New York Seminar – 10^th June 2010

“Regulation, risk and reaching nirvana – Harnessing your data assets in the wake of the crisis”

 The seminar will take place from 18:00 – 17:30 followed by a drinks reception.

 The panel consist of:

• Marc Baumslag, Managing Director, Global Head of Risk IT, UBS
• Melissa Goldman, Managing Director,  Risk Technology, Goldman Sachs
• James Linnett, Head of Strategy, Architecture and Shared Services, Bank of America
• Peter Serenita, Global Head of Entity and Account Data Services – Global Banking and Markets, HSBC
• Stephen Wade, Managing Director Chief Risk Officer – GBM Americas, Royal Bank of Scotland

 Areas covered will include:

• How is the proliferation of incomplete, inconsistent and unreliable data throughout the enterprise impacting risk management and capital efficiency?
• To what extent are regulation, risk and the need for greater transparency driving changes in how firms leverage data across lines of business, departments and geographies?
• How will aligning data definitions (taxonomies, semantics and metadata) across the firm help to aid transparency and consistency? How close are banks to achieving this ideal and what difficulties do they face?
  • To what extent is improved alignment and transparency of data enabling firms to offer improved relationship management and identify opportunities for cross selling.
• What longer-term impact will the current regulatory pressure and focus on risk management have on how institutions maintain, manage and leverage their data assets?

For more information and to register for this seminar please email jackie.lambert@lepus.com

London Seminar – POSTPONED

 “Reconciliation Services: building efficiency, transparency and control”

 The seminar has been postponed until the Autumn. 

 The panel will consist of:

• Mike Pavey – Head of Operations, Schroders
• Trevor Hunt – Regional Operations Officer, UBS Global Asset Management
• Chris Freeman – Head of Middle Office, Aviva Investors

 Areas covered will include:

• What are the key factors driving asset managers to reassess their approach to reconciliation operations, with a view to improving the efficiency and performance?
• What do firms see as the main benefits of using external packed reconciliations solutions, delivered as a service, in comparison to in-house developed software?
• What impact will increased regulation in the wake of the crisis have on asset management?
• What role does effective reconciliation have in risk management and the ability to demonstrate and communicate strong governance to potential investors?
• To what extent have asset managers sought to automate the reconciliation process? What are the key steps they have taken and what level of success have they experienced?

For more information and to register for this seminar, please email Jackie.lambert@lepus.com

Our latest executive summary, sponsored by the Options Industry Council, is the white paper “The Changing Risk Management Landscape in Derivatives”.

The credit crisis has forced remarkable changes in the financial industry, with the OTC derivatives market now facing immense scrutiny. Critics remark that the opaque nature of this market increases counterparty credit risk, thus contributing  to systemic risk events.

It has been proposed that trades be cleared through central counterparties (CCPs), significantly reducing default risks. The exchange-traded model also offers liquidity and transparency. Thus, there is now an increased recognition of the benefits in moving away from the opaque and bilateral OTC trading methodology.

Key Findings

• OTC Derivatives Regulation – Regulatory bodies around the world increasingly favour a move towards cleared contracts. To this end, banks expect capital incentives and the expansion of regulation to more products.
• Risk Management – Even with overarching regulation, it is not yet clear whether risk management will need to adapt significantly. At the moment there has not been any significant change in risk management procedures at the banks interviewed by Lepus.
• Benefits of Listed Markets – The OTC market is recognised as being flexible, but exchange-traded contracts, coupled with clearing houses offer transparency, and reduced counterparty risk..
• Concerns – While the benefits of listed markets are many, banks stated that OTC markets provide the ability to trade complex, illiquid products with low barriers to entry for customers.

Conclusion

Following the demise of Lehman Brothers, counterparty credit risk has become a major concern. Thus, there are prudent reasons as well as regulatory pressures for banks to execute derivatives trades on exchanges or through CCPs. With gradually increasing innovation in exchange-traded products, the popularity of OTC markets may taper in the near to medium term future. However, regulators and market participants must interact continuously to deliver outcomes that are beneficial to the industry, instead of simply reducing its size.

