From the trunk to the driving seat, but avoiding crashing?
Risk management and compliance have both been part of big investment bank’s and financial firms operations for decades. However regulatory bodies have posed much stricter regulations and requirements on bigger companies in general and financial institutions in special after 2007-2008. Control level and focus increased first after the Enron, WorldCom and Parmelat cases 10-15y ago, then increased again after 2007-2008. Risk management functions in banks or corporations having to handle both liabilities and assets and in general a vast number of derivatives, also complex ones is more demanding than for a pure asset manager. Estimating sufficient capital for future operations is a significant task taking months involving many people in large institutions. For pure asset managers investing other peoples money, it is the investors risk, not directly the company’s risk. Some risk might be mitigated through guarantiy clauses from the management company that for example all costs due to operational errors shall not be covered by the clients, but by the management company.
Fitting the risk management to an appropriate size and level of interference in any company is a key task. Too much is too costly, too little might be even costlier..
Included in what is to be considered in this process should besides only data warehouse items and quantitative calculations also be commercial aspects, what’s popular and not and in what markets, what is on PMs, senior managements, and the Board of Directors’ agenda. Also clients feedbacks should to some extent be taken into account when tailoring how to measure, analyse, manage and present the risk picture.
For example key trends to analyze could for private/retail clients incl. high net worth be
₋ whether they prefer absolute or relative mandates
₋ what would be the right amount of contact with them – is it "less is more" or is "less 'less' ". Less is anyway arguably cheaper.
₋ is your company perceived a stock investor, a bond/fixed income manager, generally a savings bank, or a combination. For example if you're perceived a fixed income manager, your FI funds would typically sell better than your equity funds for an equal risk adjusted performance.
For institutional clients incl. high net worth, key issues could be
₋ separating alpha and beta strategies,
- whether you should offer overlapping mandates
₋ how theoretically thorough or focused your clients are. FLAM (fundamental law of active management) outset seems out after the last financial crisis – correlations help you when you don’t need it … and vice versa! But do always assume your client is clever and professional and treat them thereafter.
₋ Bigger clients more and more tend to use consultants and pick funds from several vendors. They act increasingly professional but past performance still an important driver
In between investment analyst and a compliance officer:
Traditionally an old school mid office worker had low authority and low importance/impact on investment decisions. A business or investment / risk analyst sitting next to portfolio managers supporting on the desk on a daily basis has low authority but a higher impact on investment decisions (at least if she/he is good). A compliance officer on the other hand has low impact on investment decisions however a high authority in the organization since they deal with laws and external regulations which may lead to fines or penalties from regulatory authorities if breached.
A risk manager however was traditionally close to an old school mid/back office analyst, but had gradually moved towards both higher authority and an induced higher impact on investment decisions if his/her role is communicated correctly and the internal risk culture of the company is right.
The below picture shows the principle. In my opinion the risk managers role especially after 2007-2008 is a move towards the upper right quadrant from the lower left quadrant.
You should in general find the right level of risk control, measurement and management – better is more expensive and may not outweigh the cost, size of the organization nor type of your businesses. See picture below.
The CEO is the CRO:
And remember, despite having afforded the costs of the top level above – risk management - a lack of risk culture and over reliance on models and complexities based on assumptions that might brake spins a vulnerable safety net. Small flies are may be caught, but you must make sure the big bugs don’t fly straight through it. You strengthen the net by insisting on a decentralized risk culture where “basically everybody” are risk owners, and the CEO is the CRO. If the former cannot answer what the biggest risks facing her/his company in a short time without having to consult the risk people or others, the person should go. Risk is a top management issue, not a back-, mid-, front- or compliance group issue only.
The information, views, and opinions expressed in this blog are solely those of the author in person and do not reflect the views and opinions of SKAGEN Funds.