Financial institutions reckon that the close linkages between global markets and businesses means that risk can arise unexpectedly from anywhere. As a result, tracking, measuring and mitigating risk has become a major concern. Additionally, there is an urgent need to meet the ever-changing demands of regulators and of objectively assuring stakeholders of the highest compliance standards towards effective risk management.
However, the world of finance is subject to a complex risk landscape from volatile market conditions, unexpected natural, economic and geo-political events, and from exposure to staff oversight and imprudence. The mechanisms put in place to identify and respond to credit, market and operational risks therefore have a major bearing on profitability, liquidity and solvency. Naturally, directors and stakeholders are insisting on improved methodologies to identify risk triggers (a.k.a. risk events), manage risk and ensure that regulators have access to a single view of risk. This has brought Enterprise Risk Management (ERM) to center stage.
With the increase in the uncertainty around global financial markets, risk managers are turning to data and systems that can identify risks and fiag threats based on Key Risk Indicators (KRIs). It is not surprising that CROs and CFOs today are busy arming their risk function with technology that can monitor and measure KRIs across various business units.
KRIs are invaluable tools in the finance industry to provide early insights into how risks shape up and pan out. The advantage of systematically measuring KRIs is that they also function as lead indicators of emerging trends and help expose critical gaps and vulnerabilities within an organization. This places the organization in a position to take early and appropriate evasive action against reputational and business loss.
A deep focus on KRIs is becoming indispensable. The fiaw lies in measuring KRIs in isolation. For the system to be effective, a host of other parameters related to the financial environment must be measured, co-related and mapped against KRIs.
For example, if one of the KRIs is “Loss of key staff”, then certain factors might infiuence the likelihood of this risk occurring, which might include general staff turnover (acting as a proxy for key staff turnover), undocumented processes, salary gaps identified by annual benchmarking exercises etc. Further, warning thresholds can be established by defining limits of acceptability (tolerance) for each of these indicators.
Identifying the right KRIs is a result of understanding organizational goals and strategic priorities. It therefore should be apparent that KRIs will remain subject to constant change as the organization adapts to newer strategies. A continuous evaluation and refresh of KRIs and their thresholds is therefore beneficial and recommended. Old KRIs may need to be retired as they may have served their purpose or need to be tweaked to meet emerging scenarios with new trigger levels.
Challenges in KRI Management
Multiple factors make managing KRIs a complex task. KRIs may go unidentified due to poor data availability. Data collection may not be automated, leaving the organization vulnerable because reporting is not timely or is prone to inadvertent error as well as willful manipulation. And thresholds for KRIs may not have been adjusted as required by business, leading to poor decision-making.
It is evident that developing and managing KRIs is not a simple task and calls for high quality data to be available to the risk management team. The data must then be translated into standard KRIs and mapped to other risk-related metrics. Eventually, with accurate measurement, this matrix of data must translate into actionable decisions that mitigate risk.
Technology to Manage Risk
Emerging risk technologies holds an answer to the problems associated with KRIs and risk management. It can collate risk data accurately, making the process of creating and managing KRIs robust, seamless and dependable. It can combine and collate data across risk events, occurrences, categories, products, services, processes and geographies to provide a comprehensive and unified view of risk. It can isolate the critical from the non-critical metrics, based on changing regulatory requirements and can embed these insights on to a customized dashboard for actionable intelligence.
In most current operations within the financial industry, metrics are measured diligently. But, as often seen, the impact of breaches is witnessed before action can be initiated. This is because measuring risk is not yet a completely automated “real-time” process which it needs to be. Technology can place remedial action in the hands of decision-makers before risk thresholds are breached.
Among the more interesting outcomes of leveraging technology to manage risk is that it makes available a clear audit trail for regulators to examine.
An Eye on the Future
With regulations – and regulatory penalties growing, technology is going to progressively play a critical role in ERM. Financial services organizations will depend on advanced, highly sophisticated data and analytical tools to ensure that their management is enabled with the latest approaches to risk mitigation.
There can be little doubt about the efficacy and applicability of technology in the area of risk management. How it is implemented and the extent of fiexibility it presents to accommodate future scenarios will differentiate the leaders from the laggards.