To receive a free copy of this report, please send your name, job title, address and phone number to marketing@lepus.com and we will ask the sponsors of the report to email a copy to you.

While official reports have now declared the end of the recession, global regulatory action is gaining vigour. Like the great Terror of the French Revolution, no-one and nowhere is safe from investigation. In recent times, one such avenue under increased scrutiny pertains to the off-exchange trading books known as ‘dark pools’ – trades not displayed on order books. Equities markets functioned perfectly during the financial crisis and the finger of blame for the downturn has been pointed very firmly in other directions. However, regulators appear zealously committed to ensuring that such a crisis never occurs again.

Key findings

• Prevalence – Reliable statistics have proven hard to obtain, with wide disparities between quotes figures. In general though, trading under this guise is a much rarer occurrence in Europe than in the United States.
• Source of risk – While several market participants find no concrete rationale behind the intense regulatory focus, the lack of transparency and elusive data on the prevalence of dark pools underlie the source of the alarm.
• Regulatory action – Legislation in the United States and Europe appears to raise concern over the creation of a two-tier market, growing volumes of dark pool trading and the deepening fall of public confidence in financial markets as a consequence of a lack of transparency
• Effectiveness of regulation – Several participants believe that regulations are unnecessary. They are described variously as results of political expediency, misinterpretation of the source of the crisis and inability to recognize the benefits of dark pools.  There are fears that this form of trading may even seize to exist.

Conclusion

With regulation gaining currency, the prospect that the market for dark pool trading may be fundamentally altered is very plausible. However, it is uncertain whether regulation in its current form is adequately equipped to eliminate the perceived risks with this practice.  

To obtain a free copy of this section in full, please contact us at marketing@lepus.com with your name, job title, firm, phone number and email.

Data centre virtualisation projects have a ripple effect throughout an organisation’s infrastructure and operations. Before embarking on data centre virtualisation deployments, there are a number of considerations which must be made. Collapsing multiple physical devices into software affects the people and processes supporting the data centre. Therefore, enterprises should thoroughly evaluate how business processes, administrative rights, capacity planning, performance monitoring tools and security strategies will need to change.

Key Findings

• High availability implications of virtual machines – The spare capacity afforded by retaining an extra 25% to 35% capacity helps address failover and disaster recovery when determining the appropriate number of virtual machines (VMs) to consolidate onto a single physical host. Evidently a tier-1 European bank explained how the failure of a given VM on a physical host will not affect the operation of another VM on that host, because each VM has its own isolated set of compute, memory and power resources. 
• Partitioning – Two leading European banks recommended that partitions should be set up to segregate a particular type of virtualised server farm from another, such as database servers from web servers. Otherwise, malware aimed at one server farm might make its way to the other servers.
• Time services – A recommendation that was noted from two banks was that clients and servers must agree on a time of day to properly synchronise files. Timing services are also important to system security. For example, computers connected to the internet must keep accurate time for evidence gathering in the case of a system break-in. Encryption and authentication protocols also require accurate time on both server and clients.
• Vendor packages – Lepus findings highlighted that two of the interviewed banks currently use VMware solutions and another leading organisation currently uses Citrix. Having said this, all three institutions cited that they are completely satisfied with their vendor packages and would happily recommend them to other banks.    

Conclusion

Virtualisation involves turning a number of physical hardware computing and networking devices into software and loading them on to a common high-powered hardware platform. When deployed in enterprise data centres, it affords a number of cost and energy-conserving benefits. Still, organisations can hardly go into a virtualisation project without assessing how such a project will impact traditional operations, both technically and organisationally.

To obtain a free copy of this section in full, please contact us at marketing@lepus.com with your name, job title, firm, phone number and email.

The various models utilised by the financial sector for monitoring risk exposures and valuating products have been heavily criticised by industry commentators over the last 12 months. Much blame has been apportioned to model risk, in particular VaR and its failures being cited as a factor in the demise of the global economy.

