SSG on risk appetite and IT

The reports of the Senior Supervisors Group are always worth reading. Here's the latest.

http://www.fsa.gov.uk/pubs/other/ssg_2010.pdf

On March 6, 2008, the Senior Supervisors Group1 (SSG) released its first report, Observations on Risk Management Practices during the Recent Market Turbulence. The report assessed the risk management practices that helped make some firms better able than others to withstand market stresses in the autumn of 2007. On October 21, 2009, the SSG released a follow-up report, Risk Management Lessons from the Global Banking Crisis of 2008 (the “2009 SSG report”), which reviewed in depth the funding and liquidity issues central to the crisis and explored critical risk management practices warranting improvement across the financial services industry. In addition to pinpointing various risk management areas in need of strengthening, the 2009 SSG report raised the concern that recent changes to firms’ risk management practices might not be sustained as memories of the crisis faded and pressures to pursue revenue opportunities increased.

A number of environmental factors have changed since the release of the 2009 report, including considerable progress toward raising global regulatory standards for capital adequacy and liquidity as well as a substantial easing of pressures in broad financial markets since the height of the crisis. Concurrently, however, market uncertainty has grown regarding the strength of sovereign finances and the resiliency of the banking sectors in some countries. These changes to the financial and regulatory environment underscore the importance of remediating the risk management weaknesses identified in the 2009 SSG report. In particular, firms must be able to make forward-looking and well-informed strategic decisions that can shape their ability to remain profitable while also managing risk prudently in the face of material economic, market, and regulatory events.

For help in guiding those strategic decisions, financial institutions will need to make demonstrable improvements in two key areas identified in the 2009 SSG report: 1) articulating a clearly defined risk appetite for the firm, and 2) monitoring risk effectively through reliable access to accurate, comprehensive, and timely quantitative information. The Financial Stability Board echoed this sentiment in a November 2010 report, Intensity and Effectiveness of SIFI Supervision (the “SIE report”), which urged supervisors to ensure that systemically important financial institutions (SIFIs) develop and maintain state-ofthe-art risk appetite and data aggregation capabilities. Specifically, the SIE report emphasized that more stringent criteria be applied to these areas, given the complex and broad array of financial services offered by SIFIs. In any case, all financial institutions will need to devote board and senior management attention, as well as significant financial and human resources, to developing these tools for use in adapting strategies to a changing business landscape.

Since the issuance of its 2009 report, the SSG has continued to meet regularly to discuss emerging supervisory and risk issues and to work collectively on selected risk management weaknesses exposed during the crisis. This report delivers observations about the interdependence between formal risk appetite frameworks and highly developed information technology (IT) infrastructures and considers how elements of those frameworks and infrastructures can be implemented effectively. We view these practices as crucial in providing the risk information that boards of directors and senior management need to make well-informed judgments — not only about risk management but also about their firms’ forward-looking business strategies.