life. Basel III and operational risk: the missing piece? ‘Interestingly, if you look back at the last 200 years, you will find that almost all banking crises have been preceded by an asset bubble, usually a property bubble.' Response to the Basel Committee SIGOR consultation paper I welcome the SIGOR paper, which sets out the complexities of many of the issues about which I have commented over the last seven years and provides helpful guidance to supervisors, banks and insurers. Given my agreement with the great majority of statements made in the consultation paper, my response consists of a number of observations on specific sections, which are given below, the headings referring to those of the SIGOR paper. In Search of Lost Time - Marcel Proust Why declare UDI? It is truth universally acknowledged that the operational risk function shall be independent. And I've been asking myself - why? What does an operational risk manager do which requires independence? Is this yet another example of how approaches to other types of risk have simply been read across to operational risk without really analysing their relevance? Constitutional lessons The French 'non' to the European constitution (this is being written before the Dutch go the polls) made me wonder whether there were lessons for us in relation to Basel and the proposed European Directive. Among the guiding principles on all sides of the discussion has been the need to act together - on a playing field which we've all rolled flat and at the same time. Fine, but then other forces come in to play - just as the French electorate has showed. Response to CP05/3, Strengthening Capital Standards
(QQ 134-145, Operational Risk) Deserts of Vast Eternity Harold Macmillan, UK Prime Minister a lifetime and another world ago, was once asked by a young journalist after a long dinner what can most easily steer a government off course. "Events, dear boy. Events", he famously replied. I've often remembered that quote when thinking about operational risk. It sums up its sheer unpredictability. And of course, whether you're a Prime Minister or a CEO, it's your ability to cope with events or, to be more precise, the effects of those events, which will allow your Government or your firm to succeed. Trojan Horse rules Once upon a time it all seemed so reasonable. The BIS Sound Practices paper was a model of excellent practical guidance. Here in the UK, the draft text of the Prudential Source Book, especially the section on high-level operational risk systems and controls (known mysteriously as SYSC3A), was essentially guidance. It recognised that operational risk was a new risk, not wholly understood, either as to its extent, or as to the essentials which would enable it to be both managed and assessed with any degree of certainty. The Credit Rating Age (Part II) - The Call for Control From humble origins the credit rating agencies have evolved as global power brokers and de-facto intermediaries in debt and derivative markets.
Into the unknown A few weeks ago, I was looking out of my window at (by the standards of North West London suburbia) an astonishing monsoon thunderstorm which had lasted dramatically for a couple of hours or so, when a posse of police cars, some marked, some unmarked, screamed up the road and stopped at the house opposite. Source for the goose? Regulators used to give the impression of approaching outsourcing as if armed with a clove of garlic and a stake in case they had the good luck to meet it at a cross-roads. It represents an abdication of responsibility, they cried ("Oh no it doesn't", we cried back), or a way of running the firm on the cheap or, at best, an abdication of control and was therefore, in the words of 1066 and All That, "a Bad Thing". Credit Rating Agencies - The New Emperors and Their Clothes
Accord
sans frontières Is
Assurance Assured ? Response to the European Commission's Third Consultation Paper on Capital Requirements For Banks and Investment Firms Results of Survey by The Operational Risk Research Forum Rumbles
in the ratings jungle Response to the Basel Committee on Banking Supervision Consultation Paper (CP3) April 2003 Why
be standardised? |
|
© John Thirlwell 2017. All rights reserved. Any reuse in whole or part requires our consent Design by www.hootaccessories.com |