Key findings

• Current Practices – None of the banks interviewed for the research had a fundamental definition of model risk management but had a form of management or governance process to oversee model accurancy through validation.
• Benefits of Model usage –  There are many perceived benefits associated with the use of models throughout the financial industry. These advantages have been heightened by continuous technological advances.
• Criticism and drawbacks – There has been much criticism of the various models used by financial institutions of late, with much of this negative attention being focused on misinterpretation and blind reliance on model output.
• Vetting and Validation methods – Models will not be abandoned because of past failures and will continue to play a significant role in the foreseeable future. Therefore, for maximum effectiveness to be derived, there needs to be a process under which new models are vetted extensively and existing models are continuously validated.
• Future Initiatives – In view of the criticism directed at ineffective models, Lepus wanted to find out if banks were responding to this through greater investment in regards to model risk management. The responses suggest that much of the criticism is unjustified and that the players of the financial industry are ultimately confident in the abilities of these models.

Conclusion

Risk management is both a science and an art. Theoretical models will always play a vital role in risk management. However, for models to be effective they must be used carefully and in conjuction with risk managers’ own judgement. This will ensure that each model is used in the right situation and that it remains accurate to changes in the financial climate. Models have shown themselves to be vulnerable when relied upon too highly and effort is not made to fully understand the associated outputs.

To obtain a free copy of this section in full, please contact us at marketing@lepus.com with your name, job title, firm, phone number and email.

To a certain extent, it can be stated that the weight the opinion of the risk manager carries has increased of late. However, at some banks, traders are still able to execute unauthorised trades in pursuit of higher revenues, resulting in the risk managers’ engagement with the legal department. This is an example of a more extreme scenario, and at each bank there will be a somewhat different culture and/or ethos. Moreover, the relationship with the traders will depend on a number of different factors; one such factor being the proximity between the risk manager and the trader.

Key findings

• Location of Risk Employees – It should be noted that there was a common approach across the interviewed sample. All of the participants indicated that there is somewhat of a combined approach, and risk managers tend to be located both on the trading floor and away from it on other floors in the building.
• Seniority of Employees – All of the banks acknowledged that the level of seniority on the trading floor varies and there are both senior and junior people that are currently located there.
• Consistency – Banks should aim to develop, implement and maximise consistency, taking into account specific regional or jurisdictional anomalies and/or requirements.

Conclusion

The location of the risk managers will vary and depend on a number of different factors. One of the main issues is space and the amount of people already on the trading floor.

All of the banks spoken to have market risk managers situated on and off the trading floor. In addition, there is a combination of senior and junior personnel. On average, the banks are more focused on policing the front office and serving the board and the regulatory body than assisting the front office. This is somewhat expected given the increase in different proposals and directives from the regulators around the world. 

To obtain a free copy of this section in full, please contact us at marketing@lepus.com with your name, job title, firm, phone number and email.

As a result of the economic credit crisis of the last year and a half, the role of the risk manager has been given greater importance. The risk manager’s previously diminished role was partly a result of the belief that risk management methodologies have been unable to keep pace with the high octane pace set by the various trading desks.  Regulators are ensuring that banks are able to capture and report all aspects of its risk profile, gathering as much data as possible in doing so. This then seems to be leading to a move for risk departments to move to real-time to allow them to catch greater and more up to date information.

Key findings

• Current practice – The risk management methods such as end of day VaR and liquidity calculations currently used by banks are very similar to those that were being used on the eve of the credit crisis. Although VaR has been heavily criticised, it is still found to be effective when supported with greater stress and scenario testing.
• Drivers – Regulatory pressure on industry practitioners to provide greater and more transparent data. Heavy fines will be handed out to those who do not comply.  Although senior managers, in reaction to regulatory pressure, want to see more up to date figures, they are currently unsure as to the gains from an enterprise wide move to real-time risk management.
• Strategy – Research has found that most of the banks spoken to are yet to move to enterprise wide real-time risk management. Though VaR and liquidity models are calculated at the end of day, real-time stress testing has been universally adopted.
• Benefits and Challenges – It can be concluded that banks currently believe that costs of real-time risk management heavily outweigh the modest benefits. Obvious benefits such as greater accuracy of risk positions, with information being captured, analysed and reported after individual trades are offset by the cost and time issues involved with utilising the tools.

Conclusion

While there are obvious benefits to real-time risk management relating to greater accuracy to risk positions and transparency, the general consensus from banks is that the switch over is a costly and complex undertaking. It seems as though there is a greater demand for the voice of the risk manager to be heard by board members, although the information they are parlaying in these meetings is not as of yet exclusively calculated in real-time. It may just take the heavy hand of the regulatory bodies to convince banks of its worth sooner rather than later.

To obtain a free copy of this section in full, please contact us at marketing@lepus.com with your name, job title, firm, phone number and email.

Despite recent events, Value at Risk (VaR) remains to be an important tool used by risk managers. However, the weight that is placed on the results returned by VaR models has changed over the recent years. Banks are now more focused on other metrics, such as stress testing and scenario analysis. Recent Lepus research indicates that the majority of banks are looking to capture risk not in VaR through improved stress testing frameworks.

Key findings

• VaR models – There was a similar response amongst the interviewed sample. In principle the interviewees agreed that VaR models are better when parsimonious. The vast majority of the participating banks acknowledge that it is understood that VaR is not a suitable measure for non VaR type risks.
• Risks not in VaR –  All participating banks have implemented a framework for risks not in VaR. Main risks that are not captured by VaR depends on sophistication of such models and on the type of positions and exposures the bank has.
• Materiality Thresholds – Materiality is an important measure when assessing risk. Risk appetite will vary, and different firms will have different thresholds. Those governed by the FSA use the recommended 5% of VaR threshold as a guideline, with one prudent bank opting for a 1% threshold. The experience and judgement of  risk managers is the determining factor to thresholds for some of the banks.
• RNIV Charge – The interviewed banks were asked how they aggregate individual RNIV charges to derive the total figure. Most of the banks spoken to add the individual charges, not taking into account the diversification effect. Many banks are wondering if the regulators truly understand VaR diversification and materiality, and feel that there are issues that need to be addressed.

Conclusion

To conclude the report, the interviewees were asked how frequently they perform calculations and whether they had any initiative planned. Research discovered that there is as of yet no global structure in regards to calculation timelines, with the various banks running these calculations as often as once every week to once a year. A number of banks are unsure and deliberating as to whether or not they should formally run the exercise more often.

To obtain a free copy of this section in full, please contact us at marketing@lepus.com with your name, job title, firm, phone number and email.

In July 2009 the FSA fined HSBC more than £3m for failing to protect sensitive data. The FSA’s review into the case led many banks to reassess the way in which they look after sensitive data. This extends far beyond customer data on the retail side and also covers information on employees, and sensitive information on other institutions.

Key findings

• Data Protection – All of the banks spoken to stated that their information polices require sensitive data to be appropriately protected. While none of the banks specifically mentioned any specialist encryption software at this stage, it can be seen from the responses below that password features in Microsoft Office, as well as Win Zip are widely used.
• Email – The greatest threat to banks in terms of data leakage is via email. While stories of laptops being left on trains, or CDs going missing in the post generally grab the media attention, an estimated 80% of data leakage actually occurs through email.
• Clear Desk Polices – Clear desk policies are a simple measure that can help to prevent data loss. While the principle is clear, such policies may be difficult to practically implement and monitor. All of the banks interviewed said that they have clear desk polices in place and that desks are usually kept clear of confidential information.
• Disposal of Waste – One area of data leakage that is often overlooked is the disposal of waste. Confidential documents, or files on PCs that are discarded with regular rubbish can easily fall into the wrong hands. All of the banks spoken to stated that they address the requirements for secure destruction in contracts for the disposal of waste.

Conclusion

Due to the very nature of data leakage and the size and complexity of firms within the financial services industry, by no means is it something that can be eradicated overnight, if at all. However, through enhancing email monitoring systems and data encryption policies, alongside sound education and training banks will be well placed to prevent their names from making the headlines for the wrong reasons.

To obtain a free copy of this section in full, please contact us at marketing@lepus.com with your name, job title, firm, phone number and